Massive I/O Spikes...
Jul 9, 2009How can I better monitor and trace down I/O spikes? I've noticed the wait hit 60% every now and again... could someone be running a rapidleech script and if so, how can i find it?
View 2 RepliesHow can I better monitor and trace down I/O spikes? I've noticed the wait hit 60% every now and again... could someone be running a rapidleech script and if so, how can i find it?
View 2 RepliesIve had a server for a while now, and had a backup hdd installed recently.
There seems to be CPU spikes happening from time to time up to 35%
Usually it sits on 0.17 - 0.80
But suddenly its been jumping around.
I have no idea where its coming from, as I cant check it in time.
Its a new problem thats just come up, and Im not so sure what it may be, as I havent got any new accounts on it.
I do get bounced emails from mailman for some reason, and mail queue is usually large, but server was generally cleaned up from it being abused.
Everything was running ok until last week.
I haven't really done anything new other then added another forum on the server (Invision).
Basically the problem is the random spikes I get. The main forum that is running on the server haven't really increased in terms of sim connections. Its usually around 180 - 220 during peak times.
On TOP there is usually around 250 tasks. When this thing started happening it would spikes to 500+ tasks which totally kills the server. Its pretty random also. Sometimes it'll go fine for a few hours and then suddenly climbed slowly up and then the server dies. For now its going to crash whenever I let apache run for an hour or so.
The only way I can restore is to restart apache. It has come to the point where I've had to put in restart apache in the cronjob list. Restart it every few minutes since I'm not always here watching over it. This is obviously a shortterm solution to keep the forum up while I troubleshoot this.
Here's a screenshot when it was just about dead
http://img392.imageshack.us/my.php?image=serverwf0.jpg
I checked out the logs and didn't see anything.
I was either told it needed more ram or that it was hacked.
The JRE is the flashchat I'm running and the trans_linux is a bot for the shoutcast.
Since I haven't been doing anything new.. I don't think its the resources of the server thats too little.
The server i have is
Dual Opteron 252
2 gigs of ram
1 146GB 15,000RPM scsi drive
how I can resolve it? Is Apache using more memory then its suppose to?
I am currently moving from my current dedicated servers because they simply cannot handle the load. I have a site which frequently makes it onto radio, digg and other similar sites.
I need a dedicated server that can take a beating from Digg and offline Media. For most of the month the server load is really low, the site hardly uses up anything. However, when it hits those sites, it suffers.
I am OK with using Shell, just basic tars/logs/sqldumping/httpd.conf editing/rebooting etc.. anything beyond that like installing and configuring software I cant really do.
I guess I am looking at a dedicated option (linux based) with a host that'll setup software/modules modules for me when I ask, but doesn't really need to hold my hand all the time.
How are ThePlanet.com's servers? Do they manage the servers?
I admit I know nothing when it comes to servers. Yet I do have a root server and I noticed that there are some days when the traffic spikes up to 20 times the average and when I login via ssh I see many perl processes. I don't know what those are since I don't use any perl scripts on my web site. Is this a potential or maybe an ongoing security issue?
View 2 Replies View RelatedWe've had a VPS for just over a month now. I am not going to mention the host by name (yet) but they advertise here and other people here reported liking them.
Sadly it's not my experience and I regret my purchase.
Every morning for the past few weeks, we get load spikes every 30 minutes that make our site unusable for a minute (on our VPS, any load over 1.0 is sluggish, over 2.0 is virtually unusable, over 3 is unresponsive)
Here's a series of days as an example:
[url]
The worst part about this is the host insists 1. either it's not happening or 2. they can't find it
I know it's happening because when I try to load a page on the half-hour, it takes over 13 seconds (less than 1 second normally). And it's fairly obvious it's someone doing a cron job with some nasty downloading, uploading, or maybe a massive mysql update.
Someone tell me what to tell them because this is driving me out of my mind. The load is NOT being caused by ourselves, I've made sure all our cron jobs don't happen on the exact half hour and we get lots of traffic later in the day without loads.
I have a problem with a customer. For the last 48 hours he has been receiving a massive DDoS at his server. I tried blocking the darn IPs but they keep coming and with several hundreds of connections each:
104 78.157.168.98
125 83.226.157.91
126 89.103.109.65
131 89.12.150.23
135 84.251.196.78
135 86.122.0.135
135 91.127.235.86
154 84.24.14.41
160 193.216.140.101
331 89.151.8.78
419 78.0.103.64
Apache has over 14000 connections. I tried using mod_evasive but didn't do anything and the server has been out without httpd for hours now. Any advices? This is a Hsphere server (I hate it personally) with 4GB RAM and a dual optero 246. I have the mexclients setting at 550.
I want to prepare myself for getting dugg and whatnot, so I want to mirror my site ahead of tiem. The problem is that it's very db-intensive so there's a db that all mirrors would have to query. What's the best way to deal with multiple dedicated servers in order to spread traffic load and not crash my site?
View 3 Replies View RelatedI have a dedicated windows server. I have it protected to the best of my ability (disabling administrative shares, anti-virus, anti-spyware, disabled remoted desktop, firewall, etc.). The purpose for the server is to host game servers. Over the past month, ive noticed massive amounts of bandwidth being used. For example Windows reports the bandwidth usage at a little over 2 GB in 1 day, yet on my control panel which reads the traffic from the switch, it shows that 9 GB have been transferred. I asked the colo what's happening and they said that traffic that is blocked by the firewall is still counted toward my monthly limit. But how can there be 7 GB of blocked traffic, keeping in mind i never had this problem months ago. As a test, last night i disabled all game servers and applications that use bandwidth. In the past day over 9GB has been transferred, despite the fact that i have nothing running that takes more then 50KB of bandwidth.
Aside from these bandwidth issues, everything is running fine, my passwords are still the same, etc. Is there anyway detect security holes, so that i may patch them when i reinstall the OS? I asked my colo for a security audit.
My question is, do you think my server has been compromised?
I've noticed that vBulletin and one of my directories is getting hit hard for the same file by sites in the Netherlands, Russia, Vietnam and China.
The lines typically state the same, trying to hit a file that isn't there, which may be in a forum/ or forums/ directory instead of the root.
'/home/mysite/public_html/forumdisplay.php' not found or unable to stat
'/home/mysite/public_html/newthread.php' not found or unable to stat
What have you guys done for this? I'm assuming an .htaccess edit may be in order. I'm also hoping to track IP addresses so that I can keep adding them easily. I wish it was more simple to do it on the server level using whm since it's usually accessible everywhere.
I've gotten several messages from cpanel like this:
5 login failures attempts to account mysql (system) -- too many attempts from this ip
Can any suggestion a host, and incidently perhaps the best album script, to host as much as 100,000 photos? I'm not sure size yet, but 10-15 gigs is expected. Currently there's 40k photos, but I'm leaving room for expansion.
View 13 Replies View RelatedI have a server , and it look like have a litle problem by sending mails , becase IT IS SENDING A LOT OF MAILS ... this is the stats:
User - Domain - Messages Sent - Total Bytes Sent
nobody - - 3430 - 2407677
Anybody know some tool that could alert me in case some scripts send X mails ?? and say me the file of that script?
I know that nobody are sending a lot of mails , but where is the scripts that produce it?
I am trying to figure out what file system to use for my server. It has 24 hard drives, 2 run the OS in RAID 1, and the other 22 are in RAID 10. When I was installing the OS (Ubuntu 8), I kept on getting problems when I tried to partition and format the second drive (the one with the 22 disks in RAID 10) and it keeps failing on me. I then changed the file system type from ext3 to XFS and it worked fine. I also gave it another try and did not partition/format the second drive and decided to do it manually once the OS was installed. When I did it it told me that the file system was too large for ext3. So my guess is that ext3 has a limit on the size of the file system it is being installed on.
Anyway, so I am wondering, is there any other file system that will get me the best performance, mainly I/O performance, that I can install? I would like to stick with Ubuntu OS. This server will mainly serve large files for download over HTTP.
how to handle the file storage of a youtube clone?
Is it just a matter of getting more servers with a few hdds or are there specialized companies that one can upload files over a distributed file streaming network?
The reason I ask is because I have thousands of gigabytes of videos and it appears to be impossible to upload it on 1 dedicated server or even a few.
to change all passwords for user account on cpanel server. Is it possible to do it automatically by using some cpanel script? Also I need this information stored in one file in order to know new passwords.
View 4 Replies View RelatedGetting massive amounts (thousands) of these lines in exim mainlogs and gz exim rotated logs too
Quote:
2009-04-21 09:20:45 [11305] 1LwGq4-0002wL-I3 <= <> R=1LwGq3-0002vw-Fa U=mailnull P=local S=1639 T="Mail delivery failed: returning message to sender" from <> for root@server.domain.com
Of course, the time is different (several days)
How can trace who / where this is coming from?
Its a cpanel box with suphp enabled, and all the exim tweaks you can imagine (ie, prevent nobody sender, max 50 mails per domain per hour, send callouts disabled, etc)