1. Apache Lossage: File Descriptors on large VH systems...
I submitted this as an Apache bug, but was rejected on it's face. I
_still_ think it's a bug, but I'll let you decide and maybe suggest
something. (Yes, I did read the FD FAQ).
I help admin a virtual-hosted linux machine with about 200 IP
addresses/hostnames. Each virtual host has its own logfiles
(access/error). On starting Apache, each instance of the webserver
creates hundreds of child processes to service requests. Each child opens
each and every access and error log for every virutal host on the machine.
So, If I've got 200 webservers running:
200 child processes x 200 hosts x 2 log files = 80,000 open files
80K open files on a system? This is stupid.
It wouldn't actually by a problem except that I'm running up against open
file descriptor limits all over the system (unable to fork() problems).
Does anyone have any suggestions? Is it really a "feature" of apache that
these logfiles are left open? Is open(2) really that expensive here? Why
don't they just close the descriptors off as they're done with them?
The FAQ suggests:
1. Reduce the number of Listen directives.
That would be fine, except we had to split the workload among two servers
to get around OTHER limititations as suggested elsewhere in the FAQ.
2. Reduce the number of log files.
The customers would SCREAM if we took away their logfiles.
3. Increase the number of file descriptors available to processes.
This seems like the logical solution, but eventually won't the OS run out
of open FD's?
4. Don't Do That. Run with fewer virtual hosts.
Hyeah. Right. Buy a whole new server just because the web serving
software and OS can't handle the load. Microsoft kind of solution...
5. Spread your operation across multiple server processes/ports.
Contradicts #1 above, or if you run people on multiple ports the customer
gets angry. (Who wants to be http://foo.bar.com:81 ?)
Does anyone have a rational explanation of how to pull this off on a Linux
Server? (RH 5.2, with a 2.2 kernel) #3 sounds logical but ultimately a
Clinton A. Pierce "If you rush a Miracle Man, you get rotten
2. ftp question
3. perl-hacker != c hacker.. Perl5a8+ binary wanted
4. ppp - ping OK but no telnet/ftp/netscape - answer.
5. Apache hacked - Hackers put mails via invalid URL
6. CPU use on remote hosts from C?
7. Apache question.. Rejecting hackers more vehemently?
8. Why Does everyone hate on WIndows so much?
9. Possible hacker attempts perhaps to see if Apache will act as Anonymizer?
10. Apache hacker problem
11. VH - Please Help!
12. More Than one Name for a VH entry
13. name-baed VH or Redirect?