Hey all,
I have 3 web servers hosted at Digital Ocean that all have the same amount of memory at 512MB. They're all running CentOS 7.
They are low powered apache servers and don't really need more than that. All they're doing is serving the web, no database on those hosts at all.
On the first two hosts I seem to have no trouble running SELinux related commands. It's only on the 3rd web server where I seem to have any trouble at all running the SELinux commands I want to keep the box secure.
On box #3 all SElinux commands end up the same way. For example:
[root@ops3:~] #semodule -i newrelic.pp Killed
And that happened when I had about 280MB free:
[root@ops3:~] #free -m total used free shared buff/cache available Mem: 490 96 286 28 107 285 Swap: 0 0 0
Typically what I'll do is stop all the main services on this machine to free up some memory to run the command I want. But to no avail! The commands die with the same errors every time. Whereas on the other two hosts I can run the same commands with only as little as 30 or 40MB free!
So would this be some inherent flaw with this box? That the only way to get around it is to scrap it and build a replacement?
Not that hard to do. But before I took that measure I was wondering if there was any hocus-pocus I could try that I might not be aware of that could alleviate this scenario.
Thanks, Tim
How about adding some swap into system?
-- Eero
2015-10-15 4:40 GMT+03:00 Tim Dunphy bluethundr@gmail.com:
Hey all,
I have 3 web servers hosted at Digital Ocean that all have the same amount of memory at 512MB. They're all running CentOS 7.
They are low powered apache servers and don't really need more than that. All they're doing is serving the web, no database on those hosts at all.
On the first two hosts I seem to have no trouble running SELinux related commands. It's only on the 3rd web server where I seem to have any trouble at all running the SELinux commands I want to keep the box secure.
On box #3 all SElinux commands end up the same way. For example:
[root@ops3:~] #semodule -i newrelic.pp Killed
And that happened when I had about 280MB free:
[root@ops3:~] #free -m total used free shared buff/cache available Mem: 490 96 286 28 107 285 Swap: 0 0 0
Typically what I'll do is stop all the main services on this machine to free up some memory to run the command I want. But to no avail! The commands die with the same errors every time. Whereas on the other two hosts I can run the same commands with only as little as 30 or 40MB free!
So would this be some inherent flaw with this box? That the only way to get around it is to scrap it and build a replacement?
Not that hard to do. But before I took that measure I was wondering if there was any hocus-pocus I could try that I might not be aware of that could alleviate this scenario.
Thanks, Tim
-- GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
How about adding some swap into system?
Not a bad idea, Eero! That worked.
[root@ops3:~] #cat /proc/swaps Filename Type Size Used Priority /swapfile file 1048572 712 -1
[root@ops3:~] #semodule -i newrelic.pp [root@ops3:~] #
Thanks! Tim
On Thu, Oct 15, 2015 at 12:19 AM, Eero Volotinen eero.volotinen@iki.fi wrote:
How about adding some swap into system?
-- Eero
2015-10-15 4:40 GMT+03:00 Tim Dunphy bluethundr@gmail.com:
Hey all,
I have 3 web servers hosted at Digital Ocean that all have the same
amount
of memory at 512MB. They're all running CentOS 7.
They are low powered apache servers and don't really need more than that. All they're doing is serving the web, no database on those hosts at all.
On the first two hosts I seem to have no trouble running SELinux related commands. It's only on the 3rd web server where I seem to have any
trouble
at all running the SELinux commands I want to keep the box secure.
On box #3 all SElinux commands end up the same way. For example:
[root@ops3:~] #semodule -i newrelic.pp Killed
And that happened when I had about 280MB free:
[root@ops3:~] #free -m total used free shared buff/cache available Mem: 490 96 286 28 107 285 Swap: 0 0 0
Typically what I'll do is stop all the main services on this machine to free up some memory to run the command I want. But to no avail! The commands die with the same errors every time. Whereas on the other two hosts I can run the same commands with only as little as 30 or 40MB free!
So would this be some inherent flaw with this box? That the only way to
get
around it is to scrap it and build a replacement?
Not that hard to do. But before I took that measure I was wondering if there was any hocus-pocus I could try that I might not be aware of that could alleviate this scenario.
Thanks, Tim
-- GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
On Thu, Oct 15, 2015 at 12:30:22AM -0400, Tim Dunphy wrote:
How about adding some swap into system?
Not a bad idea, Eero! That worked.
You might want to consider permanent swap, particularly for such low-memory systems. For a simple web server, you'd probably benefit from having the rest of the OS swapped out and dedicate more memory to the httpds and disk caches. If you're concerned about your web server processes using swap, you can adjust the vm.swappiness parameter for the httpd systemd unit's cgroup setting.
-
Eero Volotinen -
Jonathan Billings -
Tim Dunphy