Feb 26, 2012

Mounting file systems via Samba (CIFS) or NFS through automount (autofs) (I)

Mounting a filesystem via Samba or NFS has the main problem that you are increasing the traffic in your network, since when the data are updated on the export server, they must also be brushed up on the clients.

Furthermore, you have to take into account another additional problem when you mount a remote directory through Samba. If the connection between the server and the client is cut off (this one is restarted, any kind of network problem turns up, etc.), Samba does not automatically reconnect it and the mount point will remain in an unstable state, with which any sort of existing synchronization would be lost.

In this way, it is very important to always mount remote directories by using automount.

Automount automatically mounts a filesystem when you use it, and unmounts it later when you are not working on it, based on a timeout. When the timeout (600 seconds by default) is used up, the filesystem is automatically dismounted. Thus, you can achieve a decrease in network traffic (there may be long periods of time that you are not accessing the filesystem) and avoid lack of synchronization. Also point out that automount is managed by the autofs daemon.

Then let's put forward our work infrastructure. It will be made up for three Linux servers (all of them running CentOS 6.2). The main server, centos01, will mount a filesystem from centos02 via NFS, and another one from centos03 via Samba.

First of all, we have to install autofs and create a directory which will be used to mount the file systems. Afterwards, we have to edit the auto.master file in order to define the mount point handled by autofs.

[root@centos01 ~]# yum install autofs

[root@centos01 ~]# mkdir /mnt/tmp

[root@centos01 ~]# cat /etc/auto.master
...
/mnt/tmp    /etc/auto.centos    -g,--timeout=300

The above line means that all available mount points for the tmp directory will be set inside the auto.centos file. With "-g" option, autofs shows the content of the directory without mounting it, that is to say, if you run for example "ls /mnt/tmp", you will see those directories which will be able to be mounted through automount. Otherwise, no directory will be output.

This last option is really useful if you want to serve a filesystem by means of Apache and import it via automount, since Apache will be able to list the content of the directory without previously mounting it.


Feb 19, 2012

Apache performance tuning: directives (II)

Let's carry on with the second part of the article Apache performance tuning: directives (I).

If you take a look at the previous output, you may identify that the first process is the parent and the other ones, its children. The most important column is RSS (Resident Set Size), whereby you can see that the size of memory taken up by a child process is around 2 MB. Thus, you might work out the maximum number of Apache processes which can be simultaneously running on your system:

MaxClients = 338 MB / 2 MB = 169

This value is relative and never should be taken into account exactly. You have to consider that at any given time, other applications running on the system (mail, FTP, database, etc.) can ask for free memory. So in the preceding case, it would be reasonable to grab 200 MB instead of 338 MB. Furthermore, you must think that is not the same task to serve dynamic than static content.

If all processes are busy, Apache launches a series of spare processes (MinSpareServers). If a given time many processes are idle, these are removed with the aim of not exceeding a maximum number of spare processes (MaxSpareServers). In general, it must be satisfied that MinSpareServers ≤ StartServer ≤ MaxSpareServers, and MaxSpareServers should be 50% higher than MinSpareServers.

When a process has handled too many requests (MaxRequestsPerChild), this is deleted and another one is created again. An optimum value for MaxRequestsPerChild is 4000, although it is appropriate to fit it based on the data served.

What happens if a connection does not respond or keeps inactive indefinitely? A connection is another resource for the system and as such, must be freed up in case of not being used. The default timeout is usually very high (300 seconds). In order to enhance the server performance is useful to turn down this value to 20 (nowadays, the speed of the networks is huge, and it does not make sense to set such a high Timeout).

Lastly, we are going to treat an important issue for a web server: the persistence. When a web page is loaded, it is normal that the web browser establishes an only TCP connection and downloads all web elements, by carrying out multiple requests over the same connection.

So as to manage this feature, Apache provides three different parameters in its configuration file.

  • KeepAlive: enables (On) or disables (Off) persistent connections.

  • MaxKeepAliveRequests: maximum number of requests allowed on a persistent connection.

  • KeepAliveTimeout: amount of time the server will keep an inactive persistent connection before closing it.

It is recommended to use a very high value for the KeepAliveTimeout parameter (2 or 3 seconds). In respect of MaxKeepAliveRequests, will depend on the amount of content that web pages have on average, but it should not usually exceed 1000.


Feb 13, 2012

Apache performance tuning: directives (I)

In this article about Apache performance tuning, I am going to deal with some Apache directives. Remember that in the previous articles (I and II), I focused on the Apache modules, and we learnt on the one hand, that we can reduce the memory used by each process by removing those modules which are not necessary, and in this way, they will be lighter. And on the other, if we take those unused modules out, we will have less software exposed to possible attacks.

One of the most important tasks when we are setting Apache up is to fit its directives, which allow to control the overall running of the web server. These directives always depend on the available hardware, as well as the type of content that you want to serve. They are located inside the httpd.conf file; bellow, I will show you the most meaningful directives.

  • StartServers: number of child server processes created on startup. This value is related to the initial HTTP load of the machine, whether there are another configured services, and so on. For example, if the computer only works as a web server, there is no problem to start with 50 processes, but if there are other running services such as FTP, mail, database, etc., and in addition, it runs low on computational resources, we should start with a small number of active processes, and afterwards, on real time, Apache itself would have to launch the needed ones.

  • MaxClients: maximum number of simultaneous processes that can be running at the same time.

  • ServerLimit: maximum number of processes for the MaxClients parameter.

  • MinSpareServers: minimum number of idle child server processes.

  • MaxSpareServers: maximum number of idle child server processes.

  • MaxRequestsPerChild: maximum number of requests that an individual child server will handle during its life.

  • Timeout: amount of time the server will keep an inactive connection before closing it.

When Apache is started, several processes are created (StartServers) in order to listen for potential connections. When a request reaches the server, this is attended by a child process, and then, the process switches to idle state, waiting for new connections. If at a given time the number of requests is greater than the number of available processes (MaxClients), these requests are queued. Must be satisfied that MaxClients ≤ ServerLimit.

We can work out the maximum number of httpd processes that our system can run based on the available memory. You have to divide the free memory of the server by the amount of memory taken by an unique Apache process.

So as to calculate the free memory of the system, you can use the following command.

[root@centos ~]# cat /proc/meminfo | grep MemFree
MemFree:          346492 kB

And in order to find out the amount of memory grabbed by an Apache process, you may run the next order.

[root@centos ~]# ps -ylC httpd
S   UID   PID  PPID  C PRI  NI   RSS    SZ WCHAN  TTY          TIME CMD
S     0  1870     1  0  80   0  3404  2792 -      ?        00:00:00 httpd
S    48  1873  1870  0  80   0  2072  2792 -      ?        00:00:00 httpd
S    48  1874  1870  0  80   0  2072  2792 -      ?        00:00:00 httpd
S    48  1875  1870  0  80   0  2072  2792 -      ?        00:00:00 httpd