Versions
The default with Centos/Redhat is 2.2.x (CentOS like the Red Hat OS it derives from, are geared towards stability and so tend to lag behind what’s cutting edge)
2.4 is available and offers improved performance
2.4 moves away from Prefork MPM and moves to “event” mpm which uses a lot less memory
new features are listed here http://httpd.apache.org/docs/2.4/new_features_2_4.html
If you want to upgrade source compiling seems the mist popular way although here is a link to do it via yum
http://developerblog.redhat.com/2013/10/24/apache-httpd-2-4-on-red-hat-enterprise-linux-6/
Terminology and how it all fits together
An apache thread is essentially another term for an apache child process and can be used interchangeably.
Apache has a root process, and then for each client (i.e. whenever any separate user goes to your website) it creates a “child” process.
Each of these processes will use a certain amount of memory (which is dictated by your application). This memory usage is not static, so can vary between each process. It can also vary depending on what the application is serving to each client.
Apache doesn’t allow multiple versions of PHP using mod_php, so you need to compile it using fastcgi support. This will allow us to configure multiple sites, each one with a different version of PHP
If you are using Name Based Virtual Hosting for SSL, if a domain is unconfigured for the ip:port it will be sent to a default virtual host.
Apache defaults the first virtual host it sees for an ip:port combination to be the default. This can be confirmed with the command httpd -S
Commands
httpd –S # show the virtuahost settings (taken from the config file)
httpd –M # list of loaded Static and Shared Modules.
httpd –l # Output a list of modules compiled into the server. This will not
list dynamically loaded modules
httpd –X # run in debug mode
httpd -k start -c “DocumentRoot /var/www/html_debug/” Start up Apache using an alternative DocumentRoot.
This is useful if you’re trying out alternative versions of your web site, as it avoids editing the DocumentRoot option.
You can also use -c to set any other directive. Note that -c processes the directive after reading the config files (so it will overwrite config file settings),
whereas -C will process the directive before the config files.
httpd -k start -e debug# While you are debugging an issue, you can change the LogLevel of the Apache temporarily, without modifying the LogLevel directive in the httpd.conf as shown below using option -e.
the LogLevel is set to debug.Possible values you can pass to option -e are: debug, info, notice, warn, error, crit, alert, emerg
Config
The main apache config is /etc/httpd/conf/httpd.conf
A lot lot of the parameters in that file can be tweaked to improve performance.
Some of the more useful settings (with typically assigned values):
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 50
The StartServers, MinSpareServers, MaxSpareServers, and MaxClients regulate how the parent process creates children to serve requests.
In general, Apache is very self-regulating, so most sites do not need to adjust these directives from their default values.
MaxSpareServers and MinSpareServers determine how many child processes to keep while waiting for requests. If the MinSpareServers is too low and a bunch of requests come in, then Apache will have to spawn additional child processes to serve the requests. Creating child processes is relatively expensive. If the server is busy creating child processes, it won’t be able to serve the client requests immediately. MaxSpareServers shouldn’t be set too high, it can cause resource problems since the child processes consume resources.
Tune MinSpareServers and MaxSpareServers such that Apache need not frequently spwan more than 4 child processes per second (Apache can spwan a maximum of 32 child processes per second). When more than 4 children are spawned per second, a message will be logged in the ErrorLog.
The StartServers directive sets the number of child server processes created on startup. Apache will continue creating child process until the MinSpareServers setting is reached. Doesn’t have much effect on performance if the server isn’t restarted frequently. If there are lot of requests and Apache is restarted frequently, set this to a relatively high value.
http://rudd-o.com/linux-and-free-software/tuning-an-apache-server-in-5-minutes has some good hints
To know which fork (prefork MPM or worker MPM to alter) normally its prefork mpm
run httpd -l and you can see what appache was compiled with
Compiled in modules:
core.c
prefork.c
http_core.c
mod_so.c
a good page on performance tuning http://fuseinteractive.ca/blog/drupal-performance-tuning-0
appache full status is a great help in troubleshooting, the following pages cover basic setup and troubleshooting when it doesn’t work if you have multiple vhosts it can get a bit messy –
http://articles.slicehost.com/2010/3/26/enabling-and-using-apache-s-mod_status-on-centos
http://www.mydigitallife.info/request-url-server-status-or-404-page-not-found-apache-error/
RedirectMatch 301 ^/bbc.co.uk http://www.bbc.co.uk # the following can be added to .htaccess or httpd.conf
Useful Modules
Modules allow you to add features to the default service, here are some of the more useful:
https://httpd.apache.org/docs/trunk/mod/mod_log_forensic.html example of how to use at http://northernmost.org/blog/mod_log_forensic-howto/
mod_limitipconn.c can be used to limit the amount of download from an IP
mod_log_forensic This module provides for forensic logging of client requests. Logging is done before and after processing a request, so the forensic log contains two log lines for each request.
Useful bits of code
ps aux | grep [h]ttpd | awk ‘{sum+=$6} END {print “httpd mem:”,sum /1024}’ – shows amount of memory being taken up by apache
apachectl fullstatus|grep -Eo ‘[1-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}’|grep -v “127.0.0.1?|sort -n|uniq -c|sort -nr|head -1 – shows who is connected at present by most connections
grep -c ’13/Jan/2014:14? /etc/httpd/logs/* | sort -t’:’ -nk 2 | grep -v :0 – good to see which logs files where populated at a certain hour
grep -c “Invalid URI in request” /etc/httpd/logs/* – check all logs for text displays number of instances each was found
awk ‘{print $4}’ access_log | cut -d: -f1 | uniq -c -shows number of requests per day
grep “13/Jan” access_log | cut -d[ -f2 | cut -d] -f1 | awk -F: ‘{print $2?:00?}’ | sort -n | uniq -c – shows number of connections per hour
grep “13/Jan/2014:19? access_log | cut -d[ -f2 | cut -d] -f1 | awk -F: ‘{print $2?:”$3}’ | sort -nk1 -nk2 | uniq -c | awk ‘{ if ($1 > 10) print $0}’ – number of requests per minute
cat error_log | grep “Jan 16? | grep “01:[0-9][0-9]:”|awk ‘{print $4}’ | awk -F: ‘{print $1 “:” $2}’ | uniq -c -show number of events at 15:xx on the 14 Jan
cut -d\” -f 2 /etc/httpd/logs/access_log | sort | uniq -c | sort -rnk 1 | head -n 30 -shows most popular pages
cat access.log |grep wp-login # check what wp-login pages have been called
cat ./access_list grep bot > bot_report.txt # output any mentions of the word bot
grep -e “01/Jun/2014? -e “31/May/2014? access_log* | awk ‘{print $1}’ | cut -d\? -f1 | sort | uniq -ic | sort -rn | head -25 check the access logs for connections via IP on the dates specified , order via number of connections
Scripts
to log when appache hits a high number of users
#!/bin/bash
log_path=/root/scripts/number_of_appache_users.log
if [ $number -gt 150 ]
then
date >> $log_path
echo “number of indivdual connections” >> $log_path
/usr/sbin/apachectl fullstatus | awk ‘{print $11}’ | grep -v “::1? | grep -v ^$ | sort | uniq -c | sort -n | tail >> $log_path
echo “pages being view” >> $log_path
/usr/sbin/apachectl fullstatus | awk ‘{print $11,$12,$13,$14}’ | grep -v “::1? | grep -v ^$ | sort | uniq -c |sort -n >> $log_path
fi
Apache Bench
To load test your system use appache bench, check the performance (memory and load) and then retest.
Apache Bench (ab) is installed by default
(n= number of requests c=councurent connections i.e current clients)
example:
ab – apache bench ab –n 100 –c 10 url (100 requests, and concurrency 10)
Recent Comments