The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can someone answer this for me please?

Discussion in 'CloudLinux' started by nibb, Feb 1, 2012.

  1. nibb

    nibb Well-Known Member

    Joined:
    Mar 22, 2008
    Messages:
    301
    Likes Received:
    1
    Trophy Points:
    18
    Ok, I know CloudLinux for years, even before cPanel even supported it.

    Back then it was not very solid, one of the reason I did not liked it, was because the load averages where screwed up and some specific softwares where having problems with it.

    Now times has passed and more and more companies are using it, cPanel supports it now, even when I still see it can even affect some cPanel processes which is kind of ironic but here comes my question.

    Reading a bit about CloudLinux is seems you need to recompile Apache. How does CL identify processes from users? As far as I know they are not under user account under some specific Apache compilation unless you go with suPHP.

    Also, my biggest concern is. If I get it right, Cloud Linux does this LVE only on web server processes?

    How about email, mysql, etc? Does it work for all processes from a single account or just web processes? I mean, if it only handles the isolation for web processes then its useless as far as I can see, because some users cause heavy load with email, other with databases, and others with cron scripts.

    If the answer, is yes, it will work for all processes for a specific account, how will identify them?

    There is also one thing that I consider a complete killer to not use CloudLinux. Correct me if im correct. It will slow some users websites, is this true? Why not show an error directly when he consumes his resources?

    This is something not acceptable in my case. I cannot possible have clients complaining the hosting sucks because their website is slow. I don´t see how this can be any good. Customers would never know its done by Cloud Linux on purpose and this would give the company and even cPanel a bad rep in the future like "I look hosting without cPanel that slows websites down".

    An error is ok, but dropping performance on websites is not. Someone that hires a hosting does it because he wants speed, otherwise he can just host at home.
     
    #1 nibb, Feb 1, 2012
    Last edited: Feb 1, 2012
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    For email services, CloudLinux does not detect or restrict those currently for users. It does for cron jobs and for Apache processes run as the user.

    For MySQL, it did not used to have detection for MySQL until MySQL Governor was introduced into CloudLinux as a beta addon. This is documented at the following location:

    MySQL Governor v0.6
     
  3. nibb

    nibb Well-Known Member

    Joined:
    Mar 22, 2008
    Messages:
    301
    Likes Received:
    1
    Trophy Points:
    18
    Thanks, that confirmed what I was afraid off. To good to be true. It doesnt actually limit an account process, just the web process or apache ones, the rest still works like it does know and based on this, email, databases can be abused without any effect on Cloud Linux what so ever.
     
  4. chrismfz

    chrismfz Well-Known Member

    Joined:
    Jul 4, 2007
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Greece
    cPanel Access Level:
    DataCenter Provider
    Define what do you mean abuse.

    Governor (MySQL Governor Configuration) checks
    a variety of rules / limits.

    Using imap/pop3 for downloading/sending email also runs as a user. Hard to abuse that, anyway.

    And there is lve_wrapper for whatever else you want to execute using lve limits.
     
  5. electric

    electric Well-Known Member

    Joined:
    Nov 5, 2001
    Messages:
    697
    Likes Received:
    1
    Trophy Points:
    18
    We've been using cloud linux on a few of our busiest servers for the last few weeks.. just as a test.

    I have to say the software is nothing less then amazing.

    Yes, it can be incorrectly used and certainly can be misunderstood.

    Cloud Linux is NOT a vps system. It is not designed to lock the users into their own "virtual server" with set limits of resources.

    That is a VPS.

    Cloud Linux is not a vps.

    Like any software tool for server administration, cloud linux can be installed incorrectly and used incorrectly.

    Basically, it is a simple tool that allows admin to "react" very much quicker for any web process that is started by a user, which tries to use too much resources.

    So for example, this is a very common problem on most shared hosting servers:

    1. Customer's webpage has large script which uses too much memory, or cpu. Or customer's website is very popular and has lots and lots of visitors.

    2. Because of #1 above, the cpu or memory or number of apache processes on the server because very high. (server load goes high)

    3. Admin logs in to try and determine why load is going very high and everything is slowing down. Email starts to stop, all websites on the server start stopping.. load goes higher and higher as the "cascade effect" goes on..

    4. Eventually, admin will hopefully find the culprit website and kill the processes or suspend the account, etc.

    5. Load goes back down and all resumes normal.

    6. Repeat.

    So this is a very common and normal situation, right? Now... here is where cloud linux really is very good.

    It totally automates this process. No server admin required, and it is instant.

    In other words.. you never get to step #2 above. This is because every user on the server is limited to a specific amount of cpu and memory and "entry processes". So if their website suddenly becomes super popular with a lot of visitors... they will get a "resource limit exceeded" error on their website and cpanel will show the stats to the user saying that they exceeded the number of processes.

    No other websits or email or anything else on the server will be effected, because the "bad" website is limited automatically and instantly before the server load even has a chance to go too high.

    Same thing occurs if the customer's website has a script that uses too much resources. The user is automatically limited to whatever cpu you allow them. All other websites are not effected.

    So in this way, cloud linux is very good and does it's job very well. It is designed to monitor and limit user processes only that are running as the actual user.

    Yes, it is not perfect. As the previous reply stated, there is a mysql limitation system, too... but still in beta.

    However, in my experience... 90% of "problems" with a server getting high load is due to php script or too much traffic, etc. And cloud linux works great for this kind of thing.

    I hope that makes sense?

    Cloud linux is not the "absolute answer" to every server administration problem. It is not possible to use it to monitor exim/email or ftp, etc.. That is not currently what it is designed to do. So you should not expect it to do so.

    It does work very well for what it is designed to do.

    I hope that helps? We use it on some of our shared servers that had very high load spike problems, and we have seen it is amazing. It "limits" the user's websites just like it advertises. We have no more load spikes caused by the occasional crazy customer website who tries to take over the server with too much load.

    All other customer's on the server love it, because they have noticed their own websites now load consistantly and reliably again.

    :)
     
  6. nibb

    nibb Well-Known Member

    Joined:
    Mar 22, 2008
    Messages:
    301
    Likes Received:
    1
    Trophy Points:
    18
    Nobody is discussing here if Cloud Linux is a VPS. Im quite sure most people know what virtualization is and we know Cloud Linux isn't.

    So thats not the point of discussion here.

    My question was if Cloud Linux works with cPanel process regardless of what the user is executing of its its just for Apache process the user executes.

    cPanelTristan confirmed this and it makes sense. This is why Cloud Linux works with Plesk and other control panels because it does nothing with cPanel process or user account process. It does it with Apache and what chrismfz said is incorrect based on this reply.

    It will not isolate or work with email process as far as I understand because its only designed for web process. Any other user process the cPanel account is running, cron, email, ftp, databases, etc, will NOT be used by the LVE.

    I think you people have a very bad understanding of how Cloud Linux works or someone is not explaining the whole truth about how it works because its not the first time I read some saying "It will restrict the process of the cPanel user account" or "It will limit the user process of user account"

    All of that as far as I was reading ITS NOT TRUE. It does this only working and talking to Apache, not to the full process that a cPanel user account is running. So NO, it doesn't actually do anything to limit the cPanel account, just the WEB process or executed via Apache.

    If someone can deny or confirm this, be my guest. But as far as I know people are talking to generally when they say "Processes" in plural, It only does this for apache, so its only "Process". For 1 single service which is Apache.

    It doesn't limit or do anything else to any other process the user account would be running as far as I understand and have read the technical documentation.
     
  7. electric

    electric Well-Known Member

    Joined:
    Nov 5, 2001
    Messages:
    697
    Likes Received:
    1
    Trophy Points:
    18
  8. nibb

    nibb Well-Known Member

    Joined:
    Mar 22, 2008
    Messages:
    301
    Likes Received:
    1
    Trophy Points:
    18
    Actually I did but that is not clear either so thats why I asked here again.

    On some of this links it says it will catch any process running inside the LVE but it doesn't actually describe which.
    LVE Wrappers

    "LVE wrappers are the set of tools that allow system administrator to run various users, programs & daemons within Lightweight Virtual Environment. This allows system administrator to have control over system resources such program can have."

    Does this mean you can run all or most cPanel user process under it? Yes, no? Any examples?

    So far I know it will catch PHP cron jobs, but probably not other cron jobs like .sh scripts or perl.
    It will also catch apache process.

    And from one of the links you send it will also catch SSH sessions with the PAM module. And with the new mysql patch in beta it will catch MYSQL but I don´t think it does this with LVE but ratter a mysql patch. I may be wrong. So it all this are extra modules why do you indeed then still need the kernel modification? Cant this mods run without it?

    Sadly that is not enough if you ask me.

    A hosting account is not just PHP files. 90% of the abuse comes from the web server, granted, but actually I think the worst one comes from databases. Abuse from web server is easy to catch with Apache viewer which also come in WHM and there are just many ways to do it. But the abuse from hidden things is the one that are hard to catch and limit and this are the ones that LVE will not catch either. Like some users hitting the email servers to hard a specific hours.

    Of some database that is giving problems.

    If the LVE could catch any process then it truly would be just brilliant.

    This means PERL or CGI process.
    Emails process.
    Cron jobs. Not just Apache or PHP cron jobs
    Databases, PosgreSQL and MySQL, Tomcat is a plus but I understand nobody uses it as it consumes to much RAM but at least MySQL and Postgres.
    FTP process

    Well anything that can and will cause a process in the user account.

    It seems the LVE is made primary for apache.

    Im also waiting until they found out a way NOT to slow down process but kill them. I cannot accept making websites slow. That is just terrible. I really prefer a hard limit and the customer getting a straight error then blaming the service sucks because their website loads slow.

    Thats not acceptable if you have SLA agreements and it gives a terrible impression on your service, because thats what clients see and get, they don´t know you are running Cloud Linux and honestly they dont care either.

    I also see cPanel Cloud Linux are more expensive then getting them directly from them, so not much sense there either if you ask me.
     
  9. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Hello nibb,

    Please re-read my previous reply. I stated what does and does not work with in it:

    Crons and MySQL (via MySQL Governor addon) are controlled by it. Email is not nor are FTP processes (you hadn't previously asked about FTP processes, but if I didn't mention some type of process being covered by it, that process isn't covered by it).

    If that is unclear, please let me know.

    Thanks!
     
  10. electric

    electric Well-Known Member

    Joined:
    Nov 5, 2001
    Messages:
    697
    Likes Received:
    1
    Trophy Points:
    18
    Nobody is going to disagree with you. However, no amount of wishful thinking is going to suddenly make cloud linux or cpanel or anything else do what we all wish it could do.

    As I've mentioned before, cloud linux does a certain job and (I think) it does that specific job very well.

    At the moment, cloud linux is not designed to limit *everything* on the server. It is, however, a very useful tool to limit apache, php, cron, etc.. that runs as the user. In most situations (we have found) it is "good enough" to really help reduce the number of and size of the periodic load spikes resulting from the occasional "crazy" website/script of a customer.

    In other words, if a customer's website goes crazy with poorly written script or too much traffic and causes load to go high.. then cloud linux will prevent that. This means cloud linux will stop about 90% of the times when we have issues of high load on our servers.

    To me, that is very very good. Is it "enough"?

    No, of course not. 100% would be enough.

    But it is certainly a major help and benefit. And that's all I'm trying to say. I agree that the shared hosting world needs a tool or system or whatever that can limit EVERYTHING on a server... but at this point that is not what cloud linux does, nor is it what cloud linux claims it can do.

    Again, I advice you if you have specific questions about what cloud linux can and can't do.. then post on the cloud linux forums instead of here. Go straight to the source and you'll find faster and more thorough answers. :)

    -----------

    Note: as a practical example.. yesterday we had some very high load on one of our shared servers. Upon investigation we discovered there were four websites that were using most of the cpu to process their websites. One of them had a huge .htaccess directive, one site had some bad php programming (call of system() function to loop through a folder of thousands of videos and process them all with ffmpeg), and the other two sites just had tons of traffic for some reason.

    We had many other customers on the server contacting us to complain their websites were no longer working or loading very slowly, etc.

    So far this is a normal problem for any busy shared hosting server.

    So... the "traditional" method to fix this problem would be to suspend the bad websites, or move them off to a different (less busy or more powerful) server, right?

    However, we had already installed cloud linux on this server a few days before.. so we were able to fairly easily configure it to fix the problem. We reduced the limits for only those four websites, so they became much more limited and could use a maximum amount of cpu.

    Almost immediately, the server load fell back down to normal levels, and all other customers on the server were happy again.

    Those four websites are now limited automatically and instantly if (when?) the problems with their websites occur again.. and it will not effect the entire server. We advised those four customers that they can log into their cpanel and view the resource usage of their websites, and we offered our services to help them address and fix the issues with their websites.

    So in my opinion, using cloud linux has really helped a lot for this situation.

    If the problem had been FTP or tons of email or massive mysql queries, would cloud linux have helped? No. However, in my experience, those types of issues occur much less frequently then the typicaly situation I described above.

    So as I said, cloud linux is not the solution to *everything*. However, it is a good tool for the average shared hosting server, and it can help prevent problems for the big majority of everyday shared hosting problems.

    So ya... there is definately room and desire in the industry for a tool that *does* monitor and limit everything. It would be great if cloud linux could do that. We need it. I'm sure they're working on it. But for now, what they have is extremely helpful and I definately think it's worth using.
     
  11. nibb

    nibb Well-Known Member

    Joined:
    Mar 22, 2008
    Messages:
    301
    Likes Received:
    1
    Trophy Points:
    18
    Well I agree, and lets hope it can limit or put more stuff under their LVE radar. When they do it will be an option for me as well. Currently its not, as it costs extra and I hardly see any benefit for it today. I say this now, and maybe I install it and use tomorrow. But our services are highly professional hostings, so we dont get the usual kid abusers that unlimited hosting get, where they install 10 wordpress and try to be the next Google. Usually the NOC monitoring will hit be alarmed in 1 minute if a load is going of average and the account can be suspended in 5 minutes after checking the problem.

    This happens, but rarely, and when it does it happens every several months per server, as they are all monitored all the time, even when new account are added, and when this happens its usually a hacked website or some temporary DOS attack. Would Cloud Linux be a benefit in my case?

    Probably not. Because servers are not oversold. Customers have fixed resources, they know what they can use. Servers are monitored in almost every possible aspect with sensors ranging and pulling data every 30 seconds. Anything, even the slightest changes is monitored.

    Now, Cloud Linux would only avoid maybe a very, very extreme server crash where one customers is getting traffic or abusing a script so fast that you cannot even log in to the SSH console and suspend an account and since the servers are usually very hi end servers, I actually never saw anything bringing a server that fast. I even saw r1soft agents causing huge slow increases in load to get over 500 load and even so a server was not crashing yet, of course nothing could be done anymore. Probably apache would crash first before crashing the server.

    And adding the LVE would cause new problems, like Load measures and all sensors would be off. Possible new config or procedures required for stuff that require kernel compatibility like backup agents. Not to mention new possible problems that the LVE can cause with normal requires process that cause hi load, like cPanel transfer accounts and usually cPanel default process. Still even with all this I would probably use Cloud Linux if it allows us to share fixed CPU and RAM plans. But it should do a bit more then just Apache and Cron. I dont say it has to do everything, but for the money, (I dont talk about the Cloud Linux license, but the cost and time of implementing) it should do a bit more then just Apache in my case.

    But personally I see 2 problems. the LVE does not actually limit RAM correctly and I read this on the Cloud Linux website. They are working on it and its complicated but for memory it can actually do more harm then good. So now we are talking only about limiting CPU, and possible process, but memory is more complicated and we are talking about the usual Apache abusers, as it cannot detect or work with other internal stuff.

    Still, I think its getting better every year. Its an option. And yes I did tried Cloud Linux some years ago and its messy, it started to cause direct OS errors even on boot and I had to disable it and for my surprise it did not do a clean install either, it leaves traces of configs. That is something I really did not appreciated it as it makes it very easy to install but not to leave it as you never had it in the first place.

    I always think as a customer. And even if nots bringing to much for me as an admin or company. I think the idea of customers being able to watch their resources usage, is very nice. And the option to limit resources per account is even nicer. So its the selling point that attracts me, not the stability and isolation it does, as I dont have this problems or account abusers and I don't run the servers on auto pilot either. Thats something you cannot do regardless of how well Cloud Linux can work in the future, you just need to have someone watching machines always. Making websites slower is a really no go in my case. I will just wait a few months and see what they come up with that part, as slowing down process instead of killing them is not something I prefer. I don't want anything that makes a service slower, as I always try to make them faster.
     

Share This Page