The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

new server, high load but no traffic, no sites, completly emtpy server

Discussion in 'General Discussion' started by apogee, Aug 10, 2009.

  1. apogee

    apogee Well-Known Member

    Joined:
    Nov 8, 2004
    Messages:
    107
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Europe
    cPanel Access Level:
    DataCenter Provider
    hello,

    i've got a new server installed 4 days ago, curently i'm testing the server. i've since 3 days a "high" load on this server but ther is nothing on it, no accounts, no traffic, just a fresh centos/cpanel setup.

    let me show:
    PHP:
    top 13:19:59 up 4 days17:39,  1 user,  load average1.040.980.73
    Tasks
    :  94 total,   1 running,  93 sleeping,   0 stopped,   0 zombie
    Cpu
    (s):  0.0us,  0.0sy,  0.0ni100.0id,  0.0wa,  0.0hi,  0.0si
    Mem
    :   8311500k total,   879392k used,  7432108k free,    71308k buffers
    Swap
    :  4192956k total,        0k used,  4192956k free,   592992k cached
    ps:
    PHP:
    [root@newbox ~]# ps axuf
    USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND
    root         1  0.0  0.0  2264  548 
    ?        S    Aug05   0:00 init [3]
    root         2  0.0  0.0     0    0 ?        S    Aug05   0:00 [migration/0]
    root         3  0.0  0.0     0    0 ?        SN   Aug05   0:00 [ksoftirqd/0]
    root         4  0.0  0.0     0    0 ?        S    Aug05   0:00 [migration/1]
    root         5  0.0  0.0     0    0 ?        SN   Aug05   0:04 [ksoftirqd/1]
    root         6  0.0  0.0     0    0 ?        S    Aug05   0:00 [migration/2]
    root         7  0.0  0.0     0    0 ?        SN   Aug05   0:03 [ksoftirqd/2]
    root         8  0.0  0.0     0    0 ?        S    Aug05   0:00 [migration/3]
    root         9  0.0  0.0     0    0 ?        SN   Aug05   0:00 [ksoftirqd/3]
    root        10  0.0  0.0     0    0 ?        S<   Aug05   0:00 [events/0]
    root        14  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[khelper]
    root        15  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[kacpid]
    root        41  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[kblockd/0]
    root        42  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[kblockd/1]
    root        43  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[kblockd/2]
    root        44  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[kblockd/3]
    root        62  0.0  0.0     0    0 ?        S    Aug05   0:00  \[pdflush]
    root        63  0.0  0.0     0    0 ?        S    Aug05   0:00  \[pdflush]
    root        65  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[aio/0]
    root        66  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[aio/1]
    root        67  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[aio/2]
    root        68  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[aio/3]
    root        11  0.0  0.0     0    0 ?        S<   Aug05   0:00 [events/1]
    root      1160  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[kauditd]
    root        12  0.0  0.0     0    0 ?        S<   Aug05   0:00 [events/2]
    root        13  0.0  0.0     0    0 ?        S<   Aug05   0:00 [events/3]
    root       475  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[ata/0]
    root       476  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[ata/1]
    root       477  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[ata/2]
    root       478  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[ata/3]
    root       479  0.0  0.0     0    0 ?        S<   Aug05   0:00  \[ata_aux]
    root        45  0.0  0.0     0    0 ?        S    Aug05   0:00 [khubd]
    root        64  0.0  0.0     0    0 ?        S    Aug05   0:00 [kswapd0]
    root       212  0.0  0.0     0    0 ?        S    Aug05   0:00 [kseriod]
    root       452  0.0  0.0     0    0 ?        S    Aug05   0:00 [scsi_eh_0]
    root       526  0.0  0.0     0    0 ?        S    Aug05   0:00 [scsi_eh_1]
    root       527  0.0  0.0     0    0 ?        S    Aug05   0:12 [usb-storage]
    root       534  0.0  0.0     0    0 ?        S    Aug05   0:00 [scsi_eh_2]
    root       535  0.0  0.0     0    0 ?        S    Aug05   0:35 [usb-storage]
    root       550  0.0  0.0     0    0 ?        S    Aug05   0:09 [kjournald]
    root      1897  0.0  0.0  3564  528 ?        S<s  Aug05   0:00 udevd
    root      2143  0.0  0.0     0    0 
    ?        S    Aug05   0:00 [kjournald]
    root      2568  0.0  0.0     0    0 ?        S<   Aug05   0:00 [loop0]
    root      2569  0.0  0.0     0    0 ?        S    Aug05   0:00 [kjournald]
    root      2832  0.0  0.0  3504  516 ?        Ss   Aug05   0:01 syslogd -m 0
    root      2836  0.0  0.0  2504  384 
    ?        Ss   Aug05   0:00 klogd -x
    root      2849  0.0  0.0  2936  288 
    ?        Ss   Aug05   0:00 irqbalance
    root      2893  0.0  0.0  5348  372 
    ?        Ss   Aug05   0:00 rpc.idmapd
    root      2924  0.0  0.0  2744  436 
    ?        Ss   Aug05   0:00 /usr/sbin/acpid
    root      3400  0.0  0.8 87388 73460 
    ?       Ssl  Aug05   0:07 /usr/sbin/clamd
    mailnull  3406  0.0  0.0  8768 1752 
    ?        Ss   Aug05   0:00 /usr/sbin/exim -bd -oX 587
    mailnull  3412  0.0  0.0  8560 1772 
    ?        Ss   Aug05   0:00 /usr/sbin/exim -bd -q60m
    mailnull  3419  0.0  0.0  8160 1736 
    ?        Ss   Aug05   0:00 /usr/sbin/exim -tls-on-connect -bd -oX 465
    root      3459  0.0  0.0  3248  624 
    ?        Ss   Aug05   0:00 /usr/sbin/dovecot
    root      3461  0.0  0.0  2688  880 
    ?        S    Aug05   0:02  \_ dovecot-auth
    dovecot   3467  0.0  0.0  4044 1492 
    ?        S    Aug05   0:00  \_ pop3-login
    dovecot   3468  0.0  0.0  5176 1492 
    ?        S    Aug05   0:00  \_ pop3-login
    dovecot   3469  0.0  0.0  5496 1512 
    ?        S    Aug05   0:01  \_ imap-login
    dovecot   3470  0.0  0.0  5172 1508 
    ?        S    Aug05   0:00  \_ imap-login
    root      3471  0.0  0.0 11300 4996 
    ?        Ss   Aug05   0:15 /usr/local/apache/bin/httpd -k start -DSSL
    nobody   27678  0.0  0.0 11436 4448 
    ?        S    Aug07   0:00  \/usr/local/apache/bin/httpd -k start -DSSL
    nobody   27679  0.0  0.0 11436 4444 
    ?        S    Aug07   0:00  \/usr/local/apache/bin/httpd -k start -DSSL
    nobody   27680  0.0  0.0 11436 4444 
    ?        S    Aug07   0:00  \/usr/local/apache/bin/httpd -k start -DSSL
    nobody   27681  0.0  0.0 11436 4448 
    ?        S    Aug07   0:00  \/usr/local/apache/bin/httpd -k start -DSSL
    nobody   27682  0.0  0.0 11436 4444 
    ?        S    Aug07   0:00  \/usr/local/apache/bin/httpd -k start -DSSL
    nobody    9685  0.0  0.0 11436 4444 
    ?        S    Aug08   0:00  \/usr/local/apache/bin/httpd -k start -DSSL
    nobody   28644  0.0  0.0 11300 4388 
    ?        S    Aug08   0:00  \/usr/local/apache/bin/httpd -k start -DSSL
    root      3490  0.0  0.0  5372  920 
    ?        Ss   Aug05   0:00 crond
    root      3581  0.0  0.0 14348 7600 
    ?        S    Aug05   0:00 cpdavd accepting connections on 2077 and 2078
    root      3586  0.0  0.0  5584 1764 
    ?        SN   Aug05   0:00 cpanellogd sleeping for logs
    root      3626  0.0  0.0  8288 5492 
    ?        Ss   Aug05   0:02 tailwatchd
    dbus      3643  0.0  0.0  3620  800 
    ?        Ss   Aug05   0:00 dbus-daemon---system
    root      3656  0.0  0.0  5272 2684 
    ?        Ss   Aug05   0:54 hald
    root      3681  0.0  0.0  1500  388 
    ?        Ss   Aug05   0:00 /usr/sbin/portsentry -tcp
    root      3733  0.0  0.0  2688  400 tty1     Ss
    +  Aug05   0:00 /sbin/mingetty tty1
    root      3734  0.0  0.0  2256  396 tty2     Ss
    +  Aug05   0:00 /sbin/mingetty tty2
    root      3735  0.0  0.0  2760  400 tty3     Ss
    +  Aug05   0:00 /sbin/mingetty tty3
    root      3736  0.0  0.0  3232  400 tty4     Ss
    +  Aug05   0:00 /sbin/mingetty tty4
    root      3737  0.0  0.0  2352  400 tty5     Ss
    +  Aug05   0:00 /sbin/mingetty tty5
    root      3738  0.0  0.0  3236  396 tty6     Ss
    +  Aug05   0:00 /sbin/mingetty tty6
    root     22686  0.0  0.0  7600 2348 
    ?        Ss   Aug06   0:04 sshdroot@pts/0
    root     22689  0.0  0.0  4804 1456 pts
    /0    Ss   Aug06   0:00  \-bash
    root     29426  0.0  0.0  3172  780 pts
    /0    R+   13:20   0:00      \_ ps axuf
    root     22822  0.0  0.0  5860 1032 
    ?        Ss   Aug06   0:00 /usr/sbin/sshd
    root     22971  0.0  0.0  6572 1396 
    ?        Ss   Aug06   0:00 pure-ftpd (SERVER)
    root     22974  0.0  0.0  7012  880 ?        S    Aug06   0:00 /usr/sbin/pure-authd -/var/run/ftpd.sock -/usr/sbin/pureauth
    root     15953  0.0  0.1 18328 13024 
    ?       Ss   00:00   0:07 lfd sleeping
    root     16861  0.0  0.2 25992 23488 
    ?       Ss   00:50   0:01 /usr/bin/spamd ---allowed-ips=127.0.0.1 --pidfile=/var/run/spamd.pid --max-children=5
    root     16981  0.0  0.2 26192 23228 
    ?       S    00:50   0:14  \_ spamd child
    root     16982  0.0  0.2 25992 22444 
    ?       S    00:50   0:00  \_ spamd child
    root     16975  0.0  0.0 17100 8040 
    ?        S    00:50   0:00 cpsrvd waiting for connections
    root     29401  0.0  0.1 17060 8340 
    ?        S    13:19   0:00  \_ whostmgrd serving 212.00.00.00
    root     29421  0.0  0.0     0    0 
    ?        Z    13:20   0:00  \[cpsrvd-ssl] <defunct>
    hardware:
    PHP:
    [root@newbox ~]# cat /proc/cpuinfo | grep 'model name'
    model name      Intel(RXeon(TMCPU 3.20GHz
    model name      
    Intel(RXeon(TMCPU 3.20GHz
    model name      
    Intel(RXeon(TMCPU 3.20GHz
    model name      
    Intel(RXeon(TMCPU 3.20GHz

    [root@newbox ~]# cat /proc/meminfo | grep MemTotal
    MemTotal:      8311500 kB

    Any idea whats wrong with my new box?

    BTW: I use raid 1 on 15k u320 SCSI disks with lsi scsi raid controller
     
  2. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    38
    Few apache processes are running. Also, somebody is trying to access WHM from IP address 212.00.00.00. Rest of the things seems to be fine.

    Please continuously check the load using top -c and provide updated screen if you find high server load.
     
  3. zigzam

    zigzam Well-Known Member

    Joined:
    May 9, 2005
    Messages:
    206
    Likes Received:
    0
    Trophy Points:
    16
    Did you figure out what was wrong? I have the same problem.
     
  4. AR15Armory

    AR15Armory Active Member

    Joined:
    Aug 29, 2007
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Bluegrass State
    cPanel Access Level:
    Root Administrator
    I am also experiencing this as well, but my server is up and running what is causing this and how to fix it.

    /usr/sbin/clamd
     
  5. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Apogee, is this a VPS, Dedicated, or Cloud?

    If your server is a traditional VPS, you may be seeing load levels coming from the other VPS servers on the same machine.
     
  6. zigzam

    zigzam Well-Known Member

    Joined:
    May 9, 2005
    Messages:
    206
    Likes Received:
    0
    Trophy Points:
    16
    Server in my case
     
  7. AR15Armory

    AR15Armory Active Member

    Joined:
    Aug 29, 2007
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Bluegrass State
    cPanel Access Level:
    Root Administrator
    I am also dedicated server with only 5 sites on it.
     
  8. zigzam

    zigzam Well-Known Member

    Joined:
    May 9, 2005
    Messages:
    206
    Likes Received:
    0
    Trophy Points:
    16
  9. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Ok, I would have to look deeper then in that case if you are dedicated ...

    It could possibly be a configuration issue, a hardware problem, or possibly whoever had the IP before you had a lot of traffic (check netstat) and causing your server to load prematurely.

    Either way, would probably need a bit more information to determine more precisely what is going on here.
     
  10. AR15Armory

    AR15Armory Active Member

    Joined:
    Aug 29, 2007
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Bluegrass State
    cPanel Access Level:
    Root Administrator
    Well I got to looking around more and thought it was something to do with the SpamAssassin, so I restarted the following services not wanting to restart Apache, after wards the CPU high load percentage was gone.
    Mail Server
    POP3 Server
    SQL Server
    SSH Server
     
Loading...

Share This Page