Does it normal?

my server info:

Processor Intel Xeon E3 1225v2
RAM 32GB DDR3
Disks 3 x 120 GB SSD

i run directadmin+nginx

the nginx use 14gb of 32gb and this output from server:

root 12872 0.0 38.8 12868180 12748776 ? Ss 09:35 0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 12873 0.0 38.8 12889524 12759540 ? S 09:35 0:00 nginx:
worker process
nginx 12882 0.0 38.8 12876504 12756964 ? S 09:35 0:00 nginx:
worker process
nginx 12883 0.0 38.8 12879652 12757656 ? S 09:35 0:00 nginx:
worker process
nginx 12884 0.0 38.8 12872432 12753532 ? S 09:35 0:00 nginx:
worker process

when i do restart to nginx service it take 2min 40second to restart.
after restart it immediately use 14gb of ram

does it normal for nginx?

Posted at Nginx Forum:

Hello!

On Thu, Jul 30, 2015 at 04:07:05AM -0400, evgeni22 wrote:

root 12872 0.0 38.8 12868180 12748776 ? Ss 09:35 0:00 nginx:
when i do restart to nginx service it take 2min 40second to restart.
after restart it immediately use 14gb of ram

does it normal for nginx?

No, but depending on your settings and compiled in modules it may
be what you’ve asked it to do.


Maxim D.
http://nginx.org/

nginx version: nginx/1.8.0
built by gcc 4.8.3 20140911 (Red Hat 4.8.3-9) (GCC)
built with OpenSSL 1.0.1e-fips 11 Feb 2013
TLS SNI support enabled
configure arguments:
–add-module=…/modsecurity_nginx-2.8.0/nginx/modsecurity --user=nginx
–group=nginx --prefix=/usr --sbin-path=/usr/sbin
–conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid
–http-log-path=/var/log/nginx/access_log
–error-log-path=/var/log/nginx/error_log --with-ipv6
–without-mail_imap_module --without-mail_smtp_module
–with-http_ssl_module
–with-http_realip_module --with-http_stub_status_module
–with-http_gzip_static_module --with-http_dav_module --with-cc-opt=‘’-D
FD_SETSIZE=32768’’

CentOS Linux release 7.1.1503

error.log
2015/07/30 09:34:28 [notice] 12683#0: ModSecurity for nginx
(STABLE)/2.8.0
(http://www.modsecurity.org/) configured.
2015/07/30 09:34:28 [notice] 12683#0: ModSecurity: APR compiled
version=“1.5.1”; loaded version=“1.5.1”
2015/07/30 09:34:28 [notice] 12683#0: ModSecurity: PCRE compiled
version="8.20 "; loaded version=“8.20 2011-10-21”
2015/07/30 09:34:28 [notice] 12683#0: ModSecurity: LIBXML compiled
version=“2.9.2”
2015/07/30 09:34:28 [notice] 12683#0: Original server signature:
ModSecurity
Standalone
2015/07/30 09:34:28 [notice] 12683#0: Status engine is currently
disabled,
enable it by set SecStatusEngine to On.

other errors from time to time:
kernel: grsec: From x.x.x.x: Segmentation fault occurred at
00000000000000e0 in /usr/sbin/nginx[nginx:8031] uid/euid:993/993

SELINUX=disabled

at the moment:

  • Memory used…: 13761 MB / 32067 MB
  • Swap in use…: 2333 MB

service nginx reload = it doubles the ram usage.
over a few days it use all 32gb of ram, and start with swap.

nginx.conf
#user nginx;

The number of worker processes is changed automatically by

CustomBuild,
according to the number of CPU cores, if it’s set to “1”
worker_processes 4;
pid /var/run/nginx.pid;
error_log /var/logs//nginx/error.log;

#error_log logs/error.log notice;
#error_log logs/error.log info;

events {
include /etc/nginx/nginx-events.conf;
}

http {
include /etc/nginx/mime.types;

access_log /var/log/nginx/access.log main;

# For user configurations not maintained by DirectAdmin. Empty by

default.
include /etc/nginx/nginx-includes.conf;

# Supplemental configuration
include /etc/nginx/nginx-modsecurity-enable.conf;
include /etc/nginx/nginx-defaults.conf;
include /etc/nginx/nginx-gzip.conf;
include /etc/nginx/directadmin-ips.conf;
include /etc/nginx/directadmin-settings.conf;
include /etc/nginx/nginx-vhosts.conf;
include /etc/nginx/directadmin-vhosts.conf;

}

Average total traffic out from server is 41.1 kb/s.
on 12 vhosts/domains.

So what do i start with to find the problem?

Posted at Nginx Forum:

Hello!

On Thu, Jul 30, 2015 at 04:11:52PM -0400, evgeni22 wrote:

–without-mail_imap_module --without-mail_smtp_module --with-http_ssl_module
version=“1.5.1”; loaded version=“1.5.1”
2015/07/30 09:34:28 [notice] 12683#0: ModSecurity: PCRE compiled
version="8.20 "; loaded version=“8.20 2011-10-21”
2015/07/30 09:34:28 [notice] 12683#0: ModSecurity: LIBXML compiled
version=“2.9.2”
2015/07/30 09:34:28 [notice] 12683#0: Original server signature: ModSecurity
Standalone
2015/07/30 09:34:28 [notice] 12683#0: Status engine is currently disabled,
enable it by set SecStatusEngine to On.

[…]

So what do i start with to find the problem?

First of all, recompile nginx without ModSecurity.


Maxim D.
http://nginx.org/