Namuhla ngiza ukuzokhuluma nawe futhi mayelana nenye yezinsizakalo zewebhu ezisetshenziswa kakhulu emhlabeni: Iseva yewebhu I-Apache2.
Kuyisihloko okukhulunywe ngaso kaningi, kepha manje ngiza ukukutshela ngesinye isici okufanele usicabangele ngale nsizakalo: Umkhawulo wokuxhuma ngasikhathi sinye. Akukhathalekile ukuthi sine-basic kakhulu noma i-spaceship eneprosesa ye-i7 ne-32 GB yenqama ...
Umkhawulo wokuxhuma ngasikhathi sinye kuzohlala kufana ngaphandle kokuthi sithathe izinyathelo ezifanele, okusho ukuthi uma sifuna ukuba nabantu abaningi baxhumeke ngasikhathi sinye, ngeke nje sidinge i-hardware enhle, kepha futhi nokulungiswa okuhle.
Kulokhu akudingekile ukufaka noma yini, konke kususelwa emiqondweni elula okumele ibhekwe ukumisa i-apache; imiqondo okumele icace bha ngaphambi kokufuna ukwenza ushintsho.
Into yokuqala okufanele ucabange ngayo yile: Ithimba lami linamuphi umthamo? Zingaki izinto zokuxhuma ngasikhathi sinye lapho imishini yami ingaxhasa uma ngiyiphoqa ngangokunokwenzeka? Konke lokhu kuncike entweni eyodwa; I-RAM (Imemori Yokufinyelela Okungahleliwe).
Lapho i-RAM iba nkulu, inani elikhulu lokuxhuma likhula kakhulu, noma kungekho inani elinqunyelwe (okungukuthi, amaklayenti we-X ngenqama ngayinye ye-X), yingakho kuqala kubalulekile ukwenza izibalo ezithile ezincane kuseva yethu yewebhu, nge ukuze sazi imingcele yethu.
Into yokuqala okufanele uyazi ukuthi ingakanani imemori ye-RAM ngokwesilinganiso esebenzisa lonke uxhumano ku-Apache, ngoba ukuxhumana ngakunye okusunguliwe kucabanga ukusetshenziswa okuthile kwe-RAM ohlelweni ... Ngokusobala akusikho konke ukuxhumana okudla inqama efanayo, obekufanele yenza imidiya ... Konke lokhu kungatholakala ngomyalo olandelayo:
ps -ylC apache2 --sort: rss | i-awk '{SUM + = $ 8; I + = 1} END {phrinta SUM / I / 1024} '
Umphumela otholwayo uzomelwa ngamamegabhayithi futhi ungahluka ngokuya ngenani lokuxhumeka okusebenzayo, uhlobo lwamakhasi afinyelelwe, njll. Ngakho-ke, kuyalulekwa ukwenza isivivinyo ngamathebhu ahlukene avuliwe; ngamunye wabo ebonisa okuqukethwe okuhlukile uma kungenzeka. Mina, ngokwesibonelo, umphumela ube ngu-9.5458, okuthi uma siwuzungeza phezulu ube 10 MB I-RAM idliwe ngokwesilinganiso ngokuxhumeka ngakunye.
Kubalulekile futhi ukwazi ukuthi ingakanani i-RAM esetshenziswa yizo zonke izinqubo ezisebenzayo ohlelweni, ngoba insiza yewebhu akuyona kuphela esebenza ohlelweni lokusebenza futhi kuyadingeka ukushiya imemori ye-RAM yamahhala ku server ukuze ikwazi ukwenza yonke eminye imisebenzi. Lokhu kungatholakala ngomyalo oboniswe ngezansi:
ps -N -ylC apache2 - uhlobo: rss | awk '{SUM + = $ 8} END {phrinta SUM / 1024}'
Umphumela otholakele uzoboniswa ngama-megabytes, futhi uzosikhombisa ngokunembile inani le-RAM elisetshenziswe yizo zonke izinqubo; kimi 800 MB. Ngalolu lwazi singenza ukubalwa okujwayelekile kwenombolo yokuxhuma ngasikhathi sinye esingaba nakho; Ngibala ukuthi sizothola ngomsebenzi olula kakhulu.
(RAMTOTAL - RAM_RESTOPROCESOS) / RAM_POR_CONNEXIÓN
Ngale fomula esandleni, ake sicabange ukuthi sinekhompyutha ene-4 GB RAM, okungukuthi, i-4096 MB nokuthi ikhompyutha yethu ikhombisile imiphumela eshiwo ngenhla; ukubalwa kuzoba:
(4096 - 800) / 10 = 329 ukuxhumana ngasikhathi sinye
Inkinga ngalokhu kubalwa ukuthi eyodwa yeqise ngokweqile, ngoba izodla yonke i-RAM (yenze iseva idle ukushintshana) futhi futhi, uma kungenzeka ibe ne-database, efana ne-MySQL noma enye into, ukuxhumana kuyo nakho kuzodla I-RAM, lapho inombolo etholakele ingafaneleka khona njengenombolo engeyona. Ngakho-ke, ukuze ukhulule imemori ngezinqubo ezingeziwe ezingezekile futhi ucabange nokuthi kungenzeka ukuthi ukuxhumeka kudathabheyisi kwenziwa, sizonciphisa inani lokuxhuma 250.
Manje njengoba sesinenombolo yethu ephezulu yokuxhuma ngasikhathi sinye, kuzofanele silungiselele i-Apache ukuthola le nombolo, okwenziwa kufayela lokumisa lale kholi apache2.conf, ephethwe kuyo / njll / apache2.
Ifayela okukhulunywa ngalo lilandela isakhiwo esuselwe ku- amamojula, ngasinye sinegama laso elihambisanayo, kodwa singathanda kuphela ukuba nesithakazelo komunye wabo, ogama lakhe lingu mpm_prefork_module. Imodyuli okukhulunywa ngayo inedatha elandelayo ngokuzenzakalela:
I-StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 0
Le mojule inochungechunge lwamapharamitha abaluleke kakhulu, yize kukhona eyodwa yazo engasithakazelisa ikakhulukazi, ebizwa AmaMaxClients. Le pharamitha icacisa inani eliphakeme lokuxhuma ngasikhathi sinye futhi kufanele liguqulelwe ku- 250.
Imininingwane eyodwa okufanele uyinake ukuthi lapho inani elingelona iphutha lishiwo kupharamitha eshiwo, kuyadingeka ukwengeza enye enye NGAPHAMBI kwalokhu. Le parameter ibizwa ngokuthi I-ServerLimit futhi ibeka umkhawulo wokuxhuma isiphakeli "esingabamba" noma ngabe singaphandle komkhawulo.
Ipharamitha yeServerLimit ngaso sonke isikhathi kufanele ibe ngaphezulu kancane kuneMaxClients futhi lapha, njengoba kunendawo encane yokwenza, umkhawulo we 270. Lokhu kungenza imodyuli ibukeke kanjena:
I-StartServers 5 MinSpareServers 5 MaxSpareServers 10 ServerLimit 270 MaxClients 250 MaxRequestsPerChild 0
Manje kuzodingeka kuphela ukuqala kabusha insiza ye-Apache usebenzisa umyalo:
/etc/init.d/apache2 ukuqalisa kabusha
Ngalokhu besivele singajabulela iseva yethu elungiselelwe yewebhu.
Ukubingelela
Amazwana ayi-21, shiya okwakho
Siyabonga ngokuthunyelwe!
Ngiyajabula ukuthi ukuthole kuwusizo.
Ukubingelela
Kukhona indlela yokuhlangana ngama-Apache namaseva amabili, ungachaza ukuthi kusebenza kanjani?
Yize ngifunde umcabango othile ngakho, angikaze ngiyisebenzise ukwenza. Noma kunjalo, mhlawumbe lo mbhalo ungakunika ukuqondiswa maqondana nalokhu, noma ngiphinda ukuthi angizange ngibe nethuba lokukusebenzisa:
http://www.muspells.net/blog/2011/04/alta-disponibilidad-con-apache2-y-heartbeat-en-debian-squeeze/
Ucele isikhathi eside, uma ungaxazululanga; Nginohlelo lokulinganisa nomuntu wesithathu osebenza njengohlelo lwamafayela, ukhomba amafolda aku-var / www / html / (kimi) ohlelweni lwefayela, ngakho babelana ngolwazi olufanayo, mhlawumbe nawe uzokwazi dinga i-ip ebonakalayo ephendulayo futhi eqondise kabusha kuma-aps we-apache, ngoba lokhu ungathatha i-haproxy futhi uma uyifuna ukutholakala okuphezulu ungahlanganisa i-keepalive uma kwenzeka enye iwa, enye iqhubeke nokuphendula, noma futhi uma usuvele unayo isizinda sohlelo lokusebenza, ungalinganisa nephawundi elibuyela emuva kuwo womabili amaseva, ngamacala athile anjengemoodle noma izinhlelo ezithile ezixhuma kudathabheyisi ku-mysql, kuzofanele udale umsebenzisi ngeseva yohlelo lokusebenza ngayinye ekhomba ku-database efanayo .
Ngiyabonga kakhulu ngokuthunyelwe, uqinisile impela, inqama iyisibalo esiyinhloko, yize ngicabanga ukuthi futhi sibala nenombolo enkulu yezinqubo ezingaqhutshwa yiprosesa lethu (kunjalo, kuqala ngokwenza ukubalwa kwememori eyinhloko) nokuthi idiski izosatshalaliswa kanjani kanzima (Izibonelo zesibonelo / var = 1TR).
Uqinisile; konke kubalulekile, njengokulawulwa kwezinga lokushisa phakathi kwezinye izinto. Ngokusobala iprosesa elinamandla lingenza imisebenzi eminingi ngasikhathi sinye ngokusebenza kahle okukhulu, kepha inhloso yalokhu okuthunyelwe kwakuwukuchaza ukubaluleka kwe-RAM maqondana nenombolo yokuxhuma ngasikhathi sinye.
Indlela enhle yokulawula zonke lezi zinto futhi ubone ukuthi iprosesa lethu aligcwali yini noma uma sine-RAM encane yamahhala, kungaba ngokusebenzisa i-bash script. Mhlawumbe lokhu engikuthumele ezinsukwini ezimbalwa ezedlule mayelana nakho kuzokuthakazelisa, engikushiya kusixhumanisi esilandelayo; Ukuqapha komhlaba kepha kungahle kuthakazelise othile:
http://bytelearning.blogspot.com.es/2015/07/controlando-la-salud-del-equipo-con-bash.html
Phendula ngokucaphuna
Inothi elihle kakhulu, ngiyabonga kakhulu!
Ngibonga kakhulu! Ngiyethemba ukwazile ukusizakala.
Angifuni ukuba isichitho ...
… Kepha ngokwandisa inani lokuxhumeka awushiyi isengozini enkulu ekuhlaselweni yi-DDoS?
Akuwona umbuzo othulile we-cretin. Iqiniso ukuthi ngokwandisa inani lokuxhumeka ngasikhathi sinye, ngokwengxenye siqinisa i-Apache ngokuhlaselwa kwe-DDOS, ngoba kufanele ucabangele ukuthi inani lokuxhumeka okuphezulu ngasikhathi sinye okusungulwe kuseva liyinombolo yokuxhumana okuphelele okuphelele, hhayi lokho okuvela umsebenzisi oyedwa. Ngakho-ke, ngenkathi ekuqaleni besingasekela kuphela ukuxhumana okungu-150 ngasikhathi sinye (noma ngabe kungukuxhumana okuvela kumthombo osemthethweni noma cha) manje singathembela kokuningi njengokusekelwa yiseva yethu, okudinga inani elikhulu lokuxhuma ngasikhathi sinye ukungabi insiza. Ngokusobala, ukwandisa inani eliphakeme lokuxhuma akuyona indlela yokuvikela kulolu hlobo lokuhlaselwa, kepha kunalokho kuzofanele kusetshenziswe izinqubomgomo ze-firewall. Uma, ngokwesibonelo, insiza yewebhu ofuna ukuyibeka izodalulwa ku-inthanethi, isilinganiso sokuphepha esingasetshenziswa kungaba ukwengezwa kwale migqa ku-firewall yethu:
iptables -I-INPUT -p tcp -syn -dport 80 -m connlimit –connlimit-upto 10 -m state - state NEW -j YAMUKELA
iptables -I-INPUT -p tcp -dport 80 -m state-state ESTABLISHED, RELATED -j ACCEPT
iptables -I-INPUT -p tcp -dport 80 -j DROP
Esinye sezici zokuhlaselwa kwe-DDoS ukuthi umhlaseli angavela athumele amaphakethe avela ezinkomba eziningi ezahlukahlukene, okuvimbela ukugeleza kwamaphakethe ekuqhamukeni kuphela kolunye uhlangothi.
Uqinisile ngomqondo wokuthi i-firewall efana nale engiyimisile ayisebenzi kahle ekuhlaselweni kwe-DDOS, ngoba ivela emithonjeni ehlukene. Noma kunjalo, kungcono ukukhawulela inani lokuxhuma liye ku-10 kulowo nalowo mthombo kunokuba ungabi nomkhawulo, ukuze umthombo ngamunye ukwazi ukusungula izixhumanisi eziyikhulu noma ngaphezulu.
Kunoma ikuphi, ikhithi yombuzo ukuthi ukuxhumana okwenziwa ngasikhathi sinye kuseva, kuzoba nzima kakhulu ukuyikhipha ngokuhlaselwa kwe-DDOS, okungenza kube nzima ukuthi ikhasi likhishwe phansi ngumhlaseli .
Ukubingelela
Kuhle. Okwamanje ngiyaqhubeka ne-NGINX kusayithi lami ukuze ngingayihlukumezi i-VPS enginayo.
Okuthunyelwe okuhle @Drassill!
Bengifuna ukufaka okuthile mhlawumbe okungaphezu kwezibalo kunokucushwa.
Yize indlela elula futhi esheshayo yokubala ipharamitha yokusetshenziswa isencane, mhlawumbe singaba lukhuni ngokwengeziwe futhi sisebenzise i- "median" esikhundleni se- "mean". Kungasisindisa kuphi? Ukuthi izinombolo ziyadubula uma kwenzeka ukuxhumana kudle inkumbulo eningi. Isibonelo, ake sithi amaklayenti alandelayo asebenzisa amanani alandelayo, kuyunithi yememori abayifunayo (KB, MB, MiB, njll):
10, 15, 150, 5, 7, 10, 11, 12
Isilinganiso sizonikeza cishe i- ~ 30
Futhi lokhu ngoba sinokweqisa okukhulu kakhulu (150), futhi izibalo ziyahlanya. I-median iqukethe uku-oda le datha, ihlukanisa inani lamasampula ngo-2 (isikhungo sethu) bese ithola inombolo yalesi sikhundla. Ngalokhu sizoba nokuthile okufana nalokhu
5, 7, 10, 10, 11, 12, 15, 150
Ngakho-ke ukuqonde kwethu kungaba: 8/2 = 4 okungukuthi ~ 10
Lapha ungabona ukuthi noma ngabe ukweqisa kangakanani, kuzohlala kusinika inani elingokoqobo. Uma sifaka ikhasimende elisebenzisa ama-200, owethu ophakathi uzoba yi-11, kanti isilinganiso singaya ku …….
Kungumnikelo kuphela, futhi kuyaphikiswana kakhulu, ngoba ngezixhumanisi azifinyezwanga.
Hug people linuxera 🙂
Sawubona, ngibe nenkinga kuseva yami ezinikele, futhi ukuthi ngaso sonke isikhathi lapho inani labantu abalinganiselwa ku-250 lisondela ku-inthanethi, ngokusho kwe-google analytics ngesikhathi sangempela, iseva yami njengayo iyawa futhi ukuxhumeka kuhamba kancane kuze kuyeke ukuxhumana kuwebhusayithi futhi ungalokothi ulayishe ngaphezu kwaleyo nombolo yabasebenzisi online, kepha lapho ngibona ukusebenza kweseva ezinikele okuyi-8gb ram kukhombisa ukusetshenziswa okungu-10%, i-cpu: 5% yokusetshenziswa ne-hard disk ku: 1.99% yokusetshenziswa.
Ungangisiza? Angikutholi okufanele ngikwenze, ukwenza lezi zinyathelo kuyisixazululo?
UCarlos omuhle.
Inkinga oyichazayo ivame kakhulu lapho iseva ingalungiselelwe kahle. Iseva yakho mhlawumbe izokwamukela inani elincanyana lokuxhuma ngasikhathi sinye futhi lapho ifinyelela ukuxhumana okungu-250 izoshayeka. Ngokulandela imanuwali kufanele ukwazi ukuxazulula inkinga, noma ngabe unedathabheyisi kuleso seva, kuzofanele futhi ukwandise leyo database.
Ukubingelela
Drassill, ngenze ukucushwa okukhulumile futhi kwaba ngokwenelisayo, izolo ngifinyelele kubasebenzisi abangama-280 online futhi isiphakeli asilenganga, ngijabule kakhulu ngalo mphumela, futhi ngifuna ukwenza enye into ongitshela yona database, ¿Ngikwenza kanjani lokhu?
Umqondo we-database uvulekile impela; ukusebenzisa i-mysql akufani nama-postgres (ngokwesibonelo). Ngokusobala angazi yonke imininingwane; Ngizamile i-mysql ne-postgres, futhi ukwanda kokuxhuma ngasikhathi sinye kulezi kuzosuselwa ekuxhumekeni okuphezulu kwepharamitha; Ukulungiswa kwe-mysql kuzokwenziwa ku /etc/my.conf futhi ipharamitha yokuxhuma kakhulu kuzodingeka iguqulwe (phakathi kwabanye). Okwe-postgres esikhundleni, ngine-athikili kubhulogi lami echaza ukuthi ungayisebenzisa kanjani kangcono engaba wusizo kuwe noma ongayisebenzisa njengesethenjwa semininingwane yakho:
http://bytelearning.blogspot.com.es/2016/02/postgresql-una-alternativa-mysql-en.html
Ukubingelela
Sawubona, lapho ngiphonsa umyalo wokuqala, ungikhombisa inani elingu-0.
Ngiyabonga ngalokhu okuthunyelwe.