Saturday, December 5, 2015

Virtualmin on Low Memory Systems

https://www.virtualmin.com/documentation/system/low-memory

Overview

A default installation of Virtualmin is configured to maximize performance, rather than minimize memory usage. Thus, on a system with 512MB of RAM and less, or systems running on a VPS with no swap available, problems can arise if steps aren't taken to reduce usage. These steps will not hurt performance on a low memory system, as running out of memory is a far greater performance problem than having to load a few libraries on each pageview in Virtualmin. Note also that Virtualmin, even at 20MB, is far from the largest process on a full-featured webserver. Apache can easily take 150-250MB. BIND can also grow to 100MB or much more, depending on the number of zones you're hosting and whether it is providing recursive DNS service. MySQL can grow over 500MB, depending on how it's configured. And while Postfix always stays pretty small, the spam and anti-virus tools are unavoidably quite memory and CPU intensive.

32 bit vs 64 bit systems

If you have less than 3GB of RAM, we'd recommend using a 32bit operating system. And this is especially true if you have 1GB or less of RAM. Processes can require significantly more memory on a 64 bit architecture, and if you have any RAM constraints, any performance benefits that one might gain from a 64 bit operating system would be undone by having less memory available for buffers and caching.

Virtualmin library pre-loading

To disable preloading of Webmin libraries, follow these steps :
  1. Login to Virtualmin as root.
  2. Open the System Settings category on the left menu, then click on Virtualmin Config.
  3. Change Preload Virtualmin libraries at startup? to No.
  4. Click Save. You will then be prompted to re-check the Virtualmin configuration.
  5. Click the Re-Check button. Once this process is complete, the Webmin server process will reduce RAM use to about 10M.
This will reduce Virtualmin's memory usage. This option determines which Webmin libraries are preloaded on Webmin startup. This library pre-loading makes Virtualmin faster if there's plenty of memory, particularly if you have many simultaneous Virtualmin users, but on low memory systems avoiding swapping is far more important to performance of all components.

Reduce SpamAssassin and ClamAV memory usage

SpamAssassin and ClamAV combine to use a lot of memory. You can reduce their memory usage by going into Email Messages -> Spam and Virus Scanning, set these two options:
  • Set SpamAssassin client program to spamassassin (Standalone program)
  • Set Virus scanning program to Standalone scanner (clamscan)

Reduce Apache Processes

You can change how many Apache processes run by default, as well as the maximum number that may run
CentOS:
vi /etc/httpd/conf/httpd.conf
Debian/Ubuntu:
vi /etc/apache2/apache2.conf
    KeepAlive On
    KeepAliveTimeout 3
    <Module prefork.c>
 
    StartServers       2
    MinSpareServers    2
    MaxSpareServers    5
    ServerLimit      10
    MaxClients       10
    MaxRequestsPerChild  100
    </Module>
    <Module worker.c>
    StartServers         2
    MaxClients         10
    MinSpareThreads     2
    MaxSpareThreads     10
    ThreadsPerChild     5
    MaxRequestsPerChild  100
    </Module>

Remove Apache Modules

You can also remove Apache modules you aren't using. This can significantly reduce memory usage, but it's also tricky to figure out which modules aren't in use.
If you don't require mod_php, disabling that can free up a lot of memory.
The mod_perl is needed for the Google Analytics module in Virtualmin, but otherwise everything can be run under cgi or fcgid.
Other possibilities for disabling: auth_dbm, disk_cache, proxy (but this removes quite a bit of functionality, including some needed for a number of Virtualmin features), include (removes Server Side Include functionality), status.
Note: On very small systems, you may consider using Nginx instead of Apache. Nginx is not as capable as Apache, but is famous for how little memory it uses. Consult the Using Nginx with Virtualmin documentation for more.

Reduce mail processing memory usage

The actual mail services are tiny. The spam and anti-virus filtering services are not. You may want to consider simply forwarding mail on to a free Gmail account or something that has good spam/AV filtering. This is limiting...but it means your mail service can be provided in a few MB. In such a case, you'd turn off dovecot, and would never have to spawn SpamAssassin or clamav. If you do have to deliver mail locally, don't use clamd or spamc, as those have processes that always run...unless you get enough mail to keep them respawning every minute or more (because the memory is effectively made unavailable anyway--might as well get the mail processed faster and give away a little memory).
Virtualmin also supports running ClamAV and SpamAssassin service remotely, allowing many Virtualmin servers to share a single large spam/virus scanning server on your local network, which is documented on the Spam and Anti-Virus Scanning page.

Remove unnecessary services

If you're not using a Virtualmin feature, disable it in System Settings -> Features and Plugins.
Then, go into Webmin -> System -> Bootup and Shutdown, and disable any service that you don't need.
Many users don't need the Postgres database, and that's a good candidate to disable.
Also, most users do not need Mailman. If you need to send out newsletters, look into something like phpList, which is more lightweight.
If you can use SSH/SFTP rather than FTP, you can disable ProFTPd.
Don't even think about running X. You don't want to run X on any server, but this is particularly true for low-memory systems.

Enable swap

Make sure you have a swap file or swap partition configured. Swapping out infrequently used processes and data leaves more memory for active processes.

Optimize MySQL for Low Memory Server

vi /etc/my.cnf 
    [mysqld]
    port               = 3306
    socket             = /var/lib/mysql/mysql.sock
    skip-locking
    key_buffer         = 16K
    max_allowed_packet = 1M
    table_cache        = 4
    sort_buffer_size   = 64K
    read_buffer_size   = 256K
    read_rnd_buffer_size = 256K
    net_buffer_length  = 2K
    thread_stack       = 64K

Optimize LDAP for low memory Server

Editors Note: Don't use LDAP on a low-memory system. Flat-files are dramatically less resource intensive and much faster than LDAP under pretty much all circumstances and especially in low-memory systems. But, if you must use LDAP, this may be helpful in reducing some of the resources required.
vi /etc/openldap/DB_CONFIG
    set_cachesize 0 26843545 1
    cachesize 1000
    set_lg_regionmax 26214
    set_lg_bsize 209715