I decided to count how often the system on sa-vm has been getting so
busy it kills processes:
root@sa-vm:/var/log# zgrep -h 'Out of memory' syslog.{7..2}.gz syslog.1
syslog |cut -c1-7 |uniq -c
4685 May 22
2562 May 23
9019 May 24
8925 May 25
4529 May 26
2699 May 27
348 May 29
2820 May 30
Most of the killed processes are 'rule.cgi' but according to dmesg,
there are also a bunch of cron, sh, httpd, and pigz processes running at
the same time, suggesting that this is a cascading problem bottlenecking
everything on the machine.
The drop 5/28-29 MAY be due to my addition of a few dozen /20 networks
with many sources of DDoS traffic to be blocked in iptables. I've
repeated that today. I have also restarted the "Loggy Jr." service which
appeared to have a memory leak (2.3GB RSS)
Unclear if there's any good strategy to make this less of a whack-a-mole
situation...
--
Bill Cole
[email protected] or [email protected]
(AKA @[email protected] and many *@billmail.scconsult.com
addresses)
Please keep discussion mailing list replies *on-list*
Not Currently Available For Hire
