After bumping up 60+ packages (probably about half or a third the total), apache started spawning several processes, each taking 10-15% CPU, until my poor little server box was kswapd’ing its little guts out. It was heartwrenching seeing that red drive light on constantly. Poor little thing.
I did an emerge world and rebooted, and this baby is absolutely humming now. load average 0.00 :>
UPDATE: eventually Apache is still hogging things. Looks like gentoo changed the config settings for the Apache memory manager (MPM). There are several choices, looks like I want the “worker” variant. To get it, add APACHE_MPMS=”worker” to [/etc/conf.d/apache2], and update httpd.conf settings to specify performance settings. The defaults are here: [/etc/apache2/modules.d/00_mpm.conf]. I am attempting to adjust them to optimal values in my [machine_globals.conf] file.
The gory details follow. Sure it’s a lot of change, but once again, gentoo is the ultimate power tool.
emerge-all tasks:
python: run python-updater
done
app-emacs/rst: run emacs-updater
reinstalling:
app-emacs/autoconf-mode
done
openldap:
Getting started using OpenLDAP? There is some documentation available:
Gentoo Guide to OpenLDAP Authentication
(http://www.gentoo.org/doc/en/ldap-howto.xml)
apache2:
If you would like to install the latest webroot, please run
emerge --config =apache-2.2.9
ca-certificates:
You should run update-ca-certificates manually after etc-update
Broken symlink for a certificate at //etc/ssl/certs/cacert.org.pem
You MUST remove the above broken symlinks
done
sys-libs/com_err:
Please make *sure* to run revdep-rebuild now
done
sys-fs/udev
http://www.gentoo.org/doc/en/udev-guide.xml
eix: run update-eix
done
ocaml: /usr/sbin/ocaml-rebuild.sh
reemerge mediawiki, swig
yikes, i had to unalias emerge first, be careful
done
gentoo-sources: need to build a new kernel
building...
make oldconfig
make && make modules_install
etc.
done
squid: If your traffic level is low to moderate, use 'aufs' or 'ufs' (for cache_dir)
also getting config file changes
acl all src all
was: acl all src 0.0.0.0/0.0.0.0
added three acl localnet lines
added: http_access allow localnet
was commented out
ICP queries only from local now
we prevented some caching before:
#We recommend you to use the following two lines.
acl QUERY urlpath_regex cgi-bin
cache deny QUERY
ok, it saved all my other changes, nice.
let it rip...
done
cyrus-imapd:
For correct logging add the following to /etc/syslog.conf:
| local6.* /var/log/imapd.log
| auth.debug /var/log/auth.log
|You have to add user cyrus to the sasldb2. Do this with:
| saslpasswd2 cyrus
looks like NO config changes, whew!
iptables:
!!! ipforwarding is not a part of the iptables initscripts.
To enable ipforwarding at bootup:
/etc/sysctl.conf and set net.ipv4.ip_forward = 1
If you are using the iptables initsscript you should save your
rules using the new iptables version before rebooting.
(i ran /etc/init.d/iptables save)
done
grub:
you must use grub-install
http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=1&chap=10#grub-install-auto
postfix:
* You are upgrading from an incompatible version.
* You MUST stop Postfix BEFORE installing this version to your system.
* If you want minimal downtime, emerge postfix with:
* FORCE_UPGRADE=1 emerge --buildpkgonly postfix
* /etc/init.d/postfix stop
* emerge --usepkgonly postfix
* Then run etc-update or dispatch-conf and merge the configuration files.
* Then restart Postfix with: /etc/init.d/postfix start
stopped it, emerging now...
config changes, uggg
main.cf wasn't too bad
master.cf
adding: proxywrite unix line
the [smtp_] part is new... -o smtp_fallback_relay=
maildrop line LOOKS the same - new version is commented out
same with old-cyrus, cyrus, virt-cyrus
last 2 have flags=hu
and uucp, bsmtp
done
REBOOT TIME.
