After bumping up 60+ packages (probably about half or a third the total), apache started spawning several processes, each taking 10-15% CPU, until my poor little server box was kswapd’ing its little guts out. It was heartwrenching seeing that red drive light on constantly. Poor little thing.<\/p>\n
I did an emerge world and rebooted, and this baby is absolutely humming now. load average 0.00 :><\/p>\n
UPDATE: eventually Apache is still hogging things. Looks like gentoo changed the config settings for the Apache memory manager (MPM). There are several choices, looks like I want the “worker” variant. To get it, add APACHE_MPMS=”worker” to [\/etc\/conf.d\/apache2], and update httpd.conf settings to specify performance settings. The defaults are here: [\/etc\/apache2\/modules.d\/00_mpm.conf]. I am attempting to adjust them to optimal values in my [machine_globals.conf] file.<\/p>\n
The gory details follow. Sure it’s a lot of change, but once again, gentoo is the ultimate power tool.<\/p>\n
emerge-all tasks: \r\npython: run python-updater \r\n done \r\napp-emacs\/rst: run emacs-updater \r\n reinstalling: \r\n app-emacs\/autoconf-mode \r\n done \r\nopenldap: \r\n Getting started using OpenLDAP? There is some documentation available: \r\n Gentoo Guide to OpenLDAP Authentication \r\n (http:\/\/www.gentoo.org\/doc\/en\/ldap-howto.xml) \r\napache2: \r\n If you would like to install the latest webroot, please run \r\n emerge --config =apache-2.2.9 \r\nca-certificates: \r\n You should run update-ca-certificates manually after etc-update \r\n Broken symlink for a certificate at \/\/etc\/ssl\/certs\/cacert.org.pem \r\n You MUST remove the above broken symlinks \r\n done \r\nsys-libs\/com_err: \r\n Please make *sure* to run revdep-rebuild now \r\n done \r\nsys-fs\/udev \r\n http:\/\/www.gentoo.org\/doc\/en\/udev-guide.xml \r\neix: run update-eix \r\n done \r\nocaml: \/usr\/sbin\/ocaml-rebuild.sh \r\n reemerge mediawiki, swig \r\n yikes, i had to unalias emerge first, be careful \r\n done \r\ngentoo-sources: need to build a new kernel \r\n building... \r\n make oldconfig \r\n make && make modules_install \r\n etc. \r\n done \r\nsquid: If your traffic level is low to moderate, use 'aufs' or 'ufs' (for cache_dir) \r\n also getting config file changes \r\n acl all src all \r\n was: acl all src 0.0.0.0\/0.0.0.0 \r\n added three acl localnet lines \r\n added: http_access allow localnet \r\n was commented out \r\n ICP queries only from local now \r\n we prevented some caching before: \r\n #We recommend you to use the following two lines. \r\n acl QUERY urlpath_regex cgi-bin \r\n cache deny QUERY \r\n ok, it saved all my other changes, nice. \r\n let it rip... \r\n done \r\ncyrus-imapd: \r\nFor correct logging add the following to \/etc\/syslog.conf: \r\n| local6.* \/var\/log\/imapd.log \r\n| auth.debug \/var\/log\/auth.log \r\n|You have to add user cyrus to the sasldb2. Do this with: \r\n| saslpasswd2 cyrus \r\n looks like NO config changes, whew! \r\niptables: \r\n !!! ipforwarding is not a part of the iptables initscripts. \r\n To enable ipforwarding at bootup: \r\n \/etc\/sysctl.conf and set net.ipv4.ip_forward = 1 \r\n \r\n If you are using the iptables initsscript you should save your \r\n rules using the new iptables version before rebooting. \r\n (i ran \/etc\/init.d\/iptables save) \r\n done \r\ngrub: \r\n you must use grub-install \r\n http:\/\/www.gentoo.org\/doc\/en\/handbook\/handbook-x86.xml?part=1&chap=10#grub-install-auto\r\npostfix: \r\n * You are upgrading from an incompatible version.\r\n * You MUST stop Postfix BEFORE installing this version to your system.\r\n * If you want minimal downtime, emerge postfix with:\r\n * FORCE_UPGRADE=1 emerge --buildpkgonly postfix\r\n * \/etc\/init.d\/postfix stop\r\n * emerge --usepkgonly postfix\r\n * Then run etc-update or dispatch-conf and merge the configuration files.\r\n * Then restart Postfix with: \/etc\/init.d\/postfix start\r\nstopped it, emerging now...\r\n config changes, uggg\r\n main.cf wasn't too bad\r\n master.cf\r\n adding: proxywrite unix line\r\n the [smtp_] part is new... -o smtp_fallback_relay=\r\n maildrop line LOOKS the same - new version is commented out\r\n same with old-cyrus, cyrus, virt-cyrus\r\n last 2 have flags=hu\r\n and uucp, bsmtp\r\n done\r\nREBOOT TIME. \r\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"After bumping up 60+ packages (probably about half or a third the total), apache started spawning several processes, each taking 10-15% CPU, until my poor little server box was kswapd’ing its little guts out. It was heartwrenching seeing that red drive light on constantly. Poor little thing. I did an emerge world and rebooted, and […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"enabled":false},"version":2}},"categories":[15],"tags":[],"class_list":["post-485","post","type-post","status-publish","format-standard","hentry","category-gentoo-server"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9M11L-7P","jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/posts\/485","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/comments?post=485"}],"version-history":[{"count":16,"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/posts\/485\/revisions"}],"predecessor-version":[{"id":489,"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/posts\/485\/revisions\/489"}],"wp:attachment":[{"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/media?parent=485"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/categories?post=485"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitpost.com\/news\/wp-json\/wp\/v2\/tags?post=485"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}