Posted 2009-10-08 22:31 by Joe
A default installation of Virtualmin is configured to maximize performance, rather than minimize memory usage. Thus, on a system with 512MB of RAM and less, or systems running on a VPS with no swap available, problems can arise if steps aren't taken to reduce usage. These steps will not hurt performance on a low memory system, as running out of memory is a far greater performance problem than having to load a few libraries on each pageview in Virtualmin. Note also that Virtualmin, even at 100MB, is not the largest process on a full-featured webserver. Apache will be about 150-250MB once all of the modules are loaded, depending on which modules you use and whether everything runs under mod_fcgid or you use the individual mod_php, mod_perl, mod_ruby, etc. BIND can also grow to 100MB or much more, depending on the number of zones you're hosting and whether it is providing recursive DNS service. Postfix always stays pretty small, but the spam and anti-virus tools are unavoidably quite memory and CPU intensive.
32 bit vs 64 bit systems
If you have less than 3GB of RAM, we'd recommend using a 32bit operating system. And this is especially true if you have 1GB or less of RAM. Processes can require significantly more memory on a 64 bit architecture, and if you have any RAM constraints, any performance benefits that one might gain from a 64 bit operating system would be undone by having less memory available for buffers and caching.
Virtualmin library pre-loading
To disable preloading of Webmin libraries, follow these steps :
- Login to Virtualmin as
- Open the System Settings category on the left menu, then click on Virtualmin Config.
- Change Preload Virtualmin libraries at startup? to No.
- Click Save. You will then be prompted to re-check the Virtualmin configuration.
- Click the Re-Check button. Once this process is complete, the Webmin server process will reduce RAM use to about 10M.
Alternately, you can do the same thing from the command line by editing
Find this line:
preload=virtual-server=virtual-server/virtual-server-lib-funcs.pl virtual-server=virtual-server/feature-dir.pl virtual-server=virtual-server/feature-unix.pl...
This line is much longer than this on most systems. Insert a # mark at the beginning of the line (before "preload"), to comment it out, and then restart Webmin with the following command:
/etc/webmin/virtual-server/config, and change the
preload_mode line to :
This will reduce Virtualmin memory usage from ~90MB (~120MB+ on a 64 bit system) to ~10MB. This option determines which Webmin libraries are preloaded on Webmin startup. This library pre-loading makes Virtualmin faster if there's plenty of memory, particularly if you have many simultaneous Virtualmin users, but on low memory systems avoiding swapping is far more important to performance of all components.
SpamAssassin and ClamAV combine to use a lot of memory. You can reduce their memory usage by going into System Settings - Spam and Virus Scanning, set these two options:
- Set SpamAssassin client program to spamassassin (Standalone program)
- Set Virus scanning program to Standalone scanner (clamscan)
KeepAlive On KeepAliveTimeout 3
<Module prefork.c> StartServers 2 MinSpareServers 2 MaxSpareServers 5 ServerLimit 10 MaxClients 10 MaxRequestsPerChild 100 </Module>
<Module worker.c> StartServers 2 MaxClients 10 MinSpareThreads 2 MaxSpareThreads 10 ThreadsPerChild 5 MaxRequestsPerChild 100 </Module>
Optionally, remove any modules you aren't using. This actually will reduce memory usage more than anything else--but it's hard to guess what modules you'll want/need to do your job. mod_perl is needed for the Google Analytics module in Virtualmin, but otherwise everything can be run under cgi or fcgid...and if memory is a real problem, you may have to give up on Google Analytics (or set it up manually without our mod_perl filter). So, disabling mod_php4 or mod_php5 is cool (but if you've been using it for PHP scripts, you'll need to make the switch to fcgid first, and reset permissions and ownership up your PHP scripts in domain homes) and will shave quite a bit off the process size. Other possibilities for disabling: auth_dbm, disk_cache, proxy (but this removes quite a bit of functionality, including some needed for a number of Virtualmin features), include (removes Server Side Include functionality), status.
Because Apache is probably the biggest process on any hosting system...if you're dealing with a VERY small memory system (under 256M), then you'll have to cut it down a lot, and removing modules that are not absolutely vital becomes more important.
Note: On very small systems, under 256MB, you may consider using nginx instead of Apache. nginx is not as capable as Apache, but is famous for how little memory it uses. Consult the Using Nginx with Virtualmin documentation for more.
The actual mail services are tiny. The spam and anti-virus filtering services are not. You may want to consider simply forwarding mail on to a free Gmail account or something that has good spam/AV filtering. This is limiting...but it means your mail service can be provided in a few MB. In such a case, you'd turn off dovecot, and would never have to spawn SpamAssassin or clamav. If you do have to deliver mail locally, don't use clamd or spamc, as those have processes that always run...unless you get enough mail to keep them respawning every minute or more (because the memory is effectively made unavailable anyway--might as well get the mail processed faster and give away a little memory).
Virtualmin also supports running ClamAV and SpamAssassin service remotely, allowing many Virtualmin servers to share a single large spam/virus scanning server on your local network, which is documented on the Spam and Anti-Virus Scanning page.
Shut down postgresql or mysql or both. If you're not using databases, don't run them.
Most users do not need Mailman. If you need to send out newsletters, look into something like phplist, which is more lightweight.
Shut down proftpd, if you can convince yourself and/or your users to use the Webmin Upload/Download and File Manager modules or ssh/scp for file transfers. ssh/scp is more secure, anyway, though it does not support directory restrictions of the kind some hosts like in FTP.
Don't even think about running X. You don't want to run X on any server, but this is particularly true for low-memory systems.
Make sure you have a swap file or swap partition configured. Swapping out infrequently used processes and data leaves more memory for active processes.
I use these configs on my 256MB CentOs 5.2 VPS Server. It works good for me, but mileage may vary for you. This is in no way a replacement to a larger server.
Editors Note: Don't use LDAP on a low-memory system. Flat-files are dramatically less resource intensive and much faster than LDAP under pretty much all circumstances and especially in low-memory systems. But, if you must use LDAP, this may be helpful in reducing some of the resources required.
set_cachesize 0 26843545 1 cachesize 1000 set_lg_regionmax 26214 set_lg_bsize 209715
[mysqld] port = 3306 socket = /var/lib/mysql/mysql.sock skip-locking key_buffer = 16K max_allowed_packet = 1M table_cache = 4 sort_buffer_size = 64K read_buffer_size = 256K read_rnd_buffer_size = 256K net_buffer_length = 2K thread_stack = 64K