Minimal installation mode, memory usage, and you!

4 posts / 0 new
Last post
#1 Wed, 09/27/2017 - 19:44
Joe Pro Licensee
Joe's picture

Minimal installation mode, memory usage, and you!

Howdy all,

There's been a few questions and discussions about the newly introduced --minimal mode in the new Virtualmin 6 installer. I wanted to get some feedback about what --minimal ought to include and what it should exclude. My goal with --minimal mode was to make a Virtualmin installation that'll work on a 512MB system...it'll still need to make a swap file in order to actually install on Debian/Ubuntu (apt-get requires a lot of memory, so installation fails on those distros with less than about 1GB of memory+swap).

Anyway, let's talk about the state of memory consumption in a Virtualmin system today, and what the ideal Virtualmin system looks like in a memory-restricted environment.

First, I want to cover what services use a lot of memory in a Virtualmin system (note that RSS is the closest indicator of actual memory usage in most cases). These are all from 64 bit systems. Note that configuration can make a big difference in Apache and PHP process sizes, so it's possible to shrink Apache quite a bit from these numbers, if you remove some extraneous modules and features.

  • clamd - 730 VIRT / 530MB RSS (I know...this is astonishingly huge, and it is now, by far, the biggest memory consumer in a full Virtualmin installation)
  • Apache without mod_php - 550 MB VIRT / 16MB x number of processes (roughly, though this one has many conflating factors)
  • Apache with mod_php - 680 MB VIRT / 20MB RSS x number of processes (roughly, again, and apps that run under mod_php cause a large jump in memory usage)
  • nginx - 92 MB VIRT / 6 MB RSS x number of processes
  • php-cgi (used for mod_fcgid) - 500 MB VIRT / 30 MB RSS x number of processes (varies wildly based on PHP configuration)
  • php-fpm - 190 VIRT / 20 MB RSS
  • Webmin miniserv with library caching - 140 MB VIRT / 67 MB RSS x number of processes (usually a small number)
  • Webmin miniserv without library caching - 111 MB VIRT / 21 MB RSS x number of processes
  • Virtualmin email daemon - 140 MB VIRT / 67 MB RSS
  • spamd - 276 MB VIRT / 2 MB RSS x number of children (depends on mail load)
  • Dovecot - 16 MB VIRT / 1 MB RSS
  • Postfix - 120 MB VIRT / ~5 MB RSS x 7 processes
  • Fail2ban - 1 GB VIRT / ~40 MB RSS - This one surprised me. The VIRT usage is huge on some systems, but it varies wildly.
  • saslauthd - 77 MB VIRT / 2 MB RSS
  • postgrey - 171 MB VIRT / 7 MB RSS
  • BIND - 232 MB VIRT / 29 MB RSS

Minimal mode currently leaves out clamd, spamd, Dovecot, SASL, and some other programs that run periodically like AWstats and Webalizer.

After looking over this list, I think --minimal should instead include Dovecot and SASL (they're small and useful) and leave out Fail2ban. I already removed mod_php relatively recently from the minimal LAMP target, and that is a pretty good win for memory.

So, what do y'all think? It seems like people want minimal to include a mail stack that can serve mail to clients (i.e. POP/IMAP and can receive mail sent from Thunderbird/Outlook/etc.), and now that I see just how little memory it takes, I'm on board with that.

Does everybody feel comfortable killing fail2ban for --minimal install while bringing back sasl and dovecot? I mean, we never configured fail2ban by default until the Virtualmin 6 installer, and it was never a major source of contention...so seems like a reasonable thing to kill.

Thu, 09/28/2017 - 04:59
Joe Pro Licensee
Joe's picture

So, I thunk on it for a while, and decided to go ahead and roll it out with these changes, as I think it's a better balance of functionality and memory usage.

--

Check out the forum guidelines!

Mon, 10/02/2017 - 15:52
adamjedgar

I dont know much about what should be include and what should be excluded, however what you have done has made a huge difference to system requirements...i can now easily run this thing on a micro google cloud instance (that was almost impossible before). Its resource usage is now comparable to my other standard vestacp and ispconfig installations.

Tue, 10/03/2017 - 15:53 (Reply to #3)
Joe Pro Licensee
Joe's picture

Yeah, I was testing on a Google micro instance! That was the toughest one to support, so it's the one I was using as my baseline. There's still some quirks to running on Google cloud, and I probably need to make a "no local mail at all" version for GCE, because they block all the ports on needs for mail.

--

Check out the forum guidelines!