Tweet
We are testing the lve limits on a virtual server with 512 ram and 2 cores (2.8 ghz).
We defined these lve limits:
<?xml version="1.0" encoding="utf-8"?>
<lveconfig>
<defaults>
<cpu limit="25"/>
<ncpu limit="1"/>
<io limit="1024"/>
<vmem limit="0"/>
<pmem limit="262144"/>
<nproc limit="100"/>
<other maxentryprocs="20"/>
<mem limit="262144"/>
<iops limit="1024"/>
</defaults>
<enter-by-name/>
<lve id="502">
<cpu limit="50%"/>
<pmem limit="128"/>
</lve>
<lve id="503">
<cpu limit="50%"/>
<pmem limit="128"/>
</lve>
</lveconfig>
To simulate the high use of resources, we ran a DoS attack that explore a xmlrpc vulnerability on wordpress. Our lveps (lveps -w -p -d) output:
ID EP PNO PID TNO TID SPEED MEM IO IOPS
ihac 1 3 --- 3 --- 50% 14 0 0
--- --- 170845 --- 170845 49% 1 N/A N/A
--- --- 170844 --- 170844 0% 0 N/A N/A
--- --- 169562 --- 169562 0% 3 N/A N/A
quimica 0 2 --- 2 --- 0% 1 0 0
--- --- 153166 --- 153166 0% 1 N/A N/A
--- --- 153165 --- 153165 0% 1 N/A N/A
After we stopped the attack and killed the php handle process, the ihac customer exit the lve environment:
ID EP PNO PID TNO TID SPEED MEM IO IOPS
quimica 0 2 --- 2 --- 0% 1 0 0
--- --- 153166 --- 153166 0% 1 N/A N/A
--- --- 153165 --- 153165 0% 1 N/A N/A
But when we access the site again we get the same internal server error.
See lveps after to access again:
ID EP PNO PID TNO TID SPEED MEM IO IOPS
ihac 1 3 --- 3 --- 44% 32 0 0
--- --- 171026 --- 171026 42% 1 N/A N/A
--- --- 171024 --- 171024 0% 0 N/A N/A
--- --- 169101 --- 169101 0% 3 N/A N/A
quimica 0 2 --- 2 --- 0% 1 0 0
--- --- 153166 --- 153166 0% 1 N/A N/A
--- --- 153165 --- 153165 0% 1 N/A N/A
We restart the apache service and nothing... The error continues..
[719740.398441] Out of memory in UB 503: OOM killed process 171307 (php-cgi) score 0 vm:255392kB, rss:1732kB, swap:47048kB
How to solve this ?
We defined these lve limits:
<?xml version="1.0" encoding="utf-8"?>
<lveconfig>
<defaults>
<cpu limit="25"/>
<ncpu limit="1"/>
<io limit="1024"/>
<vmem limit="0"/>
<pmem limit="262144"/>
<nproc limit="100"/>
<other maxentryprocs="20"/>
<mem limit="262144"/>
<iops limit="1024"/>
</defaults>
<enter-by-name/>
<lve id="502">
<cpu limit="50%"/>
<pmem limit="128"/>
</lve>
<lve id="503">
<cpu limit="50%"/>
<pmem limit="128"/>
</lve>
</lveconfig>
To simulate the high use of resources, we ran a DoS attack that explore a xmlrpc vulnerability on wordpress. Our lveps (lveps -w -p -d) output:
ID EP PNO PID TNO TID SPEED MEM IO IOPS
ihac 1 3 --- 3 --- 50% 14 0 0
--- --- 170845 --- 170845 49% 1 N/A N/A
--- --- 170844 --- 170844 0% 0 N/A N/A
--- --- 169562 --- 169562 0% 3 N/A N/A
quimica 0 2 --- 2 --- 0% 1 0 0
--- --- 153166 --- 153166 0% 1 N/A N/A
--- --- 153165 --- 153165 0% 1 N/A N/A
After we stopped the attack and killed the php handle process, the ihac customer exit the lve environment:
ID EP PNO PID TNO TID SPEED MEM IO IOPS
quimica 0 2 --- 2 --- 0% 1 0 0
--- --- 153166 --- 153166 0% 1 N/A N/A
--- --- 153165 --- 153165 0% 1 N/A N/A
But when we access the site again we get the same internal server error.
See lveps after to access again:
ID EP PNO PID TNO TID SPEED MEM IO IOPS
ihac 1 3 --- 3 --- 44% 32 0 0
--- --- 171026 --- 171026 42% 1 N/A N/A
--- --- 171024 --- 171024 0% 0 N/A N/A
--- --- 169101 --- 169101 0% 3 N/A N/A
quimica 0 2 --- 2 --- 0% 1 0 0
--- --- 153166 --- 153166 0% 1 N/A N/A
--- --- 153165 --- 153165 0% 1 N/A N/A
We restart the apache service and nothing... The error continues..
[719740.398441] Out of memory in UB 503: OOM killed process 171307 (php-cgi) score 0 vm:255392kB, rss:1732kB, swap:47048kB
How to solve this ?
Comment