Disconnected VPS for exceeding RAM

VANY2016-05-26 22:42:22

Network administration

VANY, 2016-05-26 22:42:22

Disconnected VPS for exceeding RAM - what to do?

There is a VPS, it has CentOS 6.7, VestaCP. 5 sites on vp, attendance 100 per day in general.
Today, the "zhor" of memory has grown sharply, first the main one up to 1GB, and then the swap up to 1.4 GB. Hosting server turned off. They do not say anywhere that they are required to notify. The reason - as they said, ddos. I did not go to the sites, no one told me from the subordinates - the server lay for 5 hours.
Are there any "self-control" tools for server linux systems, or for Vesta, so that there are no such "unexpected" moments? Let's say if the swap has grown to 1GB - somehow limit its further growth.

Answer the question

In order to leave comments, you need to log in

8 answer(s)

#algooptimize #bottize, 2016-05-26
@user004

Linux process memory control
here try to look

Ivan, 2016-05-26
@LiguidCool

Zabbix, Nagios.

landergate, 2016-05-26
@landergate

Judging by your story, the server (or its IP) was disabled due to DDoS , not RAM.
This is a common practice for hosting companies whose infrastructure is not sufficiently protected from network attacks, since such overloads affect the quality of services of other clients (after all, everyone has a common infrastructure).
You can set up resource monitoring to see what happened shortly before the server went down with network/packets/other resources.
Try to put some CDN service in front of the site, which will become a layer between the attacks and your site.
Try to buy a small VPS from a DDoS-protected provider and make it the front end of the service. Or buy a bigger VPS to migrate the entire service to it.

zooks, 2016-05-27
@zooks

I had a memory bug because of Apache. I dropped it in favor of nginx and the problem does not reoccur.
Actually read the logs.
Yandex.Metrica and the internal service of the hosting service (via SMS) signal me about the unavailability of the server.

Nicholas, 2016-05-27
@ACCNCC

If DDoS then you need to run the server via CDN
https://www.cloudflare.com/features-cdn/

spotifi, 2016-05-27
@spotifi

If this is DDoS, then:
Get a hosting provider that has DDoS protection. For example, from the budget - ruweb.net has it. The base level is included in the price. Additional DDoS is available for extra money and not expensive. Basic enough for a lot.
Analyze logs. The attack was probably only on 1 site.
Scatter 5 sites across five small VDS. In extreme cases, you will lose only the site.
Memory consumption depends on the architecture of your application. Perhaps it can be configured programmatically to stop memory consuming. But the server will still lie down. But the hoster will not turn off and you will control the process.
Outside control is carried out, for example, through Yandex Metrika. From inside the server - for example, through Zabbix.
Make an IP filer on DNS. For example, zilore can.
But it will need a second server. For big guarantees - at other hoster. Then there will be some protection from DDoS and from accidents in the data center and on communication channels to it.

Vlad Zhivotnev, 2016-05-27
@inkvizitor68sl

Get the hell out of this hosting.
The hoster sold the resources, how much you consume them should not be a concern.
Go where virtualization is on KVM.
If it was disabled for ddos (hardly at all, rather it was school-dos, which a normal hoster would not pay attention to), then man cloudflare.

Puma Thailand, 2016-05-27
@opium

webpulsar