不知道为啥最近服务器总是爆内存死掉
多方求助下东哥给了一段流弊的解决方案:
iptables -A INPUT -p tcp --dport 80 --tcp-flags FIN,SYN,RST,ACK SYN -m connlimit --connlimit-above 10 --connlimit-mask 32 --connlimit-saddr -j REJECT --reject-with tcp-reset iptables-save >/etc/sysconfig/iptables
但是我在运行的时候却提示 connlimit-saddr 有问题.
查了一番估计可能是iptables版本过低,赶紧升级一下:
yum update rpm -e --nodeps iptables-1.4.7-9.el6.i686 rpm -e --nodeps iptables-ipv6-1.4.7-9.el6.i686 yum groupinstall 'Development Tools' wget http://www.netfilter.org/projects/iptables/files/iptables-1.4.19.tar.bz2 tar jxvf iptables-1.4.19.tar.bz2 cd iptables-1.4.19 LDFLAGS="-L$PWD/libiptc/.libs" ./configure --prefix=/usr --exec-prefix= --bindir=/usr/bin --with-xtlibdir=/lib/xtables --with-pkgconfigdir=/usr/lib/pkgconfig --enable-libipq --enable-devel make make install
不幸的是折腾一番后问题还是未解决…
明天继续吧.悲囧
linode关于爆内存重启的解决办法:
https://www.linode.com/wiki/index.php/Rebooting_on_OOM
Rebooting on OOM
In some situations, it may be beneficial to have your Linode automatically reboot if it runs out of memory. You can leverage a couple kernel settings and Lassie to make this happen.
NOTE: This is an inherently unclean reboot. You will encounter disk corruption or other tragedies if this occurs at a bad time. Additionally, if you end up in a situation where you run out of memory right after boot, you’ll enter an unclean reboot loop which will increase your chances of having a tragic day. The most important rule is to always ensure you have up-to-date, available, off-site backups of your Linode’s data. In the event non-backed-up data is lost, please send a self-addressed, stamped envelope to World’s Smallest Violin Giveaway, Box 17821, Pound Ridge Station.
Enable Lassie
Lassie, the Linode Autonomous System Shutdown Intelligent rEbooter, will issue a boot command should it find your kernel not running. You can ensure this is enabled from the Dashboard at Settings & Utilities -> Shutdown Watchdog.
Edit /etc/sysctl.conf
Adding the following two lines to your /etc/sysctl.conf will cause it to reboot after running out of memory:
vm.panic_on_oom=1 kernel.panic=10
The vm.panic_on_oom=1 line enables panic on OOM; the kernel.panic=10 line tells the kernel to reboot ten seconds after panicking.
[edit]Make the change live
You can make the change live now (vs. on a reboot) with:
echo 1 > /proc/sys/vm/panic_on_oom echo 10 > /proc/sys/kernel/panic
