High load RAM (clamd)

Discussion in 'Installation/Configuration' started by gusto+, May 27, 2019.

  1. gusto+

    gusto+ New Member

    Sorry, but my English is very poor
    I installed minimal netinstall debian 9 stretch into LXC
    Code:
    arch: amd64
    cores: 1
    hostname: ispconfig
    memory: 1024
    net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.1.1,hwaddr=8E:F1:A1:8B:F7:7F,ip=192.168.1.107/24,type=veth
    ostype: debian
    rootfs: local-lvm:vm-107-disk-0,size=16G
    swap: 1024
    Then I installed
    Code:
    apt-get -y install ssh openssh-server
    apt update
    apt install nano mc
    apt install net-tools
    nano /etc/apt/sources.list
    Code:
    deb http://ftp.us.debian.org/debian/ stretch main contrib non-free
    deb-src http://ftp.us.debian.org/debian/ stretch main contrib non-free
     
    deb http://security.debian.org/debian-security stretch/updates main contrib non-free
    deb-src http://security.debian.org/debian-security stretch/updates main contrib non-free
    Code:
    apt update
    apt upgrade
    And I followed this manual
    Code:
    https://www.howtoforge.com/tutorial/ispconfig-automated-install-script/
    I didn't set up anything after installation and look at linux top command (clamd CPU 100% and mem 60%).
    CPU is down to 0-1% after 1-2 minutes, but Memory is still 60-70%
    Code:
      PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND                                                                                                                                                        
      101 clamav    20   0  829896 628416   1796 R  99,7 59,9   1:33.65 clamd                                                                                                                                                          
      354 mysql     20   0  682688  65176   3032 S   0,3  6,2   0:00.38 mysqld                                                                                                                                                          
      657 root      20   0   42796   1448    940 R   0,3  0,1   0:00.09 top                                                                                                                                                            
        1 root      20   0  139100   2272   1268 S   0,0  0,2   0:00.36 systemd                                                                                                                                                        
       45 root      20   0   46096   2832   2788 S   0,0  0,3   0:00.35 systemd-journal                                                                                                                                                
       65 root      20   0   29780    712    692 S   0,0  0,1   0:00.00 cron                                                                                                                                                            
       66 root      20   0   37984   1284   1168 S   0,0  0,1   0:00.02 systemd-logind                                                                                                                                                  
       72 clamav    20   0  152432   4828   1508 S   0,0  0,5   0:00.07 freshclam                                                                                                                                                      
       73 root      20   0  250116    612    612 S   0,0  0,1   0:00.06 rsyslogd                                                                                                                                                        
       77 message+  20   0   45132   1196   1028 S   0,0  0,1   0:00.04 dbus-daemon                                                                                                                                                    
       94 root      20   0   34080    240      0 S   0,0  0,0   0:00.01 inetd                                                                                                                                                          
      157 memcache  20   0  335684   1056    620 S   0,0  0,1   0:00.07 memcached                                                                                                                                                      
      158 bind      20   0  437704  17340   1576 S   0,0  1,7   0:00.16 named                                                                                                                                                          
      164 root      20   0  450176  31928  23064 S   0,0  3,0   0:00.21 php-fpm7.0                                                                                                                                                      
      188 root      20   0   69956   2424   1676 S   0,0  0,2   0:00.00 sshd                                                                                                                                                            
      191 root      20   0   14416    516    380 S   0,0  0,0   0:00.00 agetty                                                                                                                                                          
      192 opendkim  20   0  198424   1652    476 S   0,0  0,2   0:00.00 opendkim                                                                                                                                                        
      195 root      20   0   14416    556    424 S   0,0  0,1   0:00.00 agetty                                                                                                                                                          
      211 root      20   0   18004    868    536 S   0,0  0,1   0:00.00 dovecot                                                                                                                                                        
      214 dovecot   20   0    9492    108      0 S   0,0  0,0   0:00.00 anvil                                                                                                                                                          
      215 root      20   0    9624    628    336 S   0,0  0,1   0:00.00 log                                                                                                                                                            
      220 root      20   0   25172   1660    524 S   0,0  0,2   0:00.01 config                                                                                                                                                          
      236 root      20   0   95788    488      0 S   0,0  0,0   0:00.03 ntpd                                                                                                                                                            
      259 root      20   0  159892   1944      0 S   0,0  0,2   0:00.00 nginx
     
      
    here's cat /var/log/ispconfig_setup.log
    Code:
    https://textuploader.com/1d4lr
    I sorry to some parts of the Slovak language because I am Slovak
    I tried to install ispconfig on centos 7 as well
    Code:
    https://www.howtoforge.com/perfect-server-centos-7-x86_64-nginx-dovecot-ispconfig-3
    I made point 13
    Code:
    https://www.howtoforge.com/perfect-server-centos-7-x86_64-nginx-dovecot-ispconfig-3#-install-amavisdnew-spamassassin-and-clamav
    CPU and RAM again 100%
    Sorry, I can't insert links yet
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    It's ok that ClamAV and Amavis are using a lot of CPU for a short time after install and also after a server reboot. Memory usage is fine too. Normally you assign to a complete hosting server with mail, web, database, FTP, and DNS at least 2GB ram, you assigned just 1GB, so it is to be expected to get 100% RAM usage in your case.
     
  3. gusto+

    gusto+ New Member

    I have a small server. Overall, I have 8GB. Now I have increased RAM to 2GB.
    I always feel that the clamd consumes a lot of RAM
    Obrazovka z 2019-05-27 09:50:58.png Obrazovka z 2019-05-27 09:52:17.png
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, ClamD uses a lot of RAM. If you don't have enough RAM and not many email traffic, then you can try to stop the CalmAV daemon so that amavis will use a fallback to clamscan which is started on demand when an email arrives.
     
  5. gusto+

    gusto+ New Member

    Do you know advice on how to do it?
    thx
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Try:

    systemctl stop clamav-server

    and then check if mail system still works. If yes, you can disable the service permanently
     
  7. gusto+

    gusto+ New Member

    This doesn't work
    Code:
    [email protected]:~# systemctl stop clamav-server
    Failed to stop clamav-server.service: Unit clamav-server.service not loaded.
    [email protected]:~# systemctl status clamav-server
    Unit clamav-server.service could not be found.
    
    This works
    At first
    Code:
    [email protected]:~# systemctl status clamav-daemon
    ● clamav-daemon.service - Clam AntiVirus userspace daemon
       Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled)
      Drop-In: /etc/systemd/system/clamav-daemon.service.d
               └─extend.conf
       Active: active (running) since Mon 2019-05-27 07:44:45 UTC; 1h 43min ago
         Docs: man:clamd(8)
               man:clamd.conf(5)
               https://www.clamav.net/documents/
      Process: 95 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
      Process: 65 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=0/SUCCESS)
     Main PID: 99 (clamd)
        Tasks: 2 (limit: 4915)
       CGroup: /system.slice/clamav-daemon.service
               └─99 /usr/sbin/clamd --foreground=true
    
    may 27 07:46:40 ispconfig clamd[99]: Mon May 27 07:46:40 2019 -> Mail files support enabled.
    may 27 07:46:40 ispconfig clamd[99]: Mon May 27 07:46:40 2019 -> OLE2 support enabled.
    may 27 07:46:40 ispconfig clamd[99]: Mon May 27 07:46:40 2019 -> PDF support enabled.
    may 27 07:46:40 ispconfig clamd[99]: Mon May 27 07:46:40 2019 -> SWF support enabled.
    may 27 07:46:40 ispconfig clamd[99]: Mon May 27 07:46:40 2019 -> HTML support enabled.
    may 27 07:46:40 ispconfig clamd[99]: Mon May 27 07:46:40 2019 -> XMLDOCS support enabled.
    may 27 07:46:40 ispconfig clamd[99]: Mon May 27 07:46:40 2019 -> HWP3 support enabled.
    may 27 07:46:40 ispconfig clamd[99]: Mon May 27 07:46:40 2019 -> Self checking every 3600 seconds.
    may 27 08:45:46 ispconfig clamd[99]: Mon May 27 08:45:46 2019 -> Reading databases from /var/lib/clamav
    may 27 08:47:19 ispconfig clamd[99]: Mon May 27 08:47:19 2019 -> Database correctly reloaded (6139363 signatures)
    
    and then
    Code:
    systemctl stop clamav-daemon
    systemctl disable clamav-daemon
    Obrazovka z 2019-05-27 11:41:27.png
    BTW
    Mail doesn't work from scratch.
    If I enter http://192.168.1.107:8081/webmail
    I see
    Code:
    404 Not Found
    nginx/1.10.3
     
    Last edited: May 27, 2019
  8. till

    till Super Moderator Staff Member ISPConfig Developer

  9. gusto+

    gusto+ New Member

    In my first post:
    here's cat /var/log/ispconfig_setup.log
    https://textuploader.com/1d4lr
    Look at the end
    Code:
    ...
    Installing Webmail client (Roundcube)... Installing Webmail client Plugins (Roundcube)... [DONE]
    ...
    You will need to edit the username and password in /var/lib/roundcube/plugins/ispconfig3_account/config/config.inc.php of the roundcube user, as the one you set in ISPconfig
    phpMyAdmin is accessible at: http://ispconfig.com:8081/phpmyadmin or http://192.168.1.107:8081/phpmyadmin
    Webmail is accessible at: http://ispconfig.com:8081/webmail or http://192.168.1.107:8081/webmail
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Try what I suggested above.
     

Share This Page