HHVM Tuning

  • Disabling The Typechecker:

HHVM automatically runs the typechecker – this is useful in development, but assuming you have it running in your development workflow and in your CI system, there is not much additional benefit to running it in production, and the increased memory usage can be costly in production. To disable it, add the following to /etc/hhvm/server.ini:

Reference:
https://hub.docker.com/r/hhvm/hhvm-proxygen/

  • Switch to UNIX socket inside of port for fastcgi mode:

HHVM is considered for environments under heavy load so the first configuration change you can do is to make HHVM listen to a socket instead of a TCP port. Thus, the communication between Nginx and HHVM will require less CPU and memory.

Add this to: /etc/hhvm/server.ini

I also common out the port line to increase a bit of security.

Then change the Nginx config to hhvm as well:
/etc/nginx/hhvm.conf

  • Tweaking Memory:

By default the memory_limit is equal to 17179869184 bytes, which is 16 GB.
Such a high memory resource limit will certainly kill a server with a few GB of RAM, making it unresponsive.
I decrease this value to 500 MB for a 1 GB memory Server:

Add this to: /etc/hhvm/php.ini

Restart to apply the changes:

Reference:
https://www.digitalocean.com/community/tutorials/how-to-install-hhvm-with-nginx-on-ubuntu-14-04

  • A much more pushed example for a bigger server:

Reference:
https://github.com/facebook/hhvm/issues/7754

Ubuntu Server 16.04 firewall UFW configure

Ubuntu using UFW, I found it is easy to config for most of the people.

Here is my basic example configure:

First install ufw:

Which also installed the iptables package.

Then check the status:

Shout be disabled for fresh setup.

Next all my configure and enable ufw at the END:

Final status should looks like this:

Clean up Ubuntu Server 16.04 after installation

Just want share my first todo after a fresh new Ubuntu Server 16.04 installation:

I do this on a VM, therefor:

1.No require of LVM, because I just using the bare EXT4 filesystem.
2.MDadm for raid, no need for a VM.
3.LXD and SNAP, I don’t need run vms inside this VM.
4.grub-legacy-ec2 is for Amazon EC2, since this is a VMware VM it can be purge.

Only do these if you know what you are doing, run by your own risk.

Please let me know if you have any questions.

check_mk agent install on CentOS 7 by systemd

Here is the steps I install check_mk agent on CentOS 7 by systemd only without xinit.

first scp the rpm package to CentOS server, then install it:
rpm -ivh check-mk-agent-1.2.8p18-1.noarch.rpm

Open the port 6556:
firewall-cmd --permanent --add-port=6556/tcp
firewall-cmd --reload

Double check the status:
firewall-cmd --list-ports
firewall-cmd --list-services

Restart to make sure the check_mk_agent start on boot.

Hope this helps.

check_mk hang on start with mkeventd

1. Starting mkeventd (builtin: snmptrap)...Cannot bind UDP socket for snmptrap to port: Permission denied

2. It just hang and waiting forever on Starting mkeventd (builtin: snmptrap)...

I found a lot files in /opt/omd/sites/(sitename)/var/mkeventd/status.

Have to manually delete the status and history files to start the mkeventd.

HHVM 3.18.0 crash on Ubuntu 16.04 with Nginx

Just try to bring up an new HHVM host on Ubuntu 16.04 with Nginx.

But HHVM keep crush error in /var/log/hhvm/error.log
It created error log in /tmp

Here is a example:

Run ls -alt /var/run/hhvm
Since upgrading to 3.18, hhvm is unable to open hhvm.hhbc as it is created as root instead of www-data.

For now the workaround is to add the following to your configuration: /etc/hhvm/server.ini

Restart the HHVM service.

And it works.

Hope HHVM team can fix it in the next release.

Reference: https://github.com/facebook/hhvm/issues/7674

check_mk How to fix:Disk Mount Changes showing error

Sometimes few hosts in my check_mk build showing Disk Mount error.

For example:
“Mount options of / – – – – CRIT – mount options are
> > > acl,barrier=0,data=ordered,errors=remount-ro,noatime,rw,user_xattr,
> > > expected are barrier=0,data=ordered,errors=remount-ro,noatime,rw”

But there isn’t any changes recently.

I just su to my site and refresh the hosts manually:

Restart the check_mk, that will make the nonsense error goes away.

check_mk ALL Hoststate down, check_icmp: Failed to obtain ICMP socket: Operation not permitted

I upgrade my production check_mk site to the latest 1.2.8p14.

Suddenly all Hosts shows down.

Restart the site, everything back to normal.

This happens after I update check_mk to the latest stable Version: 1.2.8p14
Hope it helps.

check_mk outdate error message: Disk Mount Changes network interface speed wrong

A lot time I got these kind of wrong error message like:

Disk Mount changes but missing mount option.
Or Network interface 1 is 10GB but should be 1 GB.

Which is just the check_mk output outdate issue.

Here is what I do to refresh the $host in check_mk:

Sometimes I have to restart omd site, but it should be enough to give you back the correct output.

mongodb 3.2 logrotate

Installed latest mongodb 3.2 on Debian 8 Jessie.

It does not came with logrotate configure file.

Here is mine:

Add reopen in /etc/mongod.conf

Using -SIGUSR1 to rotate the log file:

/etc/logrotate.d/mongodb