• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Out of Memory Crashes - Daily at 4 AM

P

petroski2409

New Pleskian
Hello,

My server, which has been stable for months, has recently started having meltdowns at 4 AM every morning due to an Out of Memory event. The server shuts down and restarts all processes and carries on until the next event the next day.

The current environment particulars of this server are CentOS 5.9 (x86_64), Plesk 9.5.4, mySQL Ver 14.14 Distrib 5.5.32, PHP 5.3.25, Zend 2.3.0, ionCube 4.4.1 with all CentOS yum updates applied. I also subscribe to AtomiCorp's security product, Atomic Secured Linux version 3.2.14-31. My Linux kernel version is 3.2.46-53.art.x86_64

This all began on June 18th due to an update (from what I can tell) of mySQL and PHP. The reason that I note this is because the configuration files - my.cnf and php.ini, were replaced with new versions on that date. The reason that I suspect rather than know is that ASL uses yum to apply security updates and I am assuming that the mySQL, PHP and Linux kernels were applied at that time.

See link to messages-log.txt

(NOTE: this is a snippet, event shown repeats over and over ballooning the message log to plus/minus 20GB in a very short period of time ...)

Oh yes, IP address 77.10.98.79 is now blacklisted ...

See link to mysqld-log.txt

Anyone seem this behaviour before? Any ideas at all?

Thanks in advance for your assistance!

Peter
 
OOM Perl event caused by Logwatch

Hello,

Further to above issue, I have been able to track the OOM perl event to the logwatch application that runs every morning at 4 AM. With that information, I am able to, by running logwatch from the command line, to replicate the same issues consistently. FRom that, I was able to trace the PID and then to run strace on the execution of logwatch.pl

In looking through the log generated by strace, I'm seeing a lot of errors such as "No such file or directory", "Inappropriate ioctl for device", "Invalid Argument" and "Illegal Seek"

As I am not familiar with what the expected output is, I am hoping that someone might be able to shed some light on my problem. I am attaching the strace output file.

Thanks,
Peter
 

Attachments

  • logwatch-trace.txt
    549 KB · Views: 1
You must log in or register to reply here.

Similar threads

A
Issue Very high Memory high use and very low process
Replies
5
Views
6K
Antrax1
A
Dave W
Resolved Innodb corrupt after Plesk update
2
Replies
20
Views
5K
mizar
mizar
F
Issue Pretty bad problem: Server starts successfully and starts all services but stops them again.
Replies
1
Views
2K
Fuchur
F
Franco
Resolved Tables issues after MariaDB crash
Replies
6
Views
4K
DmBro
D
P
Troubleshooting repeated server crashes
Replies
7
Views
2K
Peter Downes
P
Back
Top