[horde] Sessions consuming CPU
Simon Wilson
simon at simonandkate.net
Tue Nov 15 01:38:19 UTC 2011
----- Message from Andrew Morgan <morgan at orst.edu> ---------
Date: Mon, 14 Nov 2011 14:52:08 -0800 (PST)
From: Andrew Morgan <morgan at orst.edu>
Subject: Re: [horde] Sessions consuming CPU
To: Simon Wilson <simon at simonandkate.net>
Cc: horde at lists.horde.org
> On Tue, 15 Nov 2011, Simon Wilson wrote:
>
>> ----- Message from Simon Wilson <simon at simonandkate.net> ---------
>> Date: Sat, 05 Nov 2011 13:52:03 +1000
>> From: Simon Wilson <simon at simonandkate.net>
>> Subject: Re: [horde] Sessions consuming CPU
>> To: Michael M Slusarz <slusarz at horde.org>
>> Cc: horde at lists.horde.org
>>
>>
>>>> Quoting Eric Jon Rostetter <eric.rostetter at physics.utexas.edu>:
>>>>
>>>>> Quoting Michael M Slusarz <slusarz at horde.org>:
>>>>>
>>>>>> This can be safely ignored. Although, you should configure IMP
>>>>>> NOT to use TLS connections
>>>>>
>>>>> Only if you can safely do so! Assuming a private connection or both
>>>>> services on the same host, yes. Assuming the network between the two
>>>>> is relatively safe from sniffing, yes. But if people have access to
>>>>> the network between them, then no.
>>>>
>>>> Yes, this is correct. However, this doesn't mean much since, in
>>>> most situations, plaintext authentication won't be offered (as
>>>> required by default per the RFC), so there is no security issue.
>>>> Furthermore, TLS connections should theoretically NEVER fail
>>>> because they are required by IMAP4rev1.
>>>>
>>>> Further, I would guess a large percentage of users are running
>>>> IMAP on the same server they are using Horde on, so TLS would
>>>> theoretically not be needed in this situation (many IMAP servers
>>>> will offer plaintext authentication options on connections from
>>>> localhost).
>>>>
>>>
>>> IMAP is on a different server, I'd prefer to leave TLS on.
>>>
>>> The error message may be able to be safely ignored - but it occurs
>>> at the point in time that the CPU usage hits the roof and stays
>>> there. So if ignorable, then it aoppears to be a symptom of
>>> whatever is happening that causes the issue.
>>>
>>> I will follow up with the 'old cached javascript' and see if that helps.
>>>
>>> Although the fact that it does it even with no connected PCs /
>>> clients seems strange to me.
>>>
>>> The Horde web server was getting no HTTP requests at all throughout.
>>>
>>> Given that deleting the session files fixed it, should I be doing
>>> that when I upgrade? Or how else do I force clients to clear cache
>>> when some of them are not under my immediate control?
>>>
>>> Simon.
>>>
>>
>> OK, it did it again this morning just after 7am. No upgrades have
>> been done, and nothing admin was happening at that time.
>>
>> Started getting some segfaults in httpd, which are picked up
>> automatically resulting in a httpd restart and an email alert to
>> me. Noted 100% CPU.
>>
>> Rebooted server, httpd continued at 100%.
>>
>> Checked sessions, and deleted them all. Restart httpd - remain at
>> 0% until after about 45 seconds my wife's iPhone generates a
>> session file in /var/lib/php/session. As soon as that appears, CPU
>> usage hits 100%.
>>
>> I asked her to reboot her phone, and while she was doing so I
>> deleted the old session file. Upon her phone rebooting, CPU usage
>> remains at usual < 5% levels. Problem has now gone away for a while.
>>
>> No IMAP errors this time, so that was a wild goose apparently.
>>
>> Something in the iPhone session causing some issues? I have the
>> session file if it will help.
>
> Do you have a cronjob for php5 in /etc/cron.d/? On my Debian
> systems, there is a cron job that expires old sessions.
>
> Andy
No php cron job.
Disable activesync in Horde Configuration and the problem goes away.
It would appear to be related to the iPhones / iPad sessions somehow.
Nothing has changed though - not on the phones, not on the server.
Just since 7.10 this morning getting the CPU utilisation from iOS
sessions.
Simon
More information about the horde
mailing list