Zoinkies

vCPU of 2 will allow CPU usage up to the equivalent of 2 cores - that could be a single process at 200% CPU or 4 processes at 50%. The more processes the website has, the less CPU each process will have available. This is why, if you are limiting CPU, you should also limit nproc to prevent processes from building up.

prasad0889 @Zoinkies and @Adam Is there some different implementation in cPanel/Cloudlinux, because we have never seen the same problem happening there. Same resources same processors but never faced an issue.

CloudLinux I believe has a very different implementation of resource limits however if it's the nproc limit you're hitting and it's a hard limit with CloudLinux too then the behaviour should be the same. I would suggest the difference could be down to how long the request takes to execute or potentially the PHP SAPI being used?

prasad0889 I’ve noticed the same thing, my cPanel performance is a tad-faster than Enhance performance, on identical servers. I’ve also noticed that LS Enterprise doesn’t behave the same either.

prasad0889 @Adam, You are right, there is a longer time in Enhance to execute the request as compare to cPanel. Even when we have the same server, with the same resource limitation, in Enhance when we watch the system load, it increases heavily, whereas in cPanel it didn't happen like that. Also, the other sites are not affected here, but the processing time for the website becomes very long with lots of 503 errors.

I am failing to understand why lsphp requests go in D mode for so long?

D state means the process is waiting for I/O. Did you possibly set the I/O bandwidth or IOPS resource limits? If not then it's likely to be related to the speed of the server's hard disk which Enhance doesn't influence.

prasad0889 @Adam we run PCIe 4.0 NVMe so I am pretty sure that it's not the bottleneck. We have set it to 10,000 for IOPS and 100 MB/s Disk I/O which is double of the cPanel value where we had 5000 IOPS and 50 MB/s disk I/O. Whenever a website is stuck in D mode, we have to manually increase its CPU to a few more cores and then the load comes down. The same website/websites worked perfectly fine earlier with 2 cores and 2 gb ram on cPanel and is now giving many problems.

It's possible that CloudLinux allows more burst whereas the cgroups limits Enhance applies are max values. If it happens again can you try increasing the IOPS and I/O settings rather than the CPU to see if that helps?

If you're stuck and it's a reproducible problem please feel free to send a support ticket, we can investigate further.

Any news here abou this issue?

paul-bob Any news here abou this issue?

There are quite a few separate issues being discussed in this thread. Can you elaborate?

If you have a site which is hitting the nproc limit with very low traffic, the other possibility is that it has malware and it's doing something nefarious with every request. Try (as root) attaching strace to one of the PHP processes.

strace -s 2048 -f -p 12345

The -s flag sets the limit of the string length that will be printed. The -f flag will follow any child processes that are spawned.

Where 12345 is the pid of the process you want to examine.

gmakhs yeah CL has "burstable" limits, it's forgiving of overages. If the site can't run properly with 35 nproc AND they don't get a huge amount of traffic, then it's an issue with the code on their site = buggy plugin or theme. Fix the buggy code and they won't hit limits anymore. Fix the buggy code or increase the limits.

twest

Correct, the limits applied in Enhance are hard limits. They are applied with Linux v2 cgroups which is a core feature of the kernel and works exactly as designed. The nproc limit doesn't kill processes, it prevents them being forked in the first place.

If the site is hitting limits that it didn't on the previous server, it could be to do with full page caching (or lack thereof), MySQL optimisations, CPU/disk performance or many other factors. Generally unless your server is CPU or IO limited it's better to remove the CPU, IOPS and IO limits and just retain RAM and NPROC restrictions. Limiting CPU time means the processes will take longer to serve a request and this will in turn lead to higher RAM and process usage.

Adam
I am not sure it's wise to remove the limits on a shared hosting server were there can be abusers , it seems that the issue lies somewhere else with how the limits work, it can't be that a site on the same hardware creates more issues on a server with enhance compared to cl, when cl server has even more websites within it.

Cl recommends a nproc limit of 100 which is what I am using , on enhance I reduce it but it creates issues in most websites .

gmakhs

Enhance uses the default v2 cgroups built into the kernel. CloudLinux, on the other hand, uses the same cgroups technology but has heavily modified and tweaked it to make it more advanced and stable.

We always set 100 Nproc and 1024 IOPS for all packages, while RAM, CPU, and IO bandwidth are adjusted according to the package. We've never had issues with this setup. Only when we find a user abusing MySQL do we add them to the cPFence Owl blacklist to handle it. Other than that, the cgroups limits have been serving us well.

Major hosting providers typically set top-level shared hosting plans to 1 vCPU, 1024 IOPS, 8 MB I/O bandwidth, and 1 GB RAM, lowering these limits for smaller plans. You should have no issues if you imitate this setup.

gmakhs what webserver are you using ?

mike litespeed enterprise,

gmakhs

What are the system resource settings in the Enhance packages you are using?

If you use the system resource settings I mentioned above, you should have no issues. The only thing that can bypass these settings is a user abusing MySQL with a poorly written PHP script, plugin, theme, etc.