What is CloudLinux and LVE resource limits?

269ac00f765508cb74b25d006dbf5bb2

Written by Dennis Nind

Last published at: April 17th, 2019

What are CloudLinux and LVE limits?

CloudLinux improves the stability of a server by limiting each client in an isolated, secure environment called a Lightweight Virtual Environment (LVE), a kernel technology developed by CloudLinux.

In shared hosting, the most common reason for downtime is a single account slowing down other accounts on the server. If one customer is using an unfair amount of resources (e.g. due to being under a DDoS attack, poorly written script, etc.), the server would become slow or go down completely, affecting all other customers on the server. 

With CloudLinux, we are able to isolate the impact to the offending tenant only, while all other sites remain unaffected. CloudLinux improves the general stability and performance of the server by imposing limits on the amount of resources that can be consumed by a single user.

What happens when an account reaches its resource limits?

This depends on the type of 'resource' you are hitting.

For example, if you are hitting CPU, or IO then the site will begin to slow down (or, will be 'throttled'). However, if you are hitting 'Entry Processes' (EP) or 'Memory' (PMEM) limits then the site will display a '503 Error'. 

The account consuming too many resources will temporarily stop working until their resource usage returns to normal. Meanwhile, the other tenants on the server will continue to run normally.

When an account hits the 'LVE Limits' for a particular resource, we record something we call a 'fault', along with a 'snapshot' which allow us to diagnose why those limits are being hit. These are explained below...

LVE 'Faults'

An LVE 'Fault' is a recording of the 'resource type' being hit, along with the time / date / username

LVE 'Snapshots' 

When an LVE fault occurs, a snapshot is recorded. A snapshot is a list of processes running at the time of the LVE fault being hit, allowing users to further investigate the reason an account is hitting those resource limits. 

Several snapshots can be generated for a particular 'fault' or incident. 

Limits are put in place to protect against abusers and bad scripts, and not restrict normal usage of an account. We have set very generous limits for our hosting plans, and thus customers' will not see a degrade in performance, but rather see the reliability and stability of their server improve over time.

CageFS

CloudLinux includes CageFS – a virtualized per-user file system that uniquely isolating each customer's files and running processes, preventing users from seeing each other and potentially exploiting sensitive information. CageFS offers complete isolation and prevents a large number of attacks, such as privilege escalation and information disclosure attacks.

How to monitor resource usage

At any time you can see how much server resources your account is consuming. Simply log into cPanel and look at the resource usage stats on the right-hand side.

Resource usage is calculated relative to the limits applied to your account only, and not the entire server.

For example, if your account allows 2 CPU Cores and 2048 MB RAM:

  • A CPU usage of 50% would mean that your account is currently maxing out 1 CPU Core.
  • Memory usage of 50% would mean that your account is using 1024 MB RAM.

You are also able to check the 'CPU and Concurrent Connections' screen.

The CPU and Concurrent Connection Usage is a resource monitoring tool that lets you view detailed information about problematic processes and database queries running on your account. The information can then help you determine why a resource limit was triggered.

Here at Brixly, each cPanel account has 'LVE Limits', which enable us to keep stability on a shared hosting environment by preventing a single site, or account from exceeding those resource allowances.

Depending on your account’s resource usage, you may see the following summary displays on the CPU and Concurrent Connection’s Resource Usage Overview page:


There has been no activity on your site within the past 24 hours:


If you see this message, your account did not trigger any limits within the past 24 hours.


Your site has been limited within the past 24 hours:

If you see this message, your account triggered at least one resource limit within the past 24 hours. cPanel will also display additional information about which of those resources have triggered the limit.


Your site might hit resource limits soon:

If you see this message, then the system is a warning that the account 'may' exceed resource limits in the near future. 


Viewing detailed resource usage information

1. Under Metrics click CPU and Concurrent Connection Usage.

2. Your account’s status will be displayed on the Resources Usage Overview page. Click on Details for more information.

3. How resources are utilized will be displayed in the form of graphs and tabular data.


Understanding Current Usage stats

CPU Usage specifies how much of the allocated CPU resources your account is currently using. If CPU reaches 100% it means that your account is using all of the CPU resources allocated, and any new processes will be put in a queue until existing processes complete. This can cause your website to slow down dramatically and even time out. It is worth pointing out though, that the graphs / usage for these will fluctuate, so its perfectly normal to see occasionally the CPU usage as high, which then drops shortly afterwards.

inodes Usage indicates the number of files and folders you have on your account. An inode is a record in your account’s disk table – each record represents information about a file or folder (such as its size, owner, etc., except data content and file name). The more files/folders you have, the more inodes you use; and the more inodes you use, the more system resources your account consumes. If your account has reached the maximum number of inodes, you may experience problems with uploading files, receiving emails, backing up your website properly, and seeing errors when accessing your website.

How to reduce the number of inodes your account uses?

Since the number of inodes equals the total number of files and folders on your web hosting account, to reduce your inode usage, you would have to reduce the number of files and folders on your account. This can easily be done by removing files and folders that you no longer need.

I/O Usage (input/output) represents how much I/O (or disk activity) your account is using. Simply put, it is the speed of data transfer between the hard disk and RAM. Every time you make use of the server disk drive (such as reading or writing to the server), you will consume I/O. Websites that stream a large number of media or that has many database records will have a higher I/O usage. In the event that your account nears your I/O limit, you will not see errors on your website. Instead, your website simply stalls while it waits for the data to transfer from the hard disk to the RAM. If you are hitting your IO limits when moving files through FTP, then we would recommend first ‘zipping’ or compressing large volumes of files / folders to a single file, then uploading and using ‘Extract’ within the File Manager.

IOPS stands for “Input/Output Operations Per Second”. It is a limit on the total number of read/write operations per second. When the limit is reached, the read/write operations stop until current second expires.

Entry Processes is the number of PHP, CGI, etc scripts you can have running at a single time. Note that this number doesn’t equate the number of visitors you can have on your website at a single time. An “Entry Process” generally takes only a second to complete. For example, if you run WordPress (which is written in PHP) on your website, each time a visitor comes to your homepage, the server will process the page request – that is one process. As soon as your homepage loads in their browser, it no longer counts as a process, until the visitor does something else to generate another process, say open another page on your website. However, if you notice a high Entry Processes number but you have a low traffic website, it could mean something is wrong with your PHP scripts – an entry process can also be caused by an outdated WordPress item, such as a plugin or even a theme. If Entry Processes are hit, then your visitors may experience a 503 Resource Limit Reached error.

Number of processes is the number of active processes your account can process simultaneously. This number includes all processes generated by your account

Physical Memory Usage (RAM) is the actual memory allocated for your account.


Viewing resource usage snapshots

Snapshots allow you to investigate the reason your account is hitting its limits.

1.  On the Resources Usage Overview page, Click on Snapshots.

2. Select the date you want to view from the calendar.

3. From the Choose snapshot drop-down menu, select the snapshot for the specific time you want to view.

4. You can use the Previous snapshot and Next snapshot to move to the previous or next snapshot(s).

Resource Boost

If your account is exceeding its LVE limits, then contact us via support@brixly.uk to request for your resources to be increased (a small charge will apply)