The Apache mod_status module is one that I don’t hear about much anymore, but it is something that can be very useful when troubleshooting high CPU or Memory usage with Apache.
Taken it directly from the Apache documentation, mod_status provide you with details such as:
- The number of worker serving requests. - The number of idle worker. - The status of each worker, the number of requests that worker has performed and the total number of bytes served by the worker. - A total number of accesses and byte count served. - The time the server was started/restarted and the time it has been running for. - Averages giving the number of requests per second, the number of bytes served per second and the average number of bytes per request. - The current percentage CPU used by each worker and in total by all workers combined. - The current hosts and requests being processed.
Setting it up is simple. It only gets a bit complicated explaining it in a single blog post for multiple operating systems as it gets stored in different places depending on which distro your using.
I’ll outline the configuration location that it needs to be placed in below:
# CentOS 6 / CentOS 7 [root@web01 ~]# vim /etc/httpd/conf.d/status.conf # Ubuntu 12.04 [root@web01 ~]# vim /etc/apache2/conf.d/status.conf # Ubuntu 14.04 [root@web01 ~]# vim /etc/apache2/conf-available/status.conf
Using the correct location for your distro as shown above, use the following configuration to enable mod_status. Please be sure to update the AuthUserFile line accordingly for your distro:
<IfModule mod_status.c>
#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#
ExtendedStatus On
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Uncomment and change the ".example.com" to allow
# access from other hosts.
#
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from localhost ip6-localhost
<IfModule mod_rewrite.c>
RewriteEngine off
</IfModule>
Allow from 127.0.0.1
# On CentOS / RedHat systems, uncomment the following line
AuthUserFile /etc/httpd/status-htpasswd
# On Debian / Ubuntu systems, uncomment the following line
# AuthUserFile /etc/apache2/status-htpasswd
AuthName "Password protected"
AuthType Basic
Require valid-user
# Allow password-less access for allowed IPs
Satisfy any
</Location>
</IfModule>
Once you have the configuration in place, you can secure it with a username and password, and then enable it by:
# CentOS 6 / CentOS 7 [root@web01 ~]# htpasswd -c /etc/httpd/status-htpasswd serverinfo [root@web01 ~]# service httpd restart # Ubuntu 12.04 [root@web01 ~]# htpasswd -c /etc/apache2/status-htpasswd serverinfo [root@web01 ~]# service apache2 restart # Ubuntu 14.04 [root@web01 ~]# htpasswd -c /etc/apache2/status-htpasswd serverinfo [root@web01 ~]# a2enconf status.conf [root@web01 ~]# service apache2 restart
Now that mod_status is enabled and working when going to http://serverip/server-status, how can it help with troubleshooting?
Lets say you look at top, and you consistently see an Apache process maxing out a CPU, or using up a ton of memory. You can cross-reference the PID of that Apache child process against the same PID that you find within the server-status page. The requests are constantly changing, so you may need to refresh the /server-status page a couple of times to catch it.
To aid in the troubleshooting as you are trying to match up pids against what is shown in top, you can have the /server-status page refresh automatically by using the following in the URL:
http://serverip/server-status?refresh=2
Once you do locate it, it may give you some idea of what client, or what types of requests, are causing the resource contention issues. Usually it is a specific web application misbehaving, or a specific client is attacking a site.