From 194375214939e835283cfdc15dc9902e8411e47a Mon Sep 17 00:00:00 2001 From: André Malo Date: Sun, 22 Dec 2002 22:31:24 +0000 Subject: - mpm_common: * fixed the s in mpm_common * moved AcceptMutex to mpm_common; document the mutex mechanism "posixsem" * added BS2000Account to mpm_common (I'm not sure, whether it should appear here or elsewhere. It *seems* to be supported only by prefork and perchild (if perchild would work)). The description is obtained from the 1.3 docs. * fixed several default values * moved MaxThreadsPerChild and NumServers out to perchild (btw: we could consider to rename NumServers to StartServers...) * rearranged some stuff and added several comments, that I found useful ;-) - mpm_netware: * MaxThreads 2048 (as maximum and default) - perchild: * extended the explanations about using different user ids. Hope, that's correct. * extended and adjusted the directive descriptions (remember, NumServers and MaxThreadsPerChild moved in) - prefork: * moved AcceptMutex to mpm_common (as stated already above) - mpm_winnt: * added reference to ScoreBoardFile - worker: * added reference to AcceptMutex - general: markup & formatting git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98075 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/mod/mpm_common.xml | 558 +++++++++++++++++++++++++++-------------- 1 file changed, 366 insertions(+), 192 deletions(-) (limited to 'docs/manual/mod/mpm_common.xml') diff --git a/docs/manual/mod/mpm_common.xml b/docs/manual/mod/mpm_common.xml index 2248917ea6..ac61a4dddd 100644 --- a/docs/manual/mod/mpm_common.xml +++ b/docs/manual/mod/mpm_common.xml @@ -8,6 +8,89 @@ more than one multi-processing module (MPM) MPM + +AcceptMutex +Method that Apache uses to serialize multiple children +accepting requests on network sockets +AcceptMutex Default|method +AcceptMutex Default +server config +leaderperchild +preforkthreadpoolworker + + + +

The AcceptMutex directives sets the + method that Apache uses to serialize multiple children accepting + requests on network sockets. Prior to Apache 2.0, the method was + selectable only at compile time. The optimal method to use is + highly architecture and platform dependent. For further details, + see the performance tuning + documentation.

+ +

If this directive is set to Default, then the + compile-time selected default will be used. Other possible + methods are listed below. Note that not all methods are + available on all platforms. If a method is specified which is + not available, a message will be written to the error log + listing the available methods.

+ +
+
flock
+
uses the flock(2) system call to lock the + file defined by the LockFile directive.
+ +
fcntl
+
uses the fnctl(2) system call to lock the + file defined by the LockFile directive.
+ +
posixsem
+
uses POSIX compatible semaphores to implement the mutex.
+ +
pthread
+
uses POSIX mutexes as implemented by the POSIX Threads + (PThreads) specification.
+ +
sysvsem
+
uses SySV-style semaphores to implement the mutex.
+
+ +

If you want to find out the compile time chosen default + for your system, you may set your LogLevel to debug. Then the default AcceptMutex will be written into the ErrorLog.

+ + + + +BS2000Account +Define the non-privileged account on BS2000 +machines +BS2000Account account +server config +perchildprefork +Only available for BS2000 machines + + +

The BS2000Account directive is available for + BS2000 hosts only. It must be used to define the account number for + the non-privileged apache server user (which was configured using the + User directive). This is + required by the BS2000 POSIX subsystem (to change the underlying BS2000 + task environment by performing a sub-LOGON) to prevent CGI scripts + from accessing resources of the privileged account which started the + server, usually SYSROOT.

+ + Note +

Only one BS2000Account directive can be used.

+ + +Apache EBCDIC port + + CoreDumpDirectory Directory where Apache attempts to @@ -15,12 +98,11 @@ switch before dumping core CoreDumpDirectory directory See usage for the default setting server config -workerperchild -preforkmpm_winnt - +beosleader +mpm_winntperchildprefork +threadpoolworker -

This controls the directory to which Apache attempts to switch before dumping core. The default is in the ServerRoot directory, however @@ -37,43 +119,54 @@ switch before dumping core requests Group unix-group Group #-1 -server configvirtual host - -workerperchild -prefork +server config +beosleader +mpmt_os2perchildprefork +threadpoolworker +Only valid in global server config since Apache +2.0

The Group directive sets the group under which the server will answer requests. In order to use this - directive, the stand-alone server must be run initially as root. - Unix-group is one of:

+ directive, the server must be run initially as root. If you start the + server as a non-root user, it will fail to change to the specified + group, and will instead continue to run as the group of the original + user. Unix-group is one of:

A group name
-
Refers to the given group by name.
-
# followed by a group number.
- +
# followed by a group number.
Refers to a group by its number.
+ + Example + Group www-group + +

It is recommended that you set up a new group specifically for running the server. Some admins use user nobody, but this is not always possible or desirable.

- Group www-group + Security +

Don't set Group (or User) to root unless + you know exactly what you are doing, and what the dangers are.

+ -

Note: if you start the server as a non-root user, it will - fail to change to the specified group, and will instead - continue to run as the group of the original user.

+

Special note: Use of this directive in VirtualHost is no longer supported. To + configure your server for suexec use + SuexecUserGroup.

-

Special note: Use of this directive in <VirtualHost> is - no longer supported. To implement the suEXEC wrapper with Apache 2.0, use the - SuexecUserGroup - directive. SECURITY: See User for a discussion of the - security considerations.

+ Note +

Although the Group directive is present + in the beos and mpmt_os2 MPMs, + it is actually a no-op there and only exists for compatibility + reasons.

+ @@ -84,30 +177,38 @@ of the daemon PidFile filename PidFile logs/httpd.pid server config -workerperchild -preforkmpm_winnt - +beosleader +mpm_winntmpmt_os2 +perchildprefork +threadpoolworker

The PidFile directive sets the file to which the server records the process id of the daemon. If the - filename does not begin with a slash (/) then it is assumed to be - relative to the ServerRoot.

+ filename is not absolute then it is assumed to be relative to the + ServerRoot.

Example PidFile /var/run/apache.pid

It is often useful to be able to send the server a signal, - so that it closes and then reopens its ErrorLog and TransferLog, and + so that it closes and then re-opens its ErrorLog and TransferLog, and re-reads its configuration files. This is done by sending a SIGHUP (kill -1) signal to the process id listed in the - PidFile.

+ PidFile.

The PidFile is subject to the same warnings about log file placement and security.

+ + Note + As of Apache 2 it is recommended to use only the apachectl script for + (re-)starting or stopping the server. + @@ -117,28 +218,31 @@ of the daemon listens to Listen [IP-address:]portnumber server config -workerperchild -preforkmpm_winnt +beosleader +mpm_netwarempm_winnt +mpmt_os2perchild +preforkthreadpoolworker +Required directive since Apache 2.0

The Listen directive instructs Apache to listen to only specific IP addresses or ports; by default it - responds to requests on all IP interfaces. The Listen directive is - now a required directive. If it is not in the config file, the + responds to requests on all IP interfaces. Listen + is now a required directive. If it is not in the config file, the server will fail to start. This is a change from previous versions of Apache.

-

The Listen directive tells the server to accept incoming - requests on the specified port or address-and-port combination. - If only a port number is specified, the server listens to the - given port on all interfaces. If an IP address is given as well +

The Listen directive tells the server to + accept incoming requests on the specified port or address-and-port + combination. If only a port number is specified, the server listens to + the given port on all interfaces. If an IP address is given as well as a port, the server will listen on the given port and interface.

-

Multiple Listen directives may be used to specify a number - of addresses and ports to listen to. The server will respond to - requests from any of the listed addresses and ports.

+

Multiple Listen directives may be used to + specify a number of addresses and ports to listen to. The server will + respond to requests from any of the listed addresses and ports.

For example, to make the server accept connections on both port 80 and port 8000, use:

@@ -163,10 +267,9 @@ listens to Listen [fe80::a00:20ff:fea7:ccea]:80 - DNS Issues -Setting - which addresses and ports Apache uses +Setting which addresses and ports Apache +uses @@ -175,9 +278,10 @@ listens to ListenBacklog backlog ListenBacklog 511 server config -workerperchild -preforkmpm_winnt - +beosleader +mpm_netwarempm_winnt +mpmt_os2perchildprefork +threadpoolworker

The maximum length of the queue of pending connections. @@ -200,27 +304,30 @@ listens to LockFile filename LockFile logs/accept.lock server config -workerperchild -prefork +leaderperchild +preforkthreadpoolworker +

The LockFile directive sets the path to - the lockfile used when Apache is compiled with either - USE_FCNTL_SERIALIZED_ACCEPT or USE_FLOCK_SERIALIZED_ACCEPT. This - directive should normally be left at its default value. The main - reason for changing it is if the logs directory is - NFS mounted, since the lockfile must be stored on a local - disk. The PID of the main server process is - automatically appended to the filename.

+ the lockfile used when Apache is used with an AcceptMutex value of either + fcntl or flock. This directive should + normally be left at its default value. The main reason for changing + it is if the logs directory is NFS mounted, since + the lockfile must be stored on a local disk. The PID + of the main server process is automatically appended to the + filename.

Security: -

It is best to avoid putting this file in a world writable directory - such as /var/tmp because someone could create a denial of - service attack and prevent the server from starting by creating - a lockfile with the same name as the one the server will try to - create.

+

It is best to avoid putting this file in a world writable + directory such as /var/tmp because someone could create + a denial of service attack and prevent the server from starting by + creating a lockfile with the same name as the one the server will try + to create.

 +AcceptMutex @@ -228,8 +335,10 @@ listens to Maximum number of child processes that will be created to serve requests MaxClients number +See usage for details server config -workerprefork +beosleader +preforkthreadpoolworker @@ -241,38 +350,42 @@ to serve requests directive. Once a child process is freed at the end of a different request, the connection will then be serviced.

-

For non-threaded servers (i.e., prefork), +

For non-threaded servers (i.e., prefork), MaxClients translates into the maximum number of child processes that will be launched to serve requests. The default value is 256; to increase it, you must also raise ServerLimit.

-

For threaded servers (i.e., worker), - MaxClients restricts the total - number of threads that will be available to serve clients. - The default value is 16 multiplied by the value of - ThreadsPerChild. - To increase MaxClients to a value - that requires more than 16 processes, you must also - raise ServerLimit.

+

For threaded and hybrid servers (e.g. beos + or worker) MaxClients restricts + the total number of threads that will be available to serve clients. + The default value for beos is 50. For + hybrid MPMs the default value is 16 (ServerLimit) multiplied by the value of + 25 (ThreadsPerChild). Therefore, to increase MaxClients to a value that requires more than 16 processes, + you must also raise ServerLimit.

 MaxMemFree Maximum amount of memory that the main allocator is allowed -to hold without calling free() -MaxMemFree number +to hold without calling free() +MaxMemFree KBytes +MaxMemFree 0 server config -workerprefork -mpm_netware - +beosleader +mpm_netwareprefork +threadpoolworker

The MaxMemFree directive sets the maximum number of free Kbytes that the main allocator is allowed - to hold without calling free(). When not set, or when set to - zero, the threshold will be set to unlimited.

+ to hold without calling free(). When not set, or when set + to zero, the threshold will be set to unlimited.

 @@ -283,9 +396,10 @@ will handle during its life MaxRequestsPerChild number MaxRequestsPerChild 10000 server config -workerperchild -preforkmpm_winnt - +leadermpm_netware +mpm_winntmpmt_os2 +perchildprefork +threadpoolworker

The MaxRequestsPerChild directive sets @@ -293,7 +407,12 @@ will handle during its life server process will handle. After MaxRequestsPerChild requests, the child process will die. If MaxRequestsPerChild is - 0, then the process will never expire.

+ 0, then the process will never expire.

+ + Different default values: +

The default value for mpm_netware and + mpm_winnt is 0.

+

Setting MaxRequestsPerChild to a non-zero limit has two beneficial effects:

@@ -307,9 +426,10 @@ will handle during its life Note: -

For KeepAlive requests, only the first request is counted - towards this limit. In effect, it changes the behavior to limit the - number of connections per child.

+

For KeepAlive requests, only + the first request is counted towards this limit. In effect, it + changes the behavior to limit the number of connections per + child.

 @@ -318,9 +438,11 @@ will handle during its life MaxSpareThreads Maximum number of idle threads MaxSpareThreads number +See usage for details server config -mpm_netware -perchildworker +beosleader +mpm_netwarempmt_os2 +perchildthreadpoolworker @@ -328,53 +450,59 @@ will handle during its life directive differently.

For perchild the default is - MaxSpareThreads 10. This MPM monitors the number of + MaxSpareThreads 10. This MPM monitors the number of idle threads on a per-child basis. If there are too many idle threads in that child, the server will begin to kill threads within that child.

-

For worker the default is - MaxSpareThreads 500. This MPM deals with idle threads - on a server-wide basis. If there are too many idle threads in the - server then child processes are killed until the number of idle - threads is less than this number.

+

For worker, leader and threadpool the default is MaxSpareThreads 250. + These MPMs deal with idle threads on a server-wide basis. If there + are too many idle threads in the server then child processes are + killed until the number of idle threads is less than this number.

For mpm_netware the default is - MaxSpareThreads 100. Since this MPM runs a + MaxSpareThreads 100. Since this MPM runs a single-process, the spare thread count is also server-wide.

+

beos and mpmt_os2 work + similar to mpm_netware. The default for + beos is MaxSpareThreads 50. For + mpmt_os2 the default value is 10.

+ + Restrictions +

The range of the MaxSpareThreads value + is restricted. Apache will correct the given value automatically + according to the following rules:

+
    +
  • perchild requires MaxSpareThreads to be less or equal than ThreadLimit.
    • + +
  • mpm_netware wants the value to be greater than + MinSpareThreads.
    • + +
  • For leader, threadpool and + worker the value must be greater or equal than + the sum of MinSpareThreads + and ThreadsPerChild.
    • +
+ MinSpareThreads StartServers - -MaxThreadsPerChild -Maximum number of threads per child process -MaxThreadsPerChild number -MaxThreadsPerChild 64 -server config -workerperchild - - - -

Maximum number of threads per child. For MPMs with a - variable number of threads per child, this directive sets the - maximum number of threads that will be created in each child - process. To increase this value beyond its default, it is - necessary to change the value of the compile-time define - HARD_THREAD_LIMIT and recompile the server.

- - - MinSpareThreads Minimum number of idle threads available to handle request spikes MinSpareThreads number +See usage for details server config -mpm_netware -perchildworker +beosleader +mpm_netwarempmt_os2 +perchildthreadpoolworker @@ -386,10 +514,14 @@ spikes MinSpareThreads 5 and monitors the number of idle threads on a per-child basis. If there aren't enough idle threads in that child, the server will begin to create new threads within - that child.

- -

worker uses a default of MinSpareThreads - 250 and deals with idle threads on a server-wide basis. If + that child. Thus, if you set NumServers to 10 and a MinSpareThreads value of 5, you'll have + at least 50 idle threads on your system.

+ +

worker, leader and + threadpool use a default of MinSpareThreads + 75 and deal with idle threads on a server-wide basis. If there aren't enough idle threads in the server then child processes are created until the number of idle threads is greater than number.

@@ -398,27 +530,15 @@ spikes MinSpareThreads 10 and, since it is a single-process MPM, tracks this on a server-wide bases.

+

beos and mpmt_os2 work + similar to mpm_netware. The default for + beos is MinSpareThreads 1. For + mpmt_os2 the default value is 5.

 MaxSpareThreads StartServers - -NumServers -Total number of children alive at the same time -NumServers number -NumServers 2 -server config -perchild - - -

Number of children alive at the same time. MPMs that use - this directive do not dynamically create new child processes so - this number should be large enough to handle the requests for - the entire site.

- - - ScoreBoardFile Location of the file used to store coordination data for @@ -426,8 +546,9 @@ the child processes ScoreBoardFile file-path ScoreBoardFile logs/apache_status server config -workerperchild -prefork +beosleader +mpm_winntperchildprefork +threadpoolworker

Apache uses a scoreboard to communicate between its parent @@ -450,24 +571,29 @@ the child processes careful that you heed the same warnings about log file placement and security.

 -Stopping and Restarting Apache +Stopping and Restarting +Apache SendBufferSize TCP buffer size SendBufferSize bytes +SendBufferSize 0 server config -workerperchild -preforkmpm_winnt - +beosleader +mpm_netwarempm_winnt +mpmt_os2perchildprefork +threadpoolworker

The server will set the TCP buffer size to the number of bytes specified. Very useful to increase past standard OS defaults on high speed high latency (i.e., 100ms or so, such as transcontinental fast pipes).

+ +

If set to the value of 0, the server will use the + OS deault.

 @@ -475,9 +601,10 @@ the child processes ServerLimit Upper limit on configurable number of processes ServerLimit number -ServerLimit 256 (prefork), ServerLimit 16 (worker) +See usage for details server config -workerprefork +leaderperchild +preforkthreadpoolworker @@ -503,46 +630,66 @@ the child processes

With the prefork MPM, use this directive only if you need to set MaxClients higher than 256. + module="mpm_common">MaxClients higher than 256 (default). Do not set the value of this directive any higher than what you might want to set MaxClients to.

-

With the worker MPM, use this directive only +

With worker, leader and + threadpool use this directive only if your MaxClients and ThreadsPerChild - settings require more than 16 server processes. Do not set the - value of this directive any higher than the number of server + settings require more than 16 server processes (default). Do not set + the value of this directive any higher than the number of server processes required by what you may want for MaxClients and ThreadsPerChild.

+ +

With the perchild MPM, use this directive only + if you need to set NumServers higher than 8 (default).

+ + Note +

There is a hard limit of ServerLimit 20000 compiled + into the server. This is intended to avoid nasty effects caused by + typos.

+ +Stopping and Restarting Apache StartServers Number of child server processes created at startup StartServers number -StartServers 5 +See usage for details server config -worker +leadermpmt_os2 +preforkthreadpoolworker +

The StartServers directive sets the number of child server processes created on startup. As the number of processes is dynamically controlled depending on the load, there is usually little reason to adjust this parameter.

+ +

The default value differs from MPM to MPM. For + leader, threadpool and + worker the default is StartServers 3. + For prefork defaults to 5 and for + mpmt_os2 to 2.

 -MinSpareThreads -MaxSpareThreads StartThreads -Nubmer of threads created on startup +Number of threads created on startup StartThreads number +See usage for details server config -mpm_netwareperchild +beosmpm_netware +perchild

Number of threads created on startup. As the @@ -559,6 +706,9 @@ the child processes process, this is the total number of threads created at startup to serve requests.

+

For beos the default is StartThreads + 10. It also reflects the total number of threads created + at startup to serve requests.

 @@ -567,8 +717,13 @@ the child processes Sets the upper limit on the configurable number of threads per child process ThreadLimit number +See usage for details server config -mpm_winntworker +leadermpm_winnt +perchildthreadpoolworker + +Available for mpm_winnt in Apache 2.0.41 +and later

This directive sets the maximum configured value for current run of Apache.

The default value for ThreadLimit is - 64 when used with worker and 1920 when used - with mpm_winnt.

- + 1920 when used with mpm_winnt and + 64 when used with the others.

+ + Note +

There is a hard limit of ThreadLimit 20000 (or + ThreadLimit 15000 with mpm_winnt) + compiled into the server. This is intended to avoid nasty effects + caused by typos.

+ @@ -601,24 +762,24 @@ per child process ThreadsPerChild Number of threads created by each child process ThreadsPerChild number +See usage for details server config -workermpm_winnt - +leadermpm_winnt +threadpoolworker

This directive sets the number of threads created by each child process. The child creates these threads at startup and - never creates more. If using an MPM like mpmt_winnt, where - there is only one child process, this number should be high + never creates more. If using an MPM like mpm_winnt, + where there is only one child process, this number should be high enough to handle the entire load of the server. If using an MPM - like worker, where there are multiple child processes, the - total number of threads should be high enough to handle the - common load on the server.

- -

The default value for this directive is 25 when used with - worker and 64 when used with - mpm_winnt.

+ like worker, where there are multiple child processes, + the total number of threads should be high enough to handle + the common load on the server.

+

The default value for ThreadsPerChild is + 64 when used with mpm_winnt and + 25 when used with the others.

 @@ -628,51 +789,64 @@ per child process requests User unix-userid User #-1 -server configvirtual host - -workerperchild -prefork +server config +leaderperchild +preforkthreadpoolworker + +Only valid in global server config since Apache +2.0 -

The User directive sets the userid as +

The User directive sets the user ID as which the server will answer requests. In order to use this - directive, the standalone server must be run initially as - root. Unix-userid is one of:

+ directive, the server must be run initially as root. + If you start the server as a non-root user, it will fail to change + to the lesser privileged user, and will instead continue to run as + that original user. If you do start the server as root, + then it is normal for the parent process to remain running as root. + Unix-userid is one of:

A username
-
Refers to the given user by name.
# followed by a user number.
- -
Refers to a user by their number.
+
Refers to a user by its number.

The user should have no privileges that result in it being able to access files that are not intended to be visible to the outside world, and similarly, the user should not be able to - execute code that is not meant for httpd requests. It is + execute code that is not meant for HTTP requests. It is recommended that you set up a new user and group specifically for running the server. Some admins use user nobody, but this is not always desirable, since the nobody user can have other uses on the system.

-

Notes: If you start the server as a non-root user, it will - fail to change to the lesser privileged user, and will instead - continue to run as that original user. If you do start the - server as root, then it is normal for the parent process to - remain running as root.

+ Security +

Don't set User (or Group) to root unless + you know exactly what you are doing, and what the dangers are.

+ + +

With the perchild MPM, which is intended to + server virtual hosts run under different user IDs, the + User directive defines the user ID for the + main server and the fallback for VirtualHost sections without an + AssignUserID directive.

Special note: Use of this directive in VirtualHost is no longer supported. To - configure your server for suexec use + configure your server for suexec use SuexecUserGroup.

-Security

Don't set User -(or Group) to -root unless you know exactly what you are doing, and what -the dangers are.

 + Note +

Although the User directive is present + in the beos and mpmt_os2 MPMs, + it is actually a no-op there and only exists for compatibility + reasons.

+ -- cgit v1.2.3