[Dovecot] Calculation of suggested vsz_limit values
Hello,
I would like to ask on suggested vsz_limit values.
Is there any way of calculating such values? How should we determine them? I don't want to risk wrong values (and possible errors) on a production system, if I upgrade to 2.0.16 where vsz_limit values are enforced (I read release notes)!
If there is no standard way of calculation, could someone please check the following info and suggest some values?
I am running dovecot-2.0.13-1_128.el5 x86_64 RPM on CentOS 5.7 (as a VM on a KVM Host).
All accounts are virtual, hosted on LDAP Server. We have about 250 mailboxes of 4GB each (in practice, only a couple of mailboxes ever reach 1GB so we are "over-booking"). It is a relatively low-load server.
Memory status and config follows below.
Thanks, Nick
The server memory condition is as follows:
vmstat
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------ r b swpd free buff cache si so bi bo in cs us sy id wa st 0 0 92 62400 212324 1299604 0 0 397 235 70 39 4 2 89 4 0
free -m
total used free shared buffers cachedMem: 2010 1951 59 0 207 1269 -/+ buffers/cache: 474 1536 Swap: 2015 0 2015
---------- Config Start -------------
2.0.13: dovecot.conf
protocols = imap pop3
mail_location = maildir:~/Maildir/ mail_gid = 500 mail_uid = 500
auth_mechanisms = plain login auth_username_format = %Lu auth_verbose = yes disable_plaintext_auth = no
mail_plugins = quota
protocol imap { imap_client_workarounds = "delay-newmail " mail_plugins = quota imap_quota }
protocol pop3 { mail_max_userip_connections = 3 mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv }
protocol lda { auth_socket_path = /var/run/dovecot/auth-master info_log_path = log_path = mail_plugins = quota postmaster_address = sysadmin@example.com sendmail_path = /usr/lib/sendmail }
userdb { args = /etc/dovecot/dovecot-usrdb-ldap.conf driver = ldap }
passdb { args = /etc/dovecot/dovecot-passdb-ldap.conf driver = ldap }
plugin { quota = maildir:User quota quota_rule = *:storage=4G quota_rule2 = Trash:storage=+3%% quota_warning = storage=75%% quota-warning 75 %u quota_warning2 = storage=90%% quota-warning 90 %u }
service quota-warning { executable = script /opt/mail1.sh user = vmail unix_listener quota-warning { user = vmail } }
service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } user = root }
service imap-login { service_count = 1 vsz_limit = 64 M }
service pop3-login { service_count = 1 vsz_limit = 64 M }
ssl_ca = </etc/pki/CA/certs/chain.pem ssl_cert = </etc/pki/CA/certs/cert.pem ssl_key = </etc/pki/CA/private/key.pem
syslog_facility = local1
---------- Config End -------------
Hi,
No hints about vsz_limit values?
Anyone?
Thanks, Nick
On 16/12/2011 11:09 πμ, Nikolaos Milas wrote:
Hello,
I would like to ask on suggested vsz_limit values.
Is there any way of calculating such values? How should we determine them? I don't want to risk wrong values (and possible errors) on a production system, if I upgrade to 2.0.16 where vsz_limit values are enforced (I read release notes)!
If there is no standard way of calculation, could someone please check the following info and suggest some values?
I am running dovecot-2.0.13-1_128.el5 x86_64 RPM on CentOS 5.7 (as a VM on a KVM Host).
All accounts are virtual, hosted on LDAP Server. We have about 250 mailboxes of 4GB each (in practice, only a couple of mailboxes ever reach 1GB so we are "over-booking"). It is a relatively low-load server.
Memory status and config follows below.
Thanks, Nick
The server memory condition is as follows:
vmstat
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------ r b swpd free buff cache si so bi bo in cs us sy id wa st 0 0 92 62400 212324 1299604 0 0 397 235 70 39 4
2 89 4 0free -m
total used free shared buffers cachedMem: 2010 1951 59 0 207 1269 -/+ buffers/cache: 474 1536 Swap: 2015 0 2015
---------- Config Start -------------
2.0.13: dovecot.conf
protocols = imap pop3
mail_location = maildir:~/Maildir/ mail_gid = 500 mail_uid = 500
auth_mechanisms = plain login auth_username_format = %Lu auth_verbose = yes disable_plaintext_auth = no
mail_plugins = quota
protocol imap { imap_client_workarounds = "delay-newmail " mail_plugins = quota imap_quota }
protocol pop3 { mail_max_userip_connections = 3 mail_plugins = quota pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_uidl_format = %08Xu%08Xv }
protocol lda { auth_socket_path = /var/run/dovecot/auth-master info_log_path = log_path = mail_plugins = quota postmaster_address = sysadmin@example.com sendmail_path = /usr/lib/sendmail }
userdb { args = /etc/dovecot/dovecot-usrdb-ldap.conf driver = ldap }
passdb { args = /etc/dovecot/dovecot-passdb-ldap.conf driver = ldap }
plugin { quota = maildir:User quota quota_rule = *:storage=4G quota_rule2 = Trash:storage=+3%% quota_warning = storage=75%% quota-warning 75 %u quota_warning2 = storage=90%% quota-warning 90 %u }
service quota-warning { executable = script /opt/mail1.sh user = vmail unix_listener quota-warning { user = vmail } }
service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } user = root }
service imap-login { service_count = 1 vsz_limit = 64 M }
service pop3-login { service_count = 1 vsz_limit = 64 M }
ssl_ca = </etc/pki/CA/certs/chain.pem ssl_cert = </etc/pki/CA/certs/cert.pem ssl_key = </etc/pki/CA/private/key.pem
syslog_facility = local1
---------- Config End -------------
On 16.12.2011, at 11.09, Nikolaos Milas wrote:
I would like to ask on suggested vsz_limit values.
Is there any way of calculating such values?
Not really. For mail related processes (imap, pop3, lmtp) you could find the largest dovecot.index.cache file and make sure that vsz_limit is at least 3 times that.
How should we determine them? I don't want to risk wrong values (and possible errors) on a production system, if I upgrade to 2.0.16 where vsz_limit values are enforced (I read release notes)!
If you're very worried, you can simply disable the vsz limits by setting them to 0.
The default 256 MB limit is good enough for most uses though.
Timo <tss@iki.fi> wrote:
Not really. For mail related processes (imap, pop3, lmtp) you could find the largest dovecot.index.cache file and make sure that vsz_limit is at least 3 times that.
Yikes. Aside from forcing users to "prune" mailboxes, what do you suggest when vsz_limit exceeds available host RAM?
I ran across another "RAM only" process in fts_squat for a large, but not *HUGE* mailbox when the size of the dovecot.index.search.uids file got larger than 600MB.
There's no mitigation for these problems other than "buying more RAM" or getting users to delete/file their emails?
I was quite shocked to hit these limits so early - there was no mention of RAM resource requirements in the Dovecot documentation I'd perused. :(
=R=
On Mon, 2011-12-19 at 22:45 -0800, Robin wrote:
Timo <tss@iki.fi> wrote:
Not really. For mail related processes (imap, pop3, lmtp) you could find the largest dovecot.index.cache file and make sure that vsz_limit is at least 3 times that.
Yikes. Aside from forcing users to "prune" mailboxes, what do you suggest when vsz_limit exceeds available host RAM?
vsz_limit isn't about actually using that much memory, but about how much address space can be allocated. Just because Dovecot mmap()s a 1 GB dovecot.index.cache file doesn't mean that it physically uses more than a few kilobytes of memory.
I ran across another "RAM only" process in fts_squat for a large, but not *HUGE* mailbox when the size of the dovecot.index.search.uids file got larger than 600MB.
I suggest switching to fts-lucene in Dovecot v2.1.
participants (3)
-
Nikolaos Milas
-
Robin
-
Timo Sirainen