Howdy all,
There’s been a few questions and discussions about the newly introduced --minimal
mode in the new Virtualmin 6 installer. I wanted to get some feedback about what --minimal
ought to include and what it should exclude. My goal with --minimal
mode was to make a Virtualmin installation that’ll work on a 512MB system…it’ll still need to make a swap file in order to actually install on Debian/Ubuntu (apt-get requires a lot of memory, so installation fails on those distros with less than about 1GB of memory+swap).
Anyway, let’s talk about the state of memory consumption in a Virtualmin system today, and what the ideal Virtualmin system looks like in a memory-restricted environment.
First, I want to cover what services use a lot of memory in a Virtualmin system (note that RSS is the closest indicator of actual memory usage in most cases). These are all from 64 bit systems. Note that configuration can make a big difference in Apache and PHP process sizes, so it’s possible to shrink Apache quite a bit from these numbers, if you remove some extraneous modules and features.
- clamd - 730 VIRT / 530MB RSS (I know…this is astonishingly huge, and it is now, by far, the biggest memory consumer in a full Virtualmin installation)
- Apache without mod_php - 550 MB VIRT / 16MB x number of processes (roughly, though this one has many conflating factors)
- Apache with mod_php - 680 MB VIRT / 20MB RSS x number of processes (roughly, again, and apps that run under mod_php cause a large jump in memory usage)
- nginx - 92 MB VIRT / 6 MB RSS x number of processes
- php-cgi (used for mod_fcgid) - 500 MB VIRT / 30 MB RSS x number of processes (varies wildly based on PHP configuration)
- php-fpm - 190 VIRT / 20 MB RSS
- Webmin miniserv with library caching - 140 MB VIRT / 67 MB RSS x number of processes (usually a small number)
- Webmin miniserv without library caching - 111 MB VIRT / 21 MB RSS x number of processes
- Virtualmin email daemon - 140 MB VIRT / 67 MB RSS
- spamd - 276 MB VIRT / 2 MB RSS x number of children (depends on mail load)
- Dovecot - 16 MB VIRT / 1 MB RSS
- Postfix - 120 MB VIRT / ~5 MB RSS x 7 processes
- Fail2ban - 1 GB VIRT / ~40 MB RSS - This one surprised me. The VIRT usage is huge on some systems, but it varies wildly.
- saslauthd - 77 MB VIRT / 2 MB RSS
- postgrey - 171 MB VIRT / 7 MB RSS
- BIND - 232 MB VIRT / 29 MB RSS
Minimal mode currently leaves out clamd, spamd, Dovecot, SASL, and some other programs that run periodically like AWstats and Webalizer.
After looking over this list, I think --minimal
should instead include Dovecot and SASL (they’re small and useful) and leave out Fail2ban. I already removed mod_php relatively recently from the minimal LAMP target, and that is a pretty good win for memory.
So, what do y’all think? It seems like people want minimal to include a mail stack that can serve mail to clients (i.e. POP/IMAP and can receive mail sent from Thunderbird/Outlook/etc.), and now that I see just how little memory it takes, I’m on board with that.
Does everybody feel comfortable killing fail2ban for --minimal
install while bringing back sasl and dovecot? I mean, we never configured fail2ban by default until the Virtualmin 6 installer, and it was never a major source of contention…so seems like a reasonable thing to kill.