Story about on-premise installation should be reviewed on OS level?

-

 Hello, 

Today I would like to share a small story about the performance improvement of Confluence for one large company. They used that installation for more than 3.2k requests per minute based on the daily stats from frontend reverse proxy logs.

The architecture of that is quite simple based on the reverse proxy (nginx),  Confluence app (tomcat), PostgreSQL as RDMS. 

image.png

All those services work on CentOS 7. 

On Confluence in (Tomcat logs and application logs), nothing informative logs were. 

So in dmesg I found quite simple information about SYN flood on the Confluence app side. Of course, it’s quite crazy to see that situation in an organisation in 2020’s.

# dmesg | tail
[  734.711105] systemd[1]: Started Journal Service.
[1140053.637848] FS-Cache: Loaded
[1140053.662442] FS-Cache: Netfs 'cifs' registered for caching
[1140053.662535] Key type cifs.spnego registered
[1140053.662538] Key type cifs.idmap registered
[1140053.662889] Unable to determine destination address.
[1140083.610257] Unable to determine destination address.
[1179192.646345] TCP: request_sock_TCP: Possible SYN flooding on port 8090. Sending cookies.  Check SNMP counters.
[8486015.346237] DCCP: Activated CCID 2 (TCP-like)
[8486015.368881] sctp: Hash tables configured (bind 512/512)

 

So after changing the configs  below all problems are gone.

net.ipv4.tcp_max_syn_backlog
net.core.somaxconn

 

More info you can find here:

https://access.redhat.com/solutions/30453

 

Conclusion: 

If you meet some performance degradation on on-premises installation, please, start investigation from low level (bare metal/virtualization, OS, docker,  etc.). 

Otherwise, it’s quite an interesting  journey in the forest of wonder. 

Also, I do recommend monitoring network parameters on servers as well. 

 

Cheers,

Gonchik

Comments

Post a Comment

Popular posts from this blog

Overview and practical use cases with open source tracing tool for Java Apps. Glowroot. Installation

-
Image
In that small article, you can find how to install the agent of Glowroot. Installation of the application is quite simple on agents, and this article shows a scheme for working with a built-in collector, but for industrial installations we use it with a bundle with elasticsearch. The installation can be both for individual nodes and so for the central collector. In this case, consider for a separate node. Prerequisites: {jira_home} - is location of Jira home directory. {jira_installation_directory} is the location of Jira installation directory.   Steps: Downloading the installer wget -c https://github.com/glowroot/glowroot/releases/download/v0.13.6/glowroot-0.13.6-dist.zip To check, create a directory via command   mkdir -p /{jira_home}/glowroot/tmp Let the Jira process write and set ownership for simplicity, but it is recommended that you just give the write ability to the owner of the Jira process. chown -R jira: /{jira_home}/glowroot We additionally set the argument to setenv.sh in
Read more

Atlassian Community, let's collaborate and provide stats to vendors about our SQL index usage

-
  Hi!  Gonchik is in touch. Today I would like to get a little bit of help from you related SQL indexes on your Jira installation (Data Center, Server edition does not matter).    I would like to share a story about  PostgreSQL  and  Jira 8.13.3  ( JSD 4.13.3 )  release.  In that post I will be happy if you answer and comment about your instance indexes, as those info can help to improve the existing situation of heavy indexes.  Typically, it starts from improvement of configuration (e.g. using  https://postgresqltuner.pl/ ),  then query analyzing, adding indexes, after removing as heavy one (shortly  https://wiki.postgresql.org/wiki/Index_Maintenance ) :)    I use like this query in PostgreSQL: SELECT s.schemaname,        s.relname AS tablename,        s.indexrelname AS indexname,        pg_size_pretty(pg_relation_size(s.indexrelid::regclass)) AS index_size,        idx_tup_read,         idx_tup_fetch,         idx_scan FROM pg_catalog.pg_stat_user_indexes s JOIN pg_catalog.pg_index i O
Read more

How only 2 parameters of PostgreSQL reduced anomaly of Jira Data Center nodes

-
Image
  Hello community, Gonchik Tsymzhitov is in touch. Today, I would like to share with you a short story about postgresqltuner.pl in usage.  So from previous articles I hope you configured the PostgreSQL server and postgresqltuner.pl.  After executing command, ./postgresqltuner.pl --ssd for ssd disks server. You can see like this output: postgresqltuner.pl version 1.0.1 [OK]      I can invoke executables Connecting to /var/run/postgresql:5432 database template1 as user 'postgres'... [OK]      The user account used by me for reporting has superuser rights on this PostgreSQL instance =====  OS information  ===== [INFO]    OS: linux Version: 5.4.17-2036.102.0.2.el8uek.x86_64 Arch: x86_64-linux-thread-multi [INFO]    OS total memory: 41.03 GB [OK]      vm.overcommit_memory is adequate: no memory overcommitment [INFO]    Running under a vmware hypervisor [INFO]    Currently used I/O scheduler(s): mq-deadline =====  General instance informations  ===== -----  PostgreSQL version  -----
Read more