Sean Whitton wrote:
Hello, I am looking to set up a shell server providing apache, MySQL and mailman as well as standard shell features. For this I am going to need to limit my users usage of server resources so that they don't compromise the usage of others. Particularly, I am looking to limit disc usage across MySQL, mailman and of course normal files, bandwidth usage across ssh, sftp, httpd and anything else (e.g. wget), and memory/process usage to prevent one user hogging the server's capacity - all of this in a clean, low maintenance manner! Yes, it is a lot to ask, but I think Debian can do it, I just don't know how to make it. 1) Disc usage I can setup quotas to limit users to a certain amount of drive space quite easily, but how can I tie this to MySQL usage too? For example, if a user has a 1GB quota and uses 512MB for a database, they should then only be able to use 512MB for their home directory.
Are the databases and the home directories on the same partition? The mysql database files are owned my the 'mysql' user on debian. So, it might not be possible to implement a quota system that includes the database.
2) Bandwidth usage I get the impression from asking around that this is not at all going to be easy. I am thinking that simply limiting httpd and setting up a restrictive firewall to stop users binding their own servers would be an effective method assuming I can trust them not to upload huge files. However, does anyone know of a better way of limiting bandwidth globally?
Perhaps the iproute package would suit your needs. The following rules provide some basic limiting. I got them from some page. # tc qdisc add dev $DEV handle ffff: ingress and# tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip \ src 0.0.0.0/0 police rate ${RATE}kbit burst 10k drop flowid :1
3) Memory usage In my experience of using limited free shells this is not at all hard to do, I just don't know how. If you are interested in the background: this is to expand http://silentflame.com/ away from just a cPanel-based server to a proper 'geek server' that doesn't spend its valuable ram on hosting cPanel processes. cPanel does most of the above management automatically and I am seeking to replace that - it handles the issues above with MySQL and /home and all forms of traffic in one bandwidth limit. Any advice appreciated so that this project can go ahead. Thanks, Sean
-- Raj Kiran Grandhi --At the source of every error which is blamed on the computer, you will find at least two human errors, including the error of blaming it on the computer.