Good morning After a lot of seach I found that my server has 100% cpu load. top command doesn't show which process has that load. I made rollback four months previeus the VM the load return to 0% but the problem dos not fix At last the problem found My ISP closed port 53 !! the reason that say that port is sencitive for attack !! Thanks for help. did we know why top command does not show me whitch process has the high load?
It is not a process that has high load. Load is the number of jobs in run queue, it is a measure of system state. Use Internet Search engines with Code: linux system load meaning High load can mean too many processes trying to run, or processes are all waiting for some resource that has become a bottleneck, disk system for example.
I do not know. What are you trying to troubleshoot? Perhaps you should have started with this: https://forum.howtoforge.com/threads/please-read-before-posting.58408/
I probably can't describe it better I am trying to solve the high CPU problem. I don't see anything in the link that helps. However, it is useful. Thanks
According to your screenshot, web7 consumes a lot of CPU. So the next step should be to check the access.log file of web7 to see if there is any unusual activity. Maybe there is a kind of a DOS attack on that website or it was hacked or something similar.
And that you have pending changes in ISPConfig is likely not related. is this a multiserver or single server system?
Please use debug mode to find out why you have pending changes: https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/
Code: root@srv:~# /usr/local/ispconfig/server/server.sh finished. root@srv:~# There arent penting changes now and the red warning disapeared CPU still 100%
Ok, so there is no issue with that anymore. Just take care to activate the root cronjob again that you deactivated for debug mode. Regarding CPU usage, see my comment #8.
You did not say what kind of machine is this host. What show commands Code: cat /proc/cpuinfo | grep model fdisk -l lsb_release -a You should examine the situation with additional commands, not just top. And htop may be more informative. Additional commands can be installed on my system from packages iotop and jnettop. You should read log files, they can reveal what is happening on the host.
Lots of files and lots of content and I don't know what I'm looking for... Some that I have opened look ok.
Code: root@srv:~# cat /proc/cpuinfo | grep model model : 6 model name : Common KVM processor model : 6 model name : Common KVM processor model : 6 model name : Common KVM processor model : 6 model name : Common KVM processor model : 6 model name : Common KVM processor model : 6 model name : Common KVM processor model : 6 model name : Common KVM processor model : 6 model name : Common KVM processor root@srv:~# fdisk -l Disk /dev/sda: 50 GiB, 53687091200 bytes, 104857600 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x5c45e2cf Device Boot Start End Sectors Size Id Type /dev/sda1 * 2048 100665343 100663296 48G 83 Linux /dev/sda2 100667390 104855551 4188162 2G 5 Extended /dev/sda5 100667392 104855551 4188160 2G 82 Linux swap / Solaris root@srv:~# lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 8.11 (jessie) Release: 8.11 Codename: jessie root@srv:~#
That seems to be running as virtual host. In this case you should examine also the real host this is running on, it may be under high load and makes a bottleneck for the virtual hosts. What else is running on that host system? What kind of disk system does it have? Maybe disk system is overloaded and makes waits for jobs.
The vm running under proxmox All other system running with 0%CPU Note that The attack took place more than a month ago I went rollback four months and CPU come back to 0% But I lose a lot of my work if to do
