Each user on CloudLinux is treated as independent entity called as lightweight virtual environment (LVE). This allows hosting companies to have strict control over the hardware resources any for any single account to use. Resources limits in CloudLinux which can be controlled are CPU, memory, IO, number of processes entering (EP) and concurrent connections etc. So the purpose of LVE is to make sure that no single web site use all the hardware resources of the server and bring down or slow down the whole web server.
How Resource limits in CloudLinux Works
Memory limits
Memory limits allow controlling of physical memory each user can actually utilized. CloudLinux is able to identify in real time amount of memory actually used by end customer’s processes and limit it according to the limit set under it. The memory resource limits in CloudLinux are effective in preventing OOM issues, and ballooning memory usage by customer that destroyed caches and causes
server load.
I/O limits
I/O limits or Input Output limit restricts the data throughput for the client. The processes is put to sleep/throttled when it achieved its maximum limit.
CPU Limits
CPU Limits set the maxim amount of CPU that an account can use. It is setin terms of core like for allowing 1 core you must 100% and for allowing usage of 4 cores you can set 400% cores respectively. When an account hits the cpu limits the whole account/websites are slowed down until the cpu is again available to do the work. This can help the hosting companies from causing spikes by any individual account avoid slowing down or unresponsiveness of a server.
Number of Processes
Resource limits in CloudLinux also features Number of Processes Limit which controls the total number of processes that can run under an account. So under one LVE no new process can be created if the limit of total number of processes has been reached. The new processes will only be created once the existing running process dies or completes. This prevents fork bombs and similar DoS attacks.
Entry Processes Limit
Entry Processes Limit (EP) simply controls the number of processes entering in the account or LVE. In simple words it can mean the number of sciprts/pages being opened at once. The opening of a webpage is very quick so EP should not be taken equivalent to live traffic. Once the website loads the EP is finished. So there can be hundred of users on your websites and EP would be zero as all the users are just reading your website and not loading it at once. These resource limits in CloudLinux are important to prevent single site from hogging all Apache slots and causing it to be unresponsive.
MySQL Limits
MySQL Governor allows hosting companies to configure acceptable limits for three parameters – CPU, IO Read, and IO Write. MySQL abusers commonly affect CPU or disk IO usage.
Inodes Limits
Inode is simply used to limit the number of files and folders on the server. Inodes limits work on the level of disk quota.
Reference: https://www.cloudlinux.com/images/content/resources/Resource_limits.pdf
Resource limits in CloudLinux
Following resource limits are supported:
| Limits | Units | Default Value | Description | Supported Kernels / OS |
| SPEED | % of a core, or HZ | 100% | CPU speed limit, relative to a single core, or specified in HZ (portable across CPU s) | all |
| CPU [deprecated] | % of CPU | 25% | CPU Limit (smallest of CPU & NCPU is used) | all |
| NCPU [deprecated] | number of cores | 1 CORE | Max number of cores (smallest of CPU & NCPU used) | all |
| PMEM | KB | 1024MB | Physical memory limit (RSS field in ps/RES in top). Also includes shared memory and disk cache | all |
| VMEM | KB | 0 | Virtual memory limit (VSZ field in ps/VIRT in top) | all |
| IO | KB/sec | 1024KB/sec | IO throughput – combines both read & write operations | CL8, CL7, CL6 lve1.1.9+ kernel |
| IOPS [lve1.3+] | Operations per second | 1024 | Restricts total number of read/write operations per second. | all |
| NPROC | number | 100 | Max number of processes within LVE | all |
| EP | number | 20 | Limit on entry processes. Usually represents max number of concurrent connections to apache dynamic scripts as well as SSH and cron jobs running simultaneously. | all |
It is always better to disable VMEM limits (set them to 0) in your system at all because they are deprecated and are causing unexpected issues.
Bellow you can find recommendations for your typical shared hosting setup. The recommendations don’t depend on the power of your server. They only depend on how “fast” you want your hosting accounts to be.
Typical Hosting Account
- SPEED=100%
- PMEM=512MB
- VMEM=0
- IO=1024KB/s
- IOPS=1024
- NPROC=100
- EP=20
High End Hosting Account
- SPEED=200%
- PMEM=1GB
- VMEM=0
- IO=4096KB/s
- IOPS=1024
- NPROC=100
- EP=40
You can also look at our comparison of hardware resource limits placed by some top hosting companies.