There are a bunch of services running on the default debian etch image, listening on network ports. Which of these can I safely disable?

I don't want inetd, portmap, rpc.statd, dhclient3, ntpd... unless any of these are required for the operation of the FlexiScale magicness.

Also can I disable some/all of the ttys in /etc/inittab?

I have got the same problem with the centos 5 installation - would love to know what I can safely do, to free up some memory and reduce the server load.

Flexiscale support got back to me; apparently it is OK to disable inetd, portmap, nfs (which includes rpc.statd). It is not OK to disable ntpd or vi_os_stats.

My /etc/rc3.d directory now looks like this:

K79nfs-common -> ../init.d/nfs-common
K80openbsd-inetd -> ../init.d/openbsd-inetd
K82portmap -> ../init.d/portmap
README
S10sysklogd -> ../init.d/sysklogd
S11klogd -> ../init.d/klogd
S17mysql-ndb-mgm -> ../init.d/mysql-ndb-mgm
S18mysql-ndb -> ../init.d/mysql-ndb
S19mysql -> ../init.d/mysql
S20acpid -> ../init.d/acpid
S20exim4 -> ../init.d/exim4
S20makedev -> ../init.d/makedev
S20ssh -> ../init.d/ssh
S20vi_os_statsd -> ../init.d/vi_os_statsd
S23ntp -> ../init.d/ntp
S89atd -> ../init.d/atd
S89cron -> ../init.d/cron
S91apache2 -> ../init.d/apache2
S99rc.local -> ../init.d/rc.local
S99rmnologin -> ../init.d/rmnologin
S99stop-bootlogd -> ../init.d/stop-bootlogd

The only listening sockets on the network now are sshd, ntpd and dhclient.

There are a bunch of services running on the default debian etch image, listening on network ports. Which of these can I safely disable?

This depends entirely on your requirements. The default images we provide are usually just default 'base install' versions of an OS, but with extra OS drivers and some other tweaks. For example the Debian image is a standard install from CD1 of the distro, with only the 'standard system' package group selected.

As such, it is up to you to know which services you need on the system. Locking down a given OS is a subject probably much better covered elsewhere :)

However......


I don't want inetd, portmap, rpc.statd, dhclient3, ntpd... unless any of these are required for the operation of the FlexiScale magicness.

At the moment, the core services you will need for the 'Flexiscale magicness' are:

vi_os_statsd
(provides system stats for our use)
NTP
(time measurement on VSs can be unreliable so we recommend this is always used to keep your system time in check)
DHCP
(unless you want to manually manage the IPs within your subnet. Doing so may cause problems creating new images as our system will issue an IP which you may be manually using)
SSH
(unless you have set up another way of remotely administering your server)

Also, at the moment you should not update the kernel without help from us to ensure the special kernel modules will work, or you will not be able to access your system when you reboot into the new kernel.


Also can I disable some/all of the ttys in /etc/inittab?

If you wish, they are not usable at the moment (beyond asking us to log in locally to fix some problem which has broken your remote access) but we have plans to provide customer access to a local console for your server in future so you may wish to leave this on.

Hope this all helps.
Cheers guys,

I've been disabling what ever I can on my server (running centos 5) but I have been unable to decrease the load average on the server. (I have not yet installed anything).

Currently its usually at 1 or just over but should be lot lower considering that not much is running.

Any hints or tips on how I can improve this ?

Hi,

The constant load of 1 is a side-effect of the VStools accelerated drivers installed in the system. the load baseline will be 1 for a single CPU virtual machine, 2 for a dual CPU VM, etc.

It comes from a kernel thread called 'suspend' which runs on each CPU, and is constantly in process state 'D'. It affects the load as the system thinks it is constantly accessing disk. It is not really however, it just remains in this state.

It should not actually affect performance however.

HTH