Redis memory issue (Kali Linux 2021.2) about emba HOT 17 CLOSED

Confirmed , after hugepage disable , it running well.

from emba.

from emba.

Thank you for your feedback. I will add a link to this thread in our wiki

Just another parameter needs to be changed in redis-server,

save <seconds> <changes>
#
#   Will save the DB if both the given number of seconds and the given
#   number of write operations against the DB occurred.
#
#   In the example below the behavior will be to save:
#   after 900 sec (15 min) if at least 1 key changed
#   after 300 sec (5 min) if at least 10 keys changed
#   after 60 sec if at least 10000 keys changed
#
#   Note: you can disable saving completely by commenting out all "save" lines.
#
#   It is also possible to remove all the previously configured save
#   points by adding a save directive with a single empty string argument
#   like in the following example:
#
#   save ""

save 900 1
save 300 10
save 60 10000

this is ok if you have > 8GB ram, but I suggest 100 seconds per GB / RAM 
eX:  4GB
save 400 100

with 2GB I put:
save 120 1

because just mongo and docker took 90 % of RAM

The Kali Distro just came with a 1GB swap partition, same amount of GB on RAM for swap space will help a lot .

EDIT: Added markdown tags for better readability.

from emba.

cve-search has a problem getting the number of available cores in virtual machines, bypass needs to be set manually set to avoid crashing.

sudo env "WORKER_SIZE=1" ./sbin/db_updater.py -c
or
export WORKER_SIZE=1
or save WORKER_SIZE=1 in a file in /etc/enviroment.d/

this way the queue will be sent to all cores in sync.

Regards

from emba.

In my first installation I had some issues with the cve-database. It needs a complete drop and repopulation:

└─$ sudo ./external/cve-search/sbin/db_updater.py -f

afterwards it was running as expected. Could someone verify this?

I have included this update to our installer: 2c26077

from emba.

It last just 20 minutes , after crashing multiple times.

redis-server has a maxmemory value of 0, also is not auto started.

'echo madvise > /sys/kernel/mm/transparent_hugepage/enabled'
'To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf / reboot

supervised by systemd - you MUST set appropriate values for TimeoutStartSec and TimeoutStopSec in your service unit.

from emba.

Thank you for your feedback and your solution. Can you please give us some information about your setup? I also had issues with Redis once and solved it by increasing the available storage for my Kali VM from 4GB to 8GB. But I don't know if it's the same problem, so I need additional information from you.

from emba.

Thank you for your feedback and your solution. Can you please give us some information about your setup? I also had issues with Redis once and solved it by increasing the available storage for my Kali VM from 4GB to 8GB. But I don't know if it's the same problem, so I need additional information from you.

The issue is that redis-server crashes all other process because of the huge memory pages, you cannot limit it because you will broke a dependency method, I tried 5, 8 , 12 GB ram and it is worst 2GB Ram is enough, just set transparent_hugepage to
'madvise' or better to 'never' , do not give permission to make a giant RAM DRIVE to redis.

last time I used transparent_hugepage was in red hat 5

Kali Rolling (2021.2) x64 2021-05-31 on WorkStation 16.x VM

Just disable permanently by creating a service.

$sudo nano /etc/systemd/system/disable-thp.service

[Unit]
Description=Disable Transparent Huge Pages (THP)

[Service]
Type=simple
ExecStart=/bin/sh -c "echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled && echo 'never' > /sys/kernel/mm/transparent_hugepage/defrag"

[Install]
WantedBy=multi-user.target

$ sudo systemctl daemon-reload
$ sudo systemctl start disable-thp
$ sudo systemctl enable disable-thp

Both Mongo and Redis has the issue with hugepages. so be sure that DBs start after disabling the pages and its defrag.

Kind Regards.

from emba.

As far as I can see the redis server is started during the installation process (see

from emba.

2GB of memory is not a lot for emba. Probably we should add a wiki section with hardware requirements.

from emba.

from emba.

I have added a quick prerequisits section to our wiki: https://github.com/e-m-b-a/emba/wiki/Installation#prerequisites

from emba.

Thank you for your feedback. I will add a link to this thread in our wiki

from emba.

Thank you for your feedback and your manual on getting everything up and running on less powered hosts.
I have created the following entry in our wiki: https://github.com/e-m-b-a/emba/wiki/Installation#prerequisites
Additionally I have linked your manual in the cve installation area: https://github.com/e-m-b-a/emba/wiki/Installation#cve-search-installation-just-in-case-the-installer-fails

Thanks and keep on using and improving emba :)

from emba.

Just an fyi, this entire thing is still an issue. I also set stop-writes-on-bgsave-error no in /etc/redis/redis.conf to prevent some errors. After the installation fails you can do the following to clean out (maybe add to the installation page on the wiki for us redis noobs?):

# redis-cli
127.0.0.1:6379> FLUSHDB 
OK
127.0.0.1:6379> FLUSHALL 
OK
127.0.0.1:6379> exit
# /etc/init.d/redis-server restart
Restarting redis-server (via systemctl): redis-server.service.
# ./external/cve-search/sbin/db_updater.py -f

And then suddenly the installation ran smoothly.

Off-topic fyi: Your tool depends on netstat, so it is necessary to sudo apt install net-tools on a fresh Ubuntu, maybe make that a dependency

from emba.

Thank you for your ongoing effort and updates on this redis issue. I will add some notes to the wiki.

Regarding the net-tools: They should get installed:

from emba.

I'm running in a fresh Ubuntu VM and cloned EMBA from git then ran the installer and yes, it seems to have failed to install the net-tools.

I could (untested!) imagine that the way you handle parameters with a dash (-) in it, that it somehow breaks because the dash is interpreted as a command line parameter switch. But that's just wild speculation.

from emba.