AWS EC2 t2.small Instance CPU utilization spikes to 100% at regular interval every day
My EC2 t2.small instance CPU Utilization goes to 100% every day at the same time, roughly between 21:25 and 21:30 server time.
I have checked syslog and apache log and found nothing unusual during that time. Also, I have checked my cron jobs and system cron jobs and found no daily cron jobs running at that time (/etc/cron.daily is scheduled at 6:25 and executes correctly at that time according to logs).
Any ideas what could cause this behavior?
OS: Ubuntu 16.04
After a lot of search, logging, trial and error, I have found apache2 was causing this. For some reason, the process hangs at 100% on some occasions, specifically when performing SSL test on ssllabs.com. Found this line in Apache error_log:
[ssl:error] [pid 29110] [client 64.41.200.104:58242] AH02042: rejecting client initiated renegotiation
Again, after some trial and error, the solution that fixed the issue was to update the SSLCipherSuite apache directive in /etc/apache2/mods-available/ssl.conf
Here is the value I used: SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
After this change, the problem never repeated. I hope this will help someone else in the same situation.
- Get single-line json from aws cli
- Automatically "stop" Sagemaker notebook instance after inactivity?
- AWS Cloudwatch alarm not returning to OK state even though data looks fine
- Windows & Linux living together in Kubernetes cluster
- AWS CDK for .NET Core hangs at "ApplicationLoadBalancedFargateService" Task
- how to add cache control in AWS S3?
- AWS Lambda Open Telemetry, Missing Parent Span
- API Gateway Custom Authorizer: Control error message and code
- VSCode JSON to YAML auto conversion on save
- How to add multiple columns in AWS redshift with alter table query
- Retrieve one file from AWS Glacier using cli
- Email address is not verified (AWS SES)
- Terraform - s3 static website wont deploy, telling me I dont have permissions when I do
- How to Add Private Subnets with Designated IP Addresses When Creating a VPC Interface Endpoint in AWS CDK
- SpringBoot fails to deploy after adding .ebextensions for ngingx SSL -[An error occurred during execution of command [app-deploy]]
- What does 0.0.0.0/0 and ::/0 mean?
- How to query dynamoDB based on key + attribute?
- Getting "No AWS accounts are available to you" when using aws configure sso
- Terraform directory Structure for common infrastructure on aws for ADO pipeline
- Mysterious TransactionConflict in TransactionCanceledException
- Cloudwatch VPC interface endpoint times out
- AWS s3 V3 Javascript SDK stream file from bucket (GetObjectCommand)
- How to bypass expectation of S3 server 100-contiune response in Boto3 put_object method
- Disabling AWS X-ray in FastAPI Lambda application
- Cannot Connect To AWS Elasticache Redis Cluster From Local Machine
- How do i access AWS SAM-CLI through bash on windows?
- Reporting AWS Tools RDS or Redshift?
- What does "eksctl create iamserviceaccount" do under the hood on an EKS cluster?
- Configure Selenium Nodes without a JSON file
- Is there a CLI command on Azure to see console messages of a VM that is not booting up?