cpanel stat generation cause thet nginx makes a lot of reload to grab new file descriptor... no issue on that
Issue is nginx, I show you situation now with 2.58% used for 1 work, which is same value for others, but gloably, nginx uses now 2.58%, this number is increasing slowly at the rythm of nginx reloads asked...
[root@web1 ~]# ps alx | grep nginx
5 99 711213 913692 20 0 3917936 3397132 ep_pol S ? 0:22 nginx: worker process
5 99 711224 913692 20 0 3918128 3397300 ep_pol S ? 0:24 nginx: worker process
5 99 711229 913692 20 0 3918392 3397456 ep_pol S ? 0:26 nginx: worker process
5 99 711238 913692 20 0 3918128 3397228 ep_pol S ? 0:20 nginx: worker process
5 99 711245 913692 20 0 3917936 3397144 ep_pol S ? 0:23 nginx: worker process
5 99 711248 913692 20 0 3918096 3397296 ep_pol S ? 0:18 nginx: worker process
5 99 711252 913692 20 0 3918392 3397392 ep_pol S ? 0:21 nginx: worker process
5 99 711255 913692 20 0 3918128 3397132 - R ? 0:19 nginx: worker process
5 99 711257 913692 20 0 3917580 3394632 ep_pol S ? 0:00 nginx: cache manager process
0 0 767011 766950 20 0 112652 956 pipe_w S+ pts/2 0:00 grep --color=auto nginx
5 0 913692 1 20 0 3917576 3396176 sigsus Ss ? 74:26 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
Output of nginx -T is taking 100's of pages, i can't pu it here...
[root@web1 ~]# nginx -V
nginx version: nginx/1.11.13
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC)
built with LibreSSL 2.5.2
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/etc/nginx/modules --with-pcre=./pcre-8.40 --with-pcre-jit --with-zlib=./zlib-1.2.11 --with-openssl=./libressl-2.5.2 --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error_log --http-log-path=/var/log/nginx/access_log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nobody --group=nobody --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --add-dynamic-module=naxsi-http2/naxsi_src --with-file-aio --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-compat --with-http_v2_module --with-http_geoip_module=dynamic --add-dynamic-module=ngx_pagespeed-release-1.11.33.4-beta --add-dynamic-module=/usr/local/rvm/gems/ruby-2.3.1/gems/passenger-5.1.2/src/nginx_module --add-dynamic-module=ngx_brotli --add-dynamic-module=echo-nginx-module-0.60 --add-dynamic-module=headers-more-nginx-module-0.32 --add-dynamic-module=ngx_http_redis-0.3.8 --add-dynamic-module=redis2-nginx-module --add-dynamic-module=srcache-nginx-module-0.31 --add-dynamic-module=ngx_devel_kit-0.3.0 --add-dynamic-module=set-misc-nginx-module-0.31 --add-dynamic-module=ModSecurity-nginx --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' --with-ld-opt=-Wl,-E
[root@web1 ~]#
Anoop is dev of Xtendweb stack using nginx core, he is investigating, and it seems his solution if to use a pre-approved nginx core :
https://openresty.org/en/
and that it could solve many issues with 3rd party modules which we need to use absolutely...
Indeed, we are all tired to do 3 upgrades /month