xen*_*ndi 6 linux http nginx php-fpm php7
对于我的新服务器上的所有站点,似乎一旦nginx提供了一定数量的流量,它就会开始提供“错误 502 - 错误网关! ”。
让我们来看看一些日志和配置...
操作系统:Ubuntu 16.04(服务器)
硬件:6核,12GB内存
面板:ISPConfig
nginx 版本:1.10.3
来自/var/www/example/log/error.log:
11: Resource temporarily unavailable) while connecting to upstream, client: 216.170.123.179, server: example.com, request: "GET /KHFxygk9 HTTP/1.1", upstream: "fastcgi://unix:/var/lib/php7.0-fpm/web3.sock:", host: "example.com", referrer: "http://example.com/"
2017/08/10 06:01:06 [error] 15408#15408: *31372 connect() to unix:/var/lib/php7.0-fpm/web3.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 192.3.114.12, server: example.com, request: "GET /jiPNQjwp HTTP/1.1", upstream: "fastcgi://unix:/var/lib/php7.0-fpm/web3.sock:", host: "example.com", referrer: "http://example.com/"
这是我的配置文件:
[www]
user = www-data
group = www-data
listen = /run/php/php7.0-fpm.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 12
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 500
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
systemctl status php7.0-fpm
? php7.0-fpm.service - The PHP 7.0 FastCGI Process Manager
Loaded: loaded (/lib/systemd/system/php7.0-fpm.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2017-08-10 04:44:16 UTC; 1h 30min ago
Process: 20310 ExecReload=/bin/kill -USR2 $MAINPID (code=exited, status=0/SUCCESS)
Process: 20302 ExecReload=/usr/lib/php/php7.0-fpm-checkconf (code=exited, status=0/SUCCESS)
Process: 13060 ExecStartPre=/usr/lib/php/php7.0-fpm-checkconf (code=exited, status=0/SUCCESS)
Main PID: 13070 (php-fpm7.0)
Status: "Processes active: 20, idle: 12, Requests: 6874, slow: 0, Traffic: 0.3req/sec"
CGroup: /system.slice/php7.0-fpm.service
??13070 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
??13072 php-fpm: pool apps-{fpm_domain}
??13073 php-fpm: pool apps-{fpm_domain}
??13074 php-fpm: pool ispconfig
??13075 php-fpm: pool ispconfig
??13076 php-fpm: pool web1
??13077 php-fpm: pool web1
??13079 php-fpm: pool web2
??13080 php-fpm: pool web3
??13081 php-fpm: pool web3
??13082 php-fpm: pool web4
??13083 php-fpm: pool web4
??13084 php-fpm: pool web5
??13085 php-fpm: pool web5
??13087 php-fpm: pool www
??13088 php-fpm: pool www
??16186 php-fpm: pool web3
??16603 php-fpm: pool web3
??16604 php-fpm: pool web3
??16605 php-fpm: pool web3
??16609 php-fpm: pool web3
??16614 php-fpm: pool web3
??16629 php-fpm: pool web3
??16630 php-fpm: pool web3
??18019 php-fpm: pool web2
??18026 php-fpm: pool web2
??18027 php-fpm: pool web2
??18028 php-fpm: pool web2
??18369 php-fpm: pool web2
??18370 php-fpm: pool web2
??18410 php-fpm: pool web2
??18411 php-fpm: pool web2
??18413 php-fpm: pool web2
Aug 10 04:44:16 web1.example.com systemd[1]: Stopped The PHP 7.0 FastCGI Process Manager.
Aug 10 04:44:16 web1.example.com systemd[1]: Starting The PHP 7.0 FastCGI Process Manager...
Aug 10 04:44:16 web1.example.com systemd[1]: Started The PHP 7.0 FastCGI Process Manager.
小智 10
这些错误可能是由于缺少允许的最大套接字连接数(大多数默认值为 128)造成的。您可以通过执行查看当前限制,cat /proc/sys/net/core/somaxconn强烈建议增加此限制:
sudo echo "net.core.somaxconn = 65535" | tee -a /etc/sysctl.conf
sudo sysctl -p
并检查它是否已经改变cat /proc/sys/net/core/somaxconn。
此外,这些错误可能是由于缺少传入连接积压队列的数量(大多数默认值为 1000)引起的。检查正在执行的电流限制cat /proc/sys/net/core/netdev_max_backlog。建议增加限制:
sudo echo "net.core.netdev_max_backlog = 65535" | tee -a /etc/sysctl.conf
sudo sysctl -p
并检查它是否已更改 cat /proc/sys/net/core/netdev_max_backlog
注意:如果这些问题出现在您的 OpenVZ VPS 上,则不可能遵循我的建议,因为您无法使用这种类型的虚拟化更改内核参数。在这种情况下,更好的选择是尝试在 php-fpm 池配置中使用端口侦听而不是套接字(例如 listen = 9000)。通过执行检查您的繁忙端口以找到可用的端口sudo netstat -tunlp。
| 归档时间: |
|
| 查看次数: |
17754 次 |
| 最近记录: |