NGINX 进程开始占用所有 CPU 核心,并且不会清除和释放它们。服务器已经运行了一个月,配置与今天相同,但这种情况从昨天才开始发生。
nginx logs和中都没有有用的信息php-fpm logs。我该如何调查这个问题,我应该从哪里开始?有什么工具可以帮助我找出发生这种情况的原因吗?
同时top命令输出如下:
top - 19:14:15 up 24 days, 1:19, 1 user, load average: 6.54, 4.94, 4.59
Tasks: 507 total, 7 running, 500 sleeping, 0 stopped, 0 zombie
%Cpu(s): 28.8 us, 0.7 sy, 0.0 ni, 69.8 id, 0.0 wa, 0.0 hi, 0.7 si, 0.0 st
KiB Mem : 26394150+total, 17393424 free, 10442672 used, 23610540+buff/cache
KiB Swap: 10239996 total, 9770156 free, 469840 used. 25128828+avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
26532 nginx 20 0 70904 27784 2056 R 100.0 0.0 3:04.93 nginx
26531 nginx 20 0 61236 18032 2048 R 100.0 0.0 2:46.87 nginx
26533 nginx 20 0 76108 32928 2052 R 100.0 0.0 6:28.67 nginx
26530 nginx 20 0 56644 13416 2048 R 99.7 0.0 2:36.53 nginx
26534 nginx 20 0 53988 10852 2036 R 99.7 0.0 2:35.19 nginx
22620 nginx 20 0 540548 52280 26016 S 15.6 0.0 0:44.84 php-fpm
22670 nginx 20 0 534472 46308 26256 S 10.6 0.0 0:42.25 php-fpm
22702 nginx 20 0 534464 44524 24600 S 9.6 0.0 0:48.06 php-fpm
26528 nginx 20 0 63560 20376 2052 S 7.3 0.0 0:14.94 nginx
22718 nginx 20 0 536248 49320 27516 S 6.6 0.0 0:42.21 php-fpm
22725 nginx 20 0 533968 46476 26984 S 6.0 0.0 0:52.16 php-fpm
22611 nginx 20 0 540692 51000 24640 S 5.6 0.0 0:45.97 php-fpm
22632 nginx 20 0 577992 90824 27048 S 5.6 0.0 0:49.12 php-fpm
22717 nginx 20 0 535236 46316 25740 S 5.3 0.0 0:46.48 php-fpm
22665 nginx 20 0 536292 47420 25620 S 4.3 0.0 0:41.54 php-fpm
22780 nginx 20 0 534728 44748 24504 S 4.3 0.0 0:43.51 php-fpm
22726 nginx 20 0 540552 53544 27420 S 3.3 0.0 0:47.28 php-fpm
26527 nginx 20 0 57560 14428 2048 S 3.3 0.0 0:09.23 nginx
22730 nginx 20 0 534976 45912 25304 S 3.0 0.0 0:46.78 php-fpm
22744 nginx 20 0 540544 50932 24808 S 3.0 0.0 0:45.64 php-fpm
22761 nginx 20 0 542832 54460 27928 S 3.0 0.0 0:52.38 php-fpm
22616 nginx 20 0 535276 45788 24788 S 2.6 0.0 0:49.04 php-fpm
22617 nginx 20 0 540748 53516 27132 S 2.6 0.0 0:42.45 php-fpm
22630 nginx 20 0 603580 114140 24844 S 2.6 0.0 0:47.50 php-fpm
NGINX 配置:
user nginx;
worker_processes auto;
worker_rlimit_nofile 30000;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /dev/null;
error_log /var/log/nginx/error.log crit;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 300m;
open_file_cache_errors on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
add_header 'Access-Control-Allow-Origin' '*';
include /etc/nginx/conf.d/*.conf;
}
NGINX 服务器块
server {
listen 443 ssl http2;
ssl on;
ssl_certificate ...;
ssl_certificate_key ...;
server_name ...;
root /...;
# Enable compression, this will help if you have for instance advagg module
# by serving Gzip versions of the files.
gzip_static on;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# This matters if you use drush prior to 5.x
# After 5.x backups are stored outside the Drupal install.
#location = /backup {
# deny all;
#}
# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log|psb|vtt|mpl|idx|smi|sub|ass|srt|ssa|sami|pjs)$ {
allow 192.168.0.0/16;
deny all;
}
#location = /user/196737/content-sound {
# return 403;
#}
location ~ \..*/.*\.php$ {
return 403;
}
# No no for private
location ~ ^/sites/.*/private/ {
return 403;
}
# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}
location / {
# This is cool because no php is touched for static content
try_files $uri @rewrite;
}
location @rewrite {
# You have 2 options here
# For D7 and above:
# Clean URLs are handled in drupal_environment_initialize().
rewrite ^ /index.php;
# For Drupal 6 and bwlow:
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn't be needed (GlobalRedirect)
#rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_read_timeout 300;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
}
# Fighting with Styles? This little gem is amazing.
# This is for D6
#location ~ ^/sites/.*/files/imagecache/ {
# This is for D7 and D8
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
答案1
这是 nginx 1.11.11 中的一个 bug。http://nginx.org/en/CHANGES
错误修复:nginx 可能占用 CPU;该错误出现在 1.11.11 中。