对于我新服务器上的所有网站,似乎一旦nginx
服务了一定数量的流量,它就会开始服务“错误 502-网关错误!“。
让我们看一下一些日志和配置...
操作系统:Ubuntu 16.04(服务器)
硬件:6 核,12GB RAM
控制板: ISP配置
nginx 版本:1.10.3
从/var/www/example/log/error.log
:
11: Resource temporarily unavailable) while connecting to upstream, client: 216.170.123.179, server: example.com, request: "GET /KHFxygk9 HTTP/1.1", upstream: "fastcgi://unix:/var/lib/php7.0-fpm/web3.sock:", host: "example.com", referrer: "http://example.com/"
2017/08/10 06:01:06 [error] 15408#15408: *31372 connect() to unix:/var/lib/php7.0-fpm/web3.sock failed (11: Resource temporarily unavailable) while connecting to upstream, client: 192.3.114.12, server: example.com, request: "GET /jiPNQjwp HTTP/1.1", upstream: "fastcgi://unix:/var/lib/php7.0-fpm/web3.sock:", host: "example.com", referrer: "http://example.com/"
这是我的配置文件:
- /etc/php/7.0/fpm/pool.d/www.conf
[www]
user = www-data
group = www-data
listen = /run/php/php7.0-fpm.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 12
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
pm.max_requests = 500
- /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
systemctl status php7.0-fpm
● php7.0-fpm.service - The PHP 7.0 FastCGI Process Manager
Loaded: loaded (/lib/systemd/system/php7.0-fpm.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2017-08-10 04:44:16 UTC; 1h 30min ago
Process: 20310 ExecReload=/bin/kill -USR2 $MAINPID (code=exited, status=0/SUCCESS)
Process: 20302 ExecReload=/usr/lib/php/php7.0-fpm-checkconf (code=exited, status=0/SUCCESS)
Process: 13060 ExecStartPre=/usr/lib/php/php7.0-fpm-checkconf (code=exited, status=0/SUCCESS)
Main PID: 13070 (php-fpm7.0)
Status: "Processes active: 20, idle: 12, Requests: 6874, slow: 0, Traffic: 0.3req/sec"
CGroup: /system.slice/php7.0-fpm.service
├─13070 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
├─13072 php-fpm: pool apps-{fpm_domain}
├─13073 php-fpm: pool apps-{fpm_domain}
├─13074 php-fpm: pool ispconfig
├─13075 php-fpm: pool ispconfig
├─13076 php-fpm: pool web1
├─13077 php-fpm: pool web1
├─13079 php-fpm: pool web2
├─13080 php-fpm: pool web3
├─13081 php-fpm: pool web3
├─13082 php-fpm: pool web4
├─13083 php-fpm: pool web4
├─13084 php-fpm: pool web5
├─13085 php-fpm: pool web5
├─13087 php-fpm: pool www
├─13088 php-fpm: pool www
├─16186 php-fpm: pool web3
├─16603 php-fpm: pool web3
├─16604 php-fpm: pool web3
├─16605 php-fpm: pool web3
├─16609 php-fpm: pool web3
├─16614 php-fpm: pool web3
├─16629 php-fpm: pool web3
├─16630 php-fpm: pool web3
├─18019 php-fpm: pool web2
├─18026 php-fpm: pool web2
├─18027 php-fpm: pool web2
├─18028 php-fpm: pool web2
├─18369 php-fpm: pool web2
├─18370 php-fpm: pool web2
├─18410 php-fpm: pool web2
├─18411 php-fpm: pool web2
└─18413 php-fpm: pool web2
Aug 10 04:44:16 web1.example.com systemd[1]: Stopped The PHP 7.0 FastCGI Process Manager.
Aug 10 04:44:16 web1.example.com systemd[1]: Starting The PHP 7.0 FastCGI Process Manager...
Aug 10 04:44:16 web1.example.com systemd[1]: Started The PHP 7.0 FastCGI Process Manager.
答案1
这些错误可能是由于未达到允许的最大套接字连接数(大多数默认值为 128)引起的。您可以通过执行以下命令查看当前限制,cat /proc/sys/net/core/somaxconn
强烈建议增加此限制:
echo "net.core.somaxconn = 65535" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
并检查其是否已经改变cat /proc/sys/net/core/somaxconn
。
这些错误也可能是由于传入连接积压队列数量不足(大多数默认值为 1000)造成的。请检查当前执行的限制cat /proc/sys/net/core/netdev_max_backlog
。建议增加限制:
echo "net.core.netdev_max_backlog = 65535" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
并检查是否已改变cat /proc/sys/net/core/netdev_max_backlog
笔记:如果您的 OpenVZ VPS 出现这些问题,则无法遵循我的建议,因为您无法使用这种类型的虚拟化来更改内核参数。在这种情况下,更好的选择是尝试在 php-fpm 池配置中使用端口监听而不是套接字(例如 listen = 9000)。通过执行检查繁忙的端口以找到可用的端口sudo netstat -tunlp
。
答案2
您的 cfg 中存在一些不匹配的情况,在 php 中定义listen = /run/php/php7.0-fpm.sock
但 nginx 尝试连接到fastcgi://unix:/var/lib/php7.0-fpm/web3.sock
。在两个地方(php 和 nginx)设置相同的值
答案3
您必须增加 php-fpm 最大子设置pm.max_children
。当前值为 12。
您还可以附加 php-fpm 错误日志吗?