我遇到了一个无法解决的问题。我们的应用服务器莫名其妙地开始“丢弃请求”。这些是 ajax 请求。
我重新启动php5-fpm,几分钟内一切运行正常,但随后几个小时内成功率下降。当有一定负载时,ajax 连接会恢复……不是被截断,而是没有有效负载。
我不知道如何解决这个问题,我并不经常遇到这类问题。
- 服务器有128M内存
- 24 个 CPU,
这是 Nginx.conf,添加了缓冲区配置和 fastcgi_temp_path,但没有任何内容写入 /tmp 目录。
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
client_body_buffer_size 100m;
client_max_body_size 100m;
# proxy buffer settings
proxy_buffer_size 1020k;
proxy_buffers 256 4k;
proxy_busy_buffers_size 1020k;
fastcgi_temp_path /tmp/nginx_fastcgi;
##
# Basic Settings
##
## SSL CONFIGURATION ##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
# L'ECDHE sera proposé au navigateur par l'ajout de HIGH dans la directive ssl_ciphers
ssl_ciphers "HIGH:!aNULL:!MD5:!ADH:!RC4:!DH";
# La directive ssl_prefer_server_ciphers permet de forcer le navigateur à utiliser les préférences de chiffrement du serveur
# Sans cette directive, le Perfect Forward Secrecy risque de ne pas être activé car l'ECDHE ne sera pas proposé en premier
ssl_prefer_server_ciphers on;
## END SSL CONFIGURATOIN ##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
# Enable gzip compression.
gzip on;
gzip_disable "msie6";
# Compression level (1-9).
# 5 is a perfect compromise between size and CPU usage, offering about
# 75% reduction for most ASCII files (almost identical to level 9).
gzip_comp_level 5;
# Don't compress anything that's already small and unlikely to shrink much
# if at all (the default is 20 bytes, which is bad as that usually leads to
# larger files after gzipping).
gzip_min_length 256;
# Compress data even for clients that are connecting to us via proxies,
# identified by the "Via" header (required for CloudFront).
gzip_proxied any;
# Tell proxies to cache both the gzipped and regular version of a resource
# whenever the client's Accept-Encoding capabilities header varies;
# Avoids the issue where a non-gzip capable client (which is extremely rare
# today) would display gibberish if their proxy gave them the gzipped version.
gzip_vary on;
# Compress all output labeled with one of the following MIME-types.
gzip_types
application/javascript
application/x-javascript
application/atom+xml
application/rdf+xml
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/javascript
text/xml
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
# text/html is always compressed by gzip module
##
# Virtual Host Configs
##
upstream papp {
server unix:/var/run/php5-fpm-papp.sock; #for PHP-FPM running on UNIX socket
}
#fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
#fastcgi_cache_key "$scheme$request_method$host$request_uri";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
这是虚拟主机:
server {
# set the user that runs nginx & php
set $phpfcgi papp;
listen 80;
listen 443 default_server ssl;
server_name compte.papp.com;
root /var/www/papp.com/prod/web;
#ssl on;
ssl_certificate /etc/nginx/ssl/papp.com/2018-12-03/compte.pretinstant.com.combined.crt;
ssl_certificate_key /etc/nginx/ssl/papp.com/2018-12-03/compte.papp.com.key;
error_log /var/log/nginx/papp.com.compte.error.log notice;
access_log /var/log/nginx/papp.com.compte.access.log;
#rewrite_log on;
client_body_buffer_size 100m;
client_max_body_size 100m;
# strip app.php/ prefix if it is present
rewrite ^/app\.php/?(.*)$ /$1 permanent;
location / {
index app.php;
try_files $uri @rewriteapp;
}
location @rewriteapp {
rewrite ^(.*)$ /app.php/$1 last;
}
# pass the PHP scripts to FastCGI server from upstream phpfcgi
#location ~ ^/(app|app_dev|config)\.php(/|$) {
location ~ ^/(app|app_dev|config|js/tinymce/plugins/moxiemanager/api)\.php(/|$) {
# Set fastcgi buffer size
#fastcgi_buffers 32 32k;
#fastcgi_buffer_size 32k;
fastcgi_pass $phpfcgi;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param HTTPS on;
}
}
这是 php.conf:
;;;;;;;;;;;;;;;;;;;;;
; FPM Configuration ;
;;;;;;;;;;;;;;;;;;;;;
; All relative paths in this configuration file are relative to PHP's install
; prefix (/usr). This prefix can be dynamically changed by using the
; '-p' argument from the command line.
; Include one or more files. If glob(3) exists, it is used to include a bunch of
; files from a glob(3) pattern. This directive can be used everywhere in the
; file.
; Relative path can also be used. They will be prefixed by:
; - the global prefix if it's been set (-p argument)
; - /usr otherwise
;include=/etc/php5/fpm/*.conf
;;;;;;;;;;;;;;;;;;
; Global Options ;
;;;;;;;;;;;;;;;;;;
[global]
; Pid file
; Note: the default prefix is /var
; Default Value: none
pid = /var/run/php5-fpm.pid
; Error log file
; If it's set to "syslog", log is sent to syslogd instead of being written
; in a local file.
; Note: the default prefix is /var
; Default Value: log/php-fpm.log
error_log = /var/log/php/php5-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
;log_level = notice
; If this number of child processes exit with SIGSEGV or SIGBUS within the time
; interval set by emergency_restart_interval then FPM will restart. A value
; of '0' means 'Off'.
; Default Value: 0
;emergency_restart_threshold = 0
; Interval of time used by emergency_restart_interval to determine when
; a graceful restart will be initiated. This can be useful to work around
; accidental corruptions in an accelerator's shared memory.
; Available Units: s(econds), m(inutes), h(ours), or d(ays)
; Default Unit: seconds
; Default Value: 0
;emergency_restart_interval = 0
; Time limit for child processes to wait for a reaction on signals from master.
; Available units: s(econds), m(inutes), h(ours), or d(ays)
; Default Unit: seconds
; Default Value: 0
;process_control_timeout = 0
; The maximum number of processes FPM will fork. This has been design to control
; the global number of processes when using dynamic PM within a lot of pools.
; Use it with caution.
; Note: A value of 0 indicates no limit
; Default Value: 0
; process.max = 128
; Specify the nice(2) priority to apply to the master process (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool process will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19
; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging.
; Default Value: yes
;daemonize = yes
; Set open file descriptor rlimit for the master process.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit for the master process.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Specify the event mechanism FPM will use. The following is available:
; - select (any POSIX os)
; - poll (any POSIX os)
; - epoll (linux >= 2.5.44)
; - kqueue (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0)
; - /dev/poll (Solaris >= 7)
; - port (Solaris >= 10)
; Default Value: not set (auto detection)
;events.mechanism = epoll
; When FPM is build with systemd integration, specify the interval,
; in second, between health report notification to systemd.
; Set to 0 to disable.
; Available Units: s(econds), m(inutes), h(ours)
; Default Unit: seconds
; Default value: 10
;systemd_interval = 10
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
; Multiple pools of child processes may be started with different listening
; ports and different management options. The name of the pool will be
; used in logs and stats. There is no limitation on the number of pools which
; FPM can handle. Your system will tell you anyway :)
; To configure the pools it is recommended to have one .conf file per
; pool in the following directory:
include=/etc/php5/fpm/pool.d/*.conf
这是pool.d/papp.conf,由于我打破了字符限制,所以概要如下:
https://gist.github.com/stefgosselin/5a668d2af5adc5b273e2f07def1d07d7