Nginx sock 失败

tag-icon tag-icon nginx php-fpm worker-process
Nginx sock 失败

我们的 Web 应用程序遇到了一个问题。nginx 错误日志上的事件是:

连接到上游时,连接到 unix:/run/php-fpm/www.sock 失败(11:资源暂时不可用)

它最近几天发生了一次,在出现此错误期间,所有用户的连接突然断开。

我们使用的 nginx 配置是:nginx 版本是 1.18.0

....
worker_processes  4;
worker_rlimit_nofile 32678;
....
events {
    worker_connections  8192;
}
...

php-fpm(版本 7.1.33)引擎是静态的,具有:

pm.max_children = 600
pm.process_idle_timeout = 10s;
pm.max_requests = 500

操作系统是 centos 7,最新版本是 7.9.2009(核心),它在(VMware 平台)上虚拟化,具有 16 个 vCPU 和 20GB vRAM,带有 SO。

Sysctl 详细信息

net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.eno16780032.disable_ipv6 = 1
net.ipv6.conf.all.autoconf = 0
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.default.accept_ra = 0
net.ipv6.conf.eno16780032.accept_ra = 0
net.ipv6.conf.lo.accept_ra = 0
net.ipv6.conf.lo.disable_ipv6 = 1


###CONF SOCKET
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30

###REDIS

#vm.overcommit_memory = 1
#vm.swappiness = 30

vm.overcommit_memory = 2
vm.overcommit_ratio = 75


###NGINX

fs.file-max = 100000


net.core.somaxconn = 65535
net.core.netdev_max_backlog = 262144
vm.swappiness = 20
net.ipv4.tcp_syncookies = 0
-----------------

/etc/security/limits.conf
nginx       soft    nofile  40000
nginx       hard    nofile  70000

您有这方面的经验吗?您能帮助我们吗?

提前致谢

我们的 ngnix.conf


user  apache;
worker_processes  4;

worker_rlimit_nofile 32678;

error_log  /logs/httpd/error.log error;
pid        /var/run/nginx.pid;

events {
    worker_connections  8192;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format main   '$remote_addr - $cookie_PHPSESSID - [$time_local] "$request" $status $body_bytes_sent ';
    log_format nxp '$remote_addr [$time_local] [$cookie_PHPSESSID] "$request" $status $request_time $body_bytes_sent';

    #access_log  /nxplogs/httpd/access.log nxp;
    access_log off;
    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    gzip  on;
    brotli on;
    server_names_hash_bucket_size 64;

    include /etc/nginx/sites-available/*.conf;

    # Generate 4K Diffie-Hellman params file with
    # mkdir /etc/pki/nginx && openssl dhparam -out /etc/pki/nginx/dhparam.pem 4096
    # and uncomment the following line:
    # ssl_dhparam /etc/pki/nginx/dhparam.pem;
    ssl_session_timeout 24h;
    ssl_session_cache shared:SSL:30m;
    ssl_protocols TLSv1.2 TLSv1.3;

    ## Use more secure and less CPU tasking ciphers compared to nginx defaults
    ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

    ## Improves TTFB by using a smaller SSL buffer than the nginx default
    ssl_buffer_size 8k;

    ssl_stapling on;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    ssl_trusted_certificate "/etc/pki/tls/certs/ca-bundle.crt";
    ssl_stapling_verify on;

    ssl_prefer_server_ciphers on;
   
   client_max_body_size 100m;
}

我们的 php-fpm.conf


;;;;;;;;;;;;;;;;;;;;;
; FPM Configuration ;
;;;;;;;;;;;;;;;;;;;;;

; All relative paths in this configuration file are relative to PHP's install
; prefix. This prefix can be dynamically changed by using the
; '-p' argument from the command line.

;;;;;;;;;;;;;;;;;;
; Global Options ;
;;;;;;;;;;;;;;;;;;

[global]
; Pid file
; Default Value: none
pid = /var/run/php-fpm/php-fpm.pid

; Error log file
; If it's set to "syslog", log is sent to syslogd instead of being written
; in a local file.
; Default Value: log/php-fpm.log
error_log = /nxplogs/php-fpm/error.log

; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon

; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm

; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = error

; If this number of child processes exit with SIGSEGV or SIGBUS within the time
; interval set by emergency_restart_interval then FPM will restart. A value
; of '0' means 'Off'.
; Default Value: 0
emergency_restart_threshold = 100

; Interval of time used by emergency_restart_interval to determine when
; a graceful restart will be initiated.  This can be useful to work around
; accidental corruptions in an accelerator's shared memory.
; Available Units: s(econds), m(inutes), h(ours), or d(ays)
; Default Unit: seconds
; Default Value: 0
emergency_restart_interval = 1m

; Time limit for child processes to wait for a reaction on signals from master.
; Available units: s(econds), m(inutes), h(ours), or d(ays)
; Default Unit: seconds
; Default Value: 0
process_control_timeout = 10s

; The maximum number of processes FPM will fork. This has been design to control
; the global number of processes when using dynamic PM within a lot of pools.
; Use it with caution.
; Note: A value of 0 indicates no limit
; Default Value: 0
; process.max = 128

; Specify the nice(2) priority to apply to the master process (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
;       - The pool process will inherit the master process priority
;         unless it specified otherwise
; Default Value: no set
; process.priority = -19

; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging.
; Default Value: yes
daemonize = yes

; Set open file descriptor rlimit for the master process.
; Default Value: system defined value
;rlimit_files = 1024

; Set max core size rlimit for the master process.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0


; Specify the event mechanism FPM will use. The following is available:
; - select     (any POSIX os)
; - poll       (any POSIX os)
; - epoll      (linux >= 2.5.44)
; - kqueue     (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0)
; - /dev/poll  (Solaris >= 7)
; - port       (Solaris >= 10)
; Default Value: not set (auto detection)
;events.mechanism = epoll

; When FPM is build with systemd integration, specify the interval,
; in second, between health report notification to systemd.
; Set to 0 to disable.
; Available Units: s(econds), m(inutes), h(ours)
; Default Unit: seconds
; Default value: 10
;systemd_interval = 10

;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;

; Multiple pools of child processes may be started with different listening
; ports and different management options.  The name of the pool will be
; used in logs and stats. There is no limitation on the number of pools which
; FPM can handle. Your system will tell you anyway :)

; Include one or more files. If glob(3) exists, it is used to include a bunch of
; files from a glob(3) pattern. This directive can be used everywhere in the
; file.
include=/etc/php-fpm.d/*.conf

相关内容