PHP-FPM Configuration
Unlike lamp, in the LNMP architecture, PHP-FPM exists as an independent service, and since it is an independent service, he has his own configuration file. The configuration file for PHP-FPM is/usr/local/php-fpm/etc/.
Pool (pool) of PHP-FPM
Nginx support multiple virtual hosts, PHP-FMP also support the configuration of multiple pool, each pool can listen to a port, can also listen to a socket (socket). For example, our nginx has a number of sites, then each site can use a pool. The advantage of this is that when one of the PHP shows 502 (502 may be our PHP resources are not enough), if all our sites are using the same pool, when one of the sites display 502, then the same pool site will be all invalidated. So it's necessary to isolate each site and use a separate pool.
Set up multiple pool
First enter the directory/usr/local/php-fpm/etc/. Then edit vim php-fpm.conf
[Email protected] etc]# vim php-fpm.conf
[Global]
PID =/usr/local/php-fpm/var/run/php-fpm.pid
Error_log =/usr/local/php-fpm/var/log/php-fpm.log
[WWW]
Listen =/tmp/php-fcgi.sock
#listen = 127.0.0.1:9000
Listen.mode = 666
user = PHP-FPM
Group = PHP-FPM
PM = dynamic
Pm.max_children = 50
Pm.start_servers = 20
Pm.min_spare_servers = 5
Pm.max_spare_servers = 35
Pm.max_requests = 500
Rlimit_files = 1024
We will continue to append the same content as above on the back. However, it is important to note that the pool in [] is to be changed, and the following listen will be the same as the name above. After saving we test to see there are some grammatical errors
/usr/local/php-fpm/sbin/php-fpm-t
If there's no mistake, we'll restart the php-fpm.
/ETC/INIT.D/PHP-FPM Reload
And then we'll take a look
PS Aux|grep php-fpm
PHP-FPM 4666 0.0 0.4 227204 4724? S 23:31 0:00 Php-fpm:pool www
PHP-FPM 4667 0.0 0.4 227204 4724? S 23:31 0:00 Php-fpm:pool www
PHP-FPM 4668 0.0 0.4 227204 4724? S 23:31 0:00 Php-fpm:pool www
PHP-FPM 4669 0.0 0.4 227204 4720? S 23:31 0:00 Php-fpm:pool aming.com
PHP-FPM 4670 0.0 0.4 227204 4720? S 23:31 0:00 Php-fpm:pool aming.com
PHP-FPM 4671 0.0 0.4 227204 4720? S 23:31 0:00 Php-fpm:pool aming.com
PHP-FPM 4672 0.0 0.4 227204 4724? S 23:31 0:00 Php-fpm:pool aming.com
PHP-FPM 4673 0.0 0.4 227204 4728? S 23:31 0:00 Php-fpm:pool aming.com
At this time we found that there is already a pool of aming.com.
Then we can configure different URLs for different
For example, we can configure the aaa.com pool as aming.com.
First open the AAA.com configuration file, and then add the following content.
Location ~. php$
{
Include Fastcgi_params;
Fastcgi_pass Unix:/tmp/aming.sock;
Fastcgi_index index.php;
Fastcgi_param Script_filename/data/wwwroot/default$fastcgi_script_name;
Access_log/tmp/test.com.log aming;
}
In Nginx, it supports include vhost/. conf, and it is also supported in PHP-FPM.
This will save you from the exit.
We can do that, too.
First edit php-fpm.conf
Then add include = etc/php-fpm.d/in the last line of global. conf
[Email protected] etc]# vim php-fpm.conf
[Global]
PID =/usr/local/php-fpm/var/run/php-fpm.pid
Error_log =/usr/local/php-fpm/var/log/php-fpm.log
Include = etc/php-fpm.d/. conf
Then copy all the contents of the following and delete, ready to paste into another two configuration files.
Because include = etc/php-fpm.d/. conf, we are going to build a PHP-FPM.D directory under/usr/local/php-fpm/etc/.
The configuration files will then be created under the directory, for example, we want to build www.com and aming.com
Then delete the configuration files that were just copied into the corresponding two configuration files.
This configuration is similar to the vhost in Nginx simple and convenient.
PHP-FPM Slow Execution Log
如果有一天我们的网站访问非常慢,这时我们既可以通过php-fpm的慢执行日志进行分析,在这里我们可以非常清晰的了解到php的脚本中哪里执行时间长,他可以定位到具体的行,这就是php-fpm慢执行日志的好处。我们用刚才的www.conf做实验,首先打开配置文件
/usr/local/php-fpm/etc/php-fpm.d/www.conf
And then add two more lines of configuration to the back.
Request_slowlog_timeout = 1 (more than 1 seconds will be written to the log, but we generally write for two seconds)
Slowlog =/usr/local/php-fpm/var/log/www-slow.log (log directory)
Then we check to see if the log is generated
Ls/usr/local/php-fpm/var/log
Php-fpm.log Www-slow.log
Log has been generated
Then we do an experiment, write a script to simulate slow execution
vim/data/wwwroot/test.com/sleep.php
Then write the content
<?php Echo
"Test slow Log";
Sleep (2);
echo "Done";
?>
Save exit
And then we run curl-x127.0.0.1:80 test.com/sleep.php
But when we found out that he didn't do it, we had to get a wrong line. Review the error log.
The log shows a syntax error, so we re-edit the script.
After re-editing, we run the script again to view the slow execution log
Cat/usr/local/php-fpm/var/log/www-slow.log
The log then generates the following content
[Email protected] php-fpm.d]# Cat/usr/local/php-fpm/var/log/www-slow.log
[01-may-2018 22:09:11] [Pool www] pid 7471
Script_filename =/data/wwwroot/test.com/sleep.php (This paragraph tells you which script is slow)
[0x00007f95ef40a2f8] Sleep ()/data/wwwroot/test.com/sleep.php:3 (this paragraph tells you that the third line of the script leads to slow access)
And the third paragraph is exactly what we deliberately make it slow to configure.
So that's the power of slow execution logs. Not only can he tell you which script is out of the question, but it can also tell you where the problem is in particular.
Open_basedir
Available symbols "." To represent the current directory. Note that the limit specified with Open_basedir is actually a prefix, not a directory name.
For example: if "Open_basedir =/dir/user", then the directory "/dir/user" and "/dir/user1″ are
accessible." So if you want to restrict access to only the specified directory, end the path name with a slash. For example, set to:
"Open_basedir =/dir/user/"
We can set the Open_basedir for a pool that does not pass through. Just add a line of configuration to the configuration file.
We configure Open_basedi for www.conf
first into the/USR/LOCAL/PHP-FPM/ETC/PHP-FPM.D directory, edit www.conf
[www]
Listen =/tmp/ Php-fcgi.sock
#listen = 127.0.0.1:9000
Listen.mode = 666
user = php-fpm
Group = php-fpm
pm = dynamic
Pm.max_children =
Pm.start_servers =
Pm.min_spare_servers = 5
Pm.max_spare_servers =
Pm.max_ Requests =
Rlimit_files = 1024x768
Request_slowlog_timeout = 1
Slowlog =/usr/local/php-fpm/var/log/ Www-slow.log
php_admin_value[open_basedir]=/data/wwwroot/test.com:/tmp/(requires additional configuration)
(1) The test configuration file is correct:
/usr/local/nginx/sbin/nginx-t
(2) Load the configuration file:
/usr/local/nginx/sbin/nginx-s Reload
(/ETC/INIT.D/PHP-FPM Reload)
And then I do the experiment.
Curl-x127.0.0.1:80 Test.com/3.php-i
http/1.1 OK
server:nginx/1.12.1
date:wed, 2018 13:33:32 GMT
content-type:text/html; Charset=utf-8
Connection:keep-alive
x-powered-by:php/5.6.30
If the Open_basedir configuration is wrong, you will not be able to access the site. We configure www.conf again, this time will open_basedir intentional configuration error.
And then we do the experiment.
Curl-x127.0.0.1:80 Test.com/3.php-i
http/1.1 404 Not Found
server:nginx/1.12.1
date:wed, 2018 13:56:57 GMT
content-type:text/html; Charset=utf-8
Connection:keep-alive
x-powered-by:php/5.6.30
It's not connected this time.
So we have to the site must be and the following new configuration Open_basedir consistent. If a multi-defined path is not correct, then he cannot access it.
You want to query the site for which it corresponds. Go to the/usr/local/nginx/conf/vhost/directory to find it.
We can also view the error log.
First we will configure the error log.
Vim/usr/local/php-fpm/etc/php.ini
Search/display_errors
Display_errors = Off
Then change the display_errors back to off, and if not changed, the error log will be displayed on the Web page.
Change Log_errors to On
Log_errors = On
We want to record the error log in a file on the server.
Error_log = Specifies the error log file path
; Example:
; error_log = Php_errors.log
; Log errors to Syslog (Event Log on Windows).
; error_log = syslog
/usr/local/php-fpm/var/log/php_errors.log (newly added configuration)
Error_reporting defining log Levels
#error_reporting = E_all & ~e_deprecated & ~e_strict
error_reporting = E_all
Comment out the above line and add the following line.
The log is then manually generated and the permissions are changed to 777
Touch/usr/local/php-fpm/var/log/php_errors.log
chmod 777/usr/local/php-fpm/var/log/php_errors.log
Then load the PHP-FPM from the new
/ETC/INIT.D/PHP-FPM Reload
Start experimenting.
Curl-x127.0.0.1:80 Test.com/3.php-i
http/1.1 404 Not Found
server:nginx/1.12.1
date:wed, 2018 14:42:05 GMT
content-type:text/html; Charset=utf-8
Connection:keep-alive
x-powered-by:php/5.6.30
Then view the error log
[Email protected] php-fpm.d]# Cat/usr/local/php-fpm/var/log/php_errors.log
[02-may-2018 14:41:13 UTC] PHP deprecated:comments starting with ' # ' is Deprecated in Unknown on line 1 in Unknown on line 0
[02-may-2018 14:41:50 UTC] PHP Warning:Unknown:open_basedir restriction in effect. File (/data/wwwroot/test.com/3.php) is not within the allowed path (s): (/data/wwwroot/aming.com:/tmp/) in Unknown on line 0
[02-may-2018 14:41:50 UTC] PHP Warning:Unknown:failed to open stream:operation not permitted in Unknown on line 0
[02-may-2018 14:42:05 UTC] PHP Warning:Unknown:open_basedir restriction in effect. File (/data/wwwroot/test.com/3.php) is not within the allowed path (s): (/data/wwwroot/aming.com:/tmp/) in Unknown on line 0
[02-may-2018 14:42:05 UTC] PHP Warning:Unknown:failed to open stream:operation not permitted in Unknown on line 0
We can find through the log that the file we are accessing is test.com/3.php, and the open Dasedir we define is aming.com:/tmp/, so it must be inaccessible. It is only possible to change it back in order to continue accessing.
PHP-FPM Process Management
PM = dynamic/Active process management, also can be static
Pm.max_children = 50//maximum number of sub-processes, PS aux can be viewed
Pm.start_servers = 20//Number of processes that will start when the service is started
Pm.min_spare_servers = 5//Defines the minimum number of child processes in the idle period, and if this value is reached, the PHP-FPM service automatically derives the new child process.
Pm.max_spare_servers = 35//Defines the maximum number of child processes in the idle period, or, if higher than this value, to start cleaning up idle child processes.
Pm.max_requests = 500//defines the maximum number of requests processed by a child process, that is, in a PHP-FPM child process can handle so many requests, when this value is reached, it automatically exits
PHP-FPM pool, php-fpm slow execution log, Open_basedir, PHP-FPM process Management