Learn about Centmin Mod LEMP Stack today
Register Now

Beta Branch update php-fpm configuration in 123.09beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Jan 29, 2019.

  1. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    update php-fpm configuration in 123.09beta01

    1. update default pm.max_children value from 20 to 30 in PHP-FPM config file /usr/local/etc/php-fpm.conf for fresh installs only. Existing installs not changed as it may override existing install's custom settings users may have made.
    2. update nginx.conf add /usr/local/nginx/conf/default_phpupstream.conf in 123.09beta01

    add /usr/local/nginx/conf/default_phpupstream.conf include file to /usr/local/nginx/conf/nginx.conf which contains the new default PHP-FPM upstream configuration named dft_php containing
    Code (Text):
    upstream dft_php {
      zone dftphp_zone 128k;
      server 127.0.0.1:9000;
      keepalive 2;
    }
    

    The global php include file at /usr/local/nginx/conf/php.conf in every generated nginx vhost is responsible for serving PHP to visitors. In the /usr/local/nginx/conf/php.conf include file the setting
    Code (Text):
    fastcgi_pass   127.0.0.1:9000;
    

    is responsible for telling Nginx which PHP-FPM server to communicate with - the default PHP-FPM server is located on 127.0.0.1 port 9000.

    with newly added /usr/local/nginx/conf/default_phpupstream.conf include file to /usr/local/nginx/conf/nginx.conf in place, you can edit /usr/local/nginx/conf/php.conf to change the referenced fastcgi_pass setting to talk to a upstream called dft_php
    Code (Text):
    fastcgi_pass dft_php;
    #fastcgi_pass   127.0.0.1:9000;
    

    with old setting commented out with a hash # in front of it. New 123.09beta01 installs only will default to this configuration in /usr/local/nginx/conf/php.conf with added /usr/local/nginx/conf/default_phpupstream.conf include file in /usr/local/nginx/conf/nginx.conf. Existing installs will have added /usr/local/nginx/conf/default_phpupstream.conf include file in /usr/local/nginx/conf/nginx.conf but /usr/local/nginx/conf/php.conf include is not changed as it may override existing install's custom settings.

    dft_php upstream references the server that nginx will communicate with which is same default PHP-FPM 127.0.0.1 on port 9000 while upstream has additional settings for keepalive. Switching to such a setup might have slight benefit for PHP-FPM latency response times and performance.

    Continue reading...

    123.09beta01 branch

     
  2. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
    Maybe we can expand this update to:
    Code:
    upstream dft_php {
            server unix:/var/run/php/php-fpm.sock;
            server 127.0.0.1:9000 backup;
            zone dftphp_zone 128k;
            keepalive 2;
        }
     
  3. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    unix sockets are disabled by default for TCP port 9000 usage - you can only set one not both at same time so setting that to unix sockets default with TCP 9000 backup = 502 errors for php
     
  4. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
    Any benchmark/articles to read about this Eva?
    Thanks!
     
  5. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Just my own private testing for past few years :)

    Of course you can do your own comparison testing of the new configuration versus previous one too ;) :D
     
  6. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
  7. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    indeed true.. my custom setups do have fastcgi_keep_conn set as does experimental wordpress fastcgi_cache routine for centmin.sh menu option 22 that i have been working on. Will add it to the defaults now too
     
  8. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
  9. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    yes fastcgi_pass/server upstream is 1 per php-fpm pool. So if you have multiple PHP-FPM pools, you can list each in upstream as a separate server directive entry. But you want to create your own upstream instead of using this default one which will override with 123.09beta01 updates right now
     
  10. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
    I think I got it working fine.

    1st I created: /usr/local/nginx/conf/php_poolunix.conf
    Code (Text):
    [poolunix]
    user = nginx
    group = nginx
    
    ;listen = 127.0.0.1:9002
    listen.allowed_clients = 127.0.0.1
    ;listen.backlog = -1
    
    listen = /tmp/php-fpm-unix.sock
    listen.owner = nginx
    listen.group = nginx
    listen.mode = 0660
    
    pm = static
    pm.max_children = 32
    pm.start_servers = 8
    pm.min_spare_servers = 4
    pm.max_spare_servers = 16
    pm.max_requests = 5000
    
    ; PHP 5.3.9 setting
    ; The number of seconds after which an idle process will be killed.
    ; Note: Used only when pm is set to 'ondemand'
    ; Default Value: 10s
    pm.process_idle_timeout = 10s;
    
    rlimit_files = 65536
    rlimit_core = 0
    
    ; The timeout for serving a single request after which the worker process will
    ; be killed. This option should be used when the 'max_execution_time' ini option
    ; does not stop script execution for some reason. A value of '0' means 'off'.
    ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
    ; Default Value: 0
    request_terminate_timeout = 90s
    ; Default Value: 0
    ;request_slowlog_timeout = 0
    slowlog = /var/log/php-fpm/www-slow-poolunix.log
    
    pm.status_path = /phpstatus-poolunix
    ping.path = /phpping-poolunix
    ping.response = pong
    
    ; Limits the extensions of the main script FPM will allow to parse. This can
    ; prevent configuration mistakes on the web server side. You should only limit
    ; FPM to .php extensions to prevent malicious users to use other extensions to
    ; exectute php code.
    ; Note: set an empty value to allow all extensions.
    ; Default Value: .php
    security.limit_extensions = .php
    
    ; catch_workers_output = yes
    php_admin_value[error_log] = /var/log/php-fpm/www-php.error-poolunix.log
    ;php_admin_value[disable_functions] = shell_exec
    php_admin_value[memory_limit] = 2048M
    
    

    2nd edited: /usr/local/etc/php-fpm.conf

    3rd include this code inside [global]:
    Code (Text):
    include=/usr/local/nginx/conf/php_poolunix.conf
    


    4th modify the content of: /usr/local/nginx/conf/default_phpupstream.conf to
    Code (Text):
    upstream dft_php {
        #ip_hash;
        zone dftphp_zone 128k;
        server unix:/tmp/php-fpm-unix.sock;
        server 127.0.0.1:9000 backup;
        keepalive 5;
    }
    


    Please let me know what else I missed :|.
    Seems to work fine.
     
  11. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    no need to do that as you can use existing directory in php-fpm.conf uncomment
    Code (Text):
    ;include=/usr/local/nginx/conf/phpfpmd/*.conf
    

    to become
    Code (Text):
    include=/usr/local/nginx/conf/phpfpmd/*.conf
    

    then add custom php-fpm pool, php_poolunix.conf into directory /usr/local/nginx/conf/phpfpmd/php_poolunix.conf but this will enable the extra pools Centmin Mod 123.09beta01 has too in /usr/local/nginx/conf/phpfpmd

    so if you don't want that then yes do
    Code (Text):
    include=/usr/local/nginx/conf/php_poolunix.conf
    


    don't edit default /usr/local/nginx/conf/default_phpupstream.conf but create your own i.e. /usr/local/nginx/conf/default_phpunixupstream.conf and include into /usr/local/nginx/conf/nginx.conf

    also as per Beta Branch - Centmin Mod .08 beta03+ Multiple PHP-FPM pools support added upstream php-fpm needs to add to /usr/local/nginx/conf/php.conf or create copy of php.conf to include/replace in nginx vhost with
    Code (Text):
    fastcgi_next_upstream error timeout http_500 http_503;
    

    but setting this will on xenforo forum closures result in alternating 503 and 502 bad gateway errors for visitors as xenforo reports 503 when closed and all php-fpm pools would send 503 to nginx which nginx would see as php-fpm pools all being down

    Module ngx_http_fastcgi_module
     
  12. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
    Is this the same or necessary even if I just use the TCP as backup server?
     
  13. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    If you don't set it, it has it's defaults for just error and timeout instances where it will move to next upstream i.e. backup.
     
  14. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
    I hope someone can create an addon for this:
    Add-on - XF 2.1 Request - Change Inactive board status code 503 to 200
     
  15. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
  16. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
    Maybe 403 is fine.
     
  17. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Yeah that might work
     
  18. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
    I encounter this now on devsite.
    True indeed.

    Edit: With 403 works fine for guest.
     
  19. rdan

    rdan Well-Known Member

    5,018
    1,221
    113
    May 25, 2014
    Ratings:
    +1,849
    Local Time:
    2:30 PM
    Mainline
    10.2
    Just an FYI for those who want to try, this isn't working great on Large/Active sites.

    Mine having 30+ average PHP-FPM request per seconds, and produce a lot of errors/lag :/.
     
  20. eva2000

    eva2000 Administrator Staff Member

    45,991
    10,448
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,210
    Local Time:
    4:30 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x