Php-fpm configuration: encountered and error

rdn

Well-known member
Now I got this error on my php-fpm log:
Code:
[28-Jul-2014 22:47:24] WARNING: [pool www] server reached max_children setting (50), consider raising it
[01-Aug-2014 16:58:22] WARNING: [pool www] child 14226 exited on signal 6 (SIGABRT) after 12834.345554 seconds from start
[01-Aug-2014 16:58:22] NOTICE: [pool www] child 26860 started

My current php-fpm.conf: https://gist.githubusercontent.com/...0ebc75f8d67cdee5597fe1f62456bb9/gistfile1.txt

Server Specs:
CPU Model: Intel(R) Xeon(R) CPU E3-1245 V2 @ 3.40GHZ
CPU Speed: 8x 3392 MHz
32GB RAM
SSD Drive

All server software installed on this single dedicated server:
Nginx 1.7.3, Php 5.5.15, Mariadb 10.0.12, Memcached 1.4.20, Elasticsearch 1.3.1
upload_2014-8-1_17-42-24.webp

Please advice.
 
Which error are you referring to @RoldanLT ? There are 2 different ones meaning different things.

Code:
[01-Aug-2014 16:58:22] WARNING: [pool www] child 14226 exited on signal 6 (SIGABRT) after 12834.345554 seconds from start
[01-Aug-2014 16:58:22] NOTICE: [pool www] child 26860 started

That is happening when the child process has served 10,000 requests per this line in your config

Code:
pm.max_requests = 10000

pm.max_requests int
The number of requests each child process should execute before respawning. This can be useful to work around memory leaks in 3rd party libraries. For endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. Default value: 0.
 
  • Like
Reactions: rdn
I mean those two error @MattW
And what is your advisable pm.max_requests value to be use?
Thanks!
It's fine leaving it at 10,000. It just means it will kill the existing child, and spawn a new one once it's served 10,000 requests. Mine is set to 5,000, but my site is no where near as busy as yours. It's set to prevent memory leaks as per the notes from the PHP documentation.
 
What is your advisable pm.max_requests value to be use?
Certainly NOT 10,000 or 5,000 requests, like @MattW has. PHP-FPM lifespan was designed to be very short. On very busy sites I have it set to 100 (one hundred), which is already a pretty large number.

There are other settings that are not proper in your configuration. First, why do you use the nginx user instead of a dedicated php-fpm user? Having a common user might create issues when you set your hard and soft files, for example. Not to mention the actual file permissions. You open a nice backdoor at restricted directories and files owned specifically by nginx where a browser user should NEVER gain access (.htpasswd, etc.).

Your ondemand settings are wrong, the only accepted values are:
- pm.max_children
- pm.process_idle_timeout

From my experience, the ondemand PM type is not as efficient, compared to dynamic one. Presuming you will switch back to dynamic, allocating 20 start_servers is extreme for a site like yours. Did you looked at your ps or top to see what is the actual usage? Switch back to dynamic and use this formula for start_servers:
start_servers = (min_spare_servers + (max_spare_servers - min_spare_servers) / 2)

Did you defined your system limits for user nginx (which should actually be php-fpm)? If you did not, setting rlimit_files and core settings are useless. You also did not set important php_admin_value settings, I hope you did NOT edited php.ini. By default the config structure you have is wrong, you should have 2 separate files:
- global config file, with common settings
- node specific config files stored into /etc/php-fpm.d with settings designed for each node/site

Nginx uses the same approach, which is the proper way to design your configurations.
You should look at AXIVO nginx and php-fpm rpms, they are tailored specifically for Intel processors.
 
Last edited:
  • Like
Reactions: rdn
Certainly NOT 10,000 or 5,000 requests, like @MattW has. PHP-FPM lifespan was designed to be very short. On very busy sites I have it set to 100 (one hundred), which is already a pretty large number.
I adjusted my settings based on some googl'ing I did when I first started getting the messages in the log file same as @RoldanLT . If they are designed to be short lived, why is the default 0?
Code:
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 5000
There are other settings that are not proper in your configuration. First, why do you use the nginx user instead of a dedicated php-fpm user? Having a common user might create issues when you set your hard and soft files, for example. Not to mention the actual file permissions. You open a nice backdoor at restricted directories and files owned specifically by nginx where a browser user should NEVER gain access (.htpasswd, etc.).
That is how @eva2000 sets it up, don't forget, we both use Centminmod for our servers.
 
  • Like
Reactions: rdn
@MattW, you should not rely on what Google says because many people simply copy endlessly other bad tutorials, without even reading what PHP_FCGI_MAX_REQUESTS are designed to do. PHP_FCGI_MAX_REQUESTS determines the number of times a given php-fastcgi process will process PHP requests, before terminating and being replaced by another php-fastcgi process.

A PHP process memory usage increases over time. By setting PHP_FCGI_MAX_REQUESTS to a low value, first you lower the memory usage of php-fastcgi and second, you avoid any possible memory leaks. Think of them as real humans, working shift hours. Would you like to have someone working every day 23 hours overtime and sleep only 1 hour, or let them work 4 hours and do whatever they like for the rest of 20? To make it easier to understand, see a request like an average page load... would you rather have a SINGLE process load 5,000 pages then respawn or do the same operation every 100 pages?

As I said before, PHP developers had designed PHP-FPM process lifespan to be very short. Why add a ton of start_servers and other related options when you use one process for a huge amount of time? Is illogical... :)
 
Last edited:
Thanks @Floren , so, I've been and revised my settings.

Code:
pm = dynamic
pm.max_children = 50
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 25
pm.max_requests = 100

I'm going to spin up a VPS to play with, and do a full setup with your RPM's for everything. I might then have a go with my dedicated server ;)
 
  • Like
Reactions: rdn
This is what I personally use now on axivo.com:
Code:
# cat /etc/security/limits.d/60-php-fpm.conf
php-fpm soft nofile 16384
php-fpm hard nofile 32768
# cat /etc/php-fpm.d/www.conf
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;

; Multiple pools of child processes may be started with different listening
; ports and different management options.  The name of the pool will be
; used in logs and stats. There is no limitation on the number of pools which
; FPM can handle. Your system will tell you anyway :)

; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[www]
...
user = php-fpm
group = php-fpm
...
pm = dynamic
; pm.max_children = number pf procs x 4
; $ getconf _NPROCESSORS_ONLN
pm.max_children = 16
pm.start_servers = 6
pm.min_spare_servers = 2
pm.max_spare_servers = 10
pm.max_requests = 100
...
rlimit_files = 16384
...
php_admin_value[error_log] = /var/log/php-fpm/$pool.log
php_admin_value[date.timezone] = America/Montreal
php_admin_value[memory_limit] = 256M
php_admin_value[post_max_size] = 1M
php_admin_value[upload_max_filesize] = 1M
Any other settings are commented or let alone to their default values.
I've been debating if I should add be default the /etc/security/limits.d/60-php-fpm.conf file into AXIVO rpm... like I did for Elasticsearch. For Elasticsearch is truly imperative... still this is a very important setting. I will add them when a new version of software is released for MariaDB, Nginx and PHP. I will do PHP today, since they released version 5.5.15 a while ago, too busy on personal life. :)
 
Last edited:
@MattW, 32Gb of RAM. :) Perfect to create all your temp dirs used by Elasticsearch, MariaDB, Nginx, PHP etc. directly into RAM disks. Not that the SSD might be a bottleneck but still, I always preferred the RAM. Is volatile and avoids further SSD lifespan erosion.

Edit: My online server specs are lower than yours. :)
 
Last edited:
@Floren - when using your RPMs then, what users would you recommend setting the files to be?

Since using nginx, I've always ran PHP-FPM as the nginx user as well.

With your out of the box setup:

Code:
root      3956     1  0 16:01 ?        00:00:00 /usr/sbin/anacron -s
root      3974     1  0 16:04 ?        00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx     3975  3974  0 16:04 ?        00:00:00 nginx: worker process                  
nginx     3977  3974  0 16:04 ?        00:00:00 nginx: worker process                  
root      3986     2  0 16:07 ?        00:00:00 [kworker/u4:2]
root      4020     1  0 16:13 ?        00:00:00 php-fpm: master process (/etc/php/php-fpm.conf)
php-fpm   4021  4020  1 16:13 ?        00:00:03 php-fpm: pool www                        
php-fpm   4022  4020  0 16:13 ?        00:00:00 php-fpm: pool www                        
php-fpm   4023  4020  0 16:13 ?        00:00:00 php-fpm: pool www                        
php-fpm   4024  4020  0 16:13 ?        00:00:00 php-fpm: pool www                        
root      4047  1997  0 16:18 pts/0    00:00:00 ps -ef
 
I don't understand the question, can you please detail more?
Sorry, so for example, I'm just setting up a single site. I've copied over the files from my current dedicated server, where the owner is nginx for the files, nginx runs as nginx, and php-fpm also runs as nginx.

Would it be better to have php-fpm run as a new user (for example mattwserv), and chown all the files as that new user? Your default config runs php-fpm as the php-fpm user
 
Sorry, so for example, I'm just setting up a single site. I've copied over the files from my current dedicated server, where the owner is nginx for the files, nginx runs as nginx, and php-fpm also runs as nginx.

Would it be better to have php-fpm run as a new user (for example mattwserv), and chown all the files as that new user? Your default config runs php-fpm as the php-fpm user
yeah need to create a new user etc.

First, why do you use the nginx user instead of a dedicated php-fpm user? Having a common user might create issues when you set your hard and soft files, for example. Not to mention the actual file permissions. You open a nice backdoor at restricted directories and files owned specifically by nginx where a browser user should NEVER gain access (.htpasswd, etc.).

Your ondemand settings are wrong, the only accepted values are:
- pm.max_children
- pm.process_idle_timeout
fyi, remember Centmin Mod is partly based on automation and catering for all, so default config is ondemand might have settings that do not apply to ondemand situation, but will apply if you switch from ondemand to static or dynamic. The php-fpm as nginx user was left over from original Centmin script which I based mine off of.. It is going to be changed when jailed/chroot user options are added https://blog.centminmod.com/194

oh and nginx user has file descriptor limits at 262,144 in Centmin Mod
 
@MattW, when you refer to owning the files, you are referring to XenForo php files/dirs? They should be owned ALL by root 0644/0755, except:
Code:
# pwd
/var/www/axivo.com
# ls -lha | grep data
drwxr-xr-x.  6 php-fpm root 4.0K Apr 23 23:20 data
drwxr-xr-x.  7 php-fpm root 4.0K Jun 23 10:53 internal_data
# chown -R php-fpm data
# find data -type f -exec chmod 0644 {} ';'
# find data -type d -exec chmod 0755 {} ';'
# chown -R php-fpm internal_data
# find internal_data -type f -exec chmod 0644 {} ';'
# find internal_data -type d -exec chmod 0755 {} ';'
Then, in your config.php file add:
$config['chmodWritableValue'] = 0644;
Is not recommended to have a new user, use php-fpm as default user for sanity reasons.
AXIVO PHP rpm uses default base /var/www, not /var/www/html, as is more flexible. You can create a ton of separated directories into /var/www, like I did.
 
It is going to be changed when jailed/chroot user options are added https://blog.centminmod.com/194
I will never go this route, is a bit extreme. You are embarking on a HUGE work load. :)
If your system is well configured, you will not have any issues. For example, AXIVO PHP rpm is designed to recursively execute code present ONLY on /var/www directory, anywhere else it will not.
 
Last edited:
Top Bottom