I have installed nginx, php and php-fpm on server and my website is working fine. I am trying to containerise only php files. It should be in a way that nginx should stop communicating with my host php and nginx should connect to php-fpm container and my website should work fine. I need to communicate them via TCP.
I am using php:7.1-fpm as base image and copying all php files in Dockerfile.
my questions is
what will be the "listen" value in php-fpm pool configuration for the container?
If both are in the same server, the listen value will be 127.0.0.1:9000. but it’s not the case here.
I know that the "listen" value in php-fpm pool configuration and "fastcgi_pass" in the nginx configuration should be the same.
Here the nginx is in the host and php-fpm is a container. I tried to use X.X.X.X:9000 (X.X.X.X is the ip of host) but i am getting errors like
ERROR: failed to post process the configuration
ERROR: FPM initialization failed
can anyone help me
I have installed apache on centos 7 and setup nginx as a reverse proxy for apache. Apache listens into 8080 and nginx into 80. I have two virtual hosts and also two server blocks.
Everything is OK and I can see my two server addresses: www1.mysite.com and www2.mysite.com
Now I install php-fpm to run php script. Near to one of my tested index.html files in my websites' root directory, I create an info.php file to see something printed by php. But I encounter a 503 error (unavailable service). What is wrong with my simple configuration do you think?
Any idea or similar experience would help me. Thank you in advance
My problem was almost funny. I had named my sock file php-fpm.sock but it was another name in the php-fpm config file.
I made them equal and the problem was resolved. Hope nobody encounter this rediculous mistake.
I installed PHP 7 on Red Hat Linux server, but apparently due to running a few commands on the server to configure PHP I have the lost the php-fpm.sock file.
Could anyone please assist me with contents of the file?
Yes that file should be auto generated, do not create the file manually! Ensure that the service is running service php-fpm start If it still fails, check the permissions. Check here for help: /etc/php-fpm.d/www.conf This is your main php-fpm config file. Make sure user, group, listen.owner, listen.group are set to your either nginx or apache user, depending on what web server you use. Also note that listen point to the actual socket file.
i´m moving my wordpress farm (10 installs) to docker architecture,
I want had one nginx container and run 10 php-fpm containers (mysql is on external server)
the php containers are named php_domainname, and also contain persistent storage
i want know how do this:
a)How pass domainname and containername to vhost conf file¿
b)when i start a php-fpm container
1) add a vhost.conf file into nginx confs folder
2) add volume (persistent storage) to nginx instance
3) restart nginx instance
All nginx-php dockers that i founded, has both process per instance, but i think that had 10+1 nginx is overloading the machine, and break the docker advantages
Thanks
No need to reinvent the wheel, this one has already been solved by docker-proxy which is also available on docker hub.
You can also use consul or like with service-autodiscovery. This means:
you add a consul server to your stack
you register all FPM servers as nodes
you register every FPM-daemon as a service "fpm" in consul
For your nginx vhost conf, lets say located /etc/nginx/conf.d/mywpfarm.conf you use consul-template https://github.com/hashicorp/consul-template to generate the config in a go-template were you use
upstream fpm {
{{range service "fpm"}}
server {{.Name}} {{.Address}}:{{.Port}};
{{end}}
}
In your location when you forward .php based request to the FPM upstream, you now use the upstream above. This way nginx will load-balance through all available servers. If you shutdown one FPM host, the config changes automatically and the FPM upstream gets adjusted ( thats what consul-template is for, it watches for changes ) - so you can add new FPM services at any time and scale horizontally very easy
I get a 502 Bad Gateway with nginx when using spawn fcgi to spawn php5-cgi.
I use this to span an instance on server start using the following line in rc.local
/usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -g www-data -f /usr/bin/php5-cgi -P /var/run/fastcgi-php.pid
presumably I'm getting the error because the spawn-fcgi / php5-cgi dies and there is nothing listening there anymore to parse php.
I get nothing in the logs that I can see anywhere, I'm out of ideas (and new to this setup with nginx)
I executed my localhost and the page displayed the 502 bad gateway message. This helped me:
Edit /etc/php5/fpm/pool.d/www.conf
Change listen = /var/run/php5-fpm.sock to listen = 127.0.0.1:9000
Ensure the location is set properly in nginx.conf.
Run sudo service php5-fpm restart
Maybe it will help you.
Source from: http://wildlyinaccurate.com/solving-502-bad-gateway-with-nginx-php-fpm
The 502 error appears because nginx cannot hand off to php5-cgi. You can try reconfiguring php5-cgi to use unix sockets as opposed to tcp .. then adjust the server config to point to the socket instead of the tcp ...
ps auxww | grep php5-cgi #-- is the process running?
netstat -an | grep 9000 # is the port open?
Go to /etc/php5/fpm/pool.d/www.conf and if you are using sockets or this line is uncommented
listen = /var/run/php5-fpm.sock
Set couple of other values too:-
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
Don't forget to restart php-fpm and nginx. Make sure you are using the same nginx owner and group name.
You have to match the settings for PHP-FPM and Nginx to communicate over sockets or TCP.
So go to /etc/php5/fpm/pool.d/www.conf and look for this line:
listen = /var/run/php5-fpm.sock
Then go to /etc/nginx/nginx.conf
Look for this:
upstream php {
server unix:/var/run/php5-fpm.socket;
}
Match those values and you should be all set.
If running a linux server, make sure that your IPTABLES configuration is correct.
Execute sudo iptables -L -n , you will recieve a listing of your open ports. If there is not an Iptables Rule to open the port serving the fcgi script you will receive a 502 error. The Iptables Rule which opens the correct port must be listed before any rule which categorically rejects all packets (i.e. a rule of the form "REJECT ALL -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable or similar)
On my configuration, to properly open the port, I had to execute this command (assume my fcgi server is running at port 4567):
sudo iptables -I INPUT 1 -p tcp --dport 4567 -j ACCEPT
WARNING: This will open port 4567 to the whole world.
So it might be better to do something like this:
sudo iptables-save >> backup.iptables
sudo iptables -D INPUT 1 #Delete the previously entered rule
sudo iptables -I INPUT 1 -p tcp --dport 8080 -s localhost -j ACCEPT # Add new rule
Doing this removed the 502 error for me.
change
fastcgi_pass unix:/var/run/php-fpm.sock;
to
fastcgi_pass unix:/var/run/php5-fpm.sock;
When I did sudo /etc/init.d/php-fpm start I got the following error:
Starting php-fpm: [28-Mar-2013 16:18:16] ERROR: [pool www] cannot get uid for user 'apache'
I guess /etc/php-fpm.d/www.conf needs to know the user that the webserver is running as and assumes it's apache when, for nginx, it's actually nginx, and needs to be changed.
You can make nginx ignore client aborts using:
location / {
proxy_ignore_client_abort on;
}
I had the same problem while setting up an Ubuntu server. Turns out I was having the problem due to incorrect permissions on socket file.
If you are having the problem due to a permission problem, you can uncomment the following lines from: /etc/php5/fpm/pool.d/www.conf
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
Alternatively, although I wouldn't recommend, you can give read and write permissions to all groups by using the following command.
sudo chmod go+rw /var/run/php5-fpm.sock
Try disabling the xcache or apc modules. Seems to cause a problem with some versions are saving objects to a session variable.
Hope this tip will save someone else's life. In my case the problem was that I ran out of memory, but only slightly, was hard to think about it. Wasted 3hrs on that. I recommend running:
sudo htop
or
sudo free -m
...along with running problematic requests on the server to see if your memory doesn't run out. And if it does like in my case, you need to create a swap file (unless you already have one).
I have followed this tutorial to create swap file on Ubuntu Server 14.04 and it worked just fine:
http://www.cyberciti.biz/faq/ubuntu-linux-create-add-swap-file/
If you're on Ubuntu, and all of the above has failed you, AppArmor is most likely to blame.
Here is a good guide how to fix it: https://www.digitalocean.com/community/tutorials/how-to-create-an-apparmor-profile-for-nginx-on-ubuntu-14-04
Long story short:
vi /etc/apparmor.d/nginx
Or
sudo aa-complain nginx
sudo service nginx restart
See everything working nicely... then
sudo aa-logprof
I still had problems with Nginx not being able to read error.log, even though it had all the permissions possible, including in Apparomor. I'm guessing it's got something to do with the order of the entries, or some interaction with Passenger or PHP-Fpm... I've run out of time to troubleshoot this and have gone back to Apache for now. (Apache performs much better too FYI.)
AppArmor just lets Nginx do whatever it wants if you just remove the profile:
rm /etc/apparmor.d/nginx
service apparmor reload
Shockingly, but hardly surprising, a lot of posts on fixing Nginx errors resorts to completely disabling SELinux or removing AppArmor. That's a bad idea because you lose protection from a whole lot of software. Just removing the Nginx profile is a better way to troubleshoot your config files. Once you know that the problem isn't in your Nginx config files, you can take the time to create a proper AppArmor profile.
Without an AppArmor profile, especially if you run something like Passenger too, I give your server about a month to get backdoored.
For me the error was in default file of Nginx
located at /etc/nginx/sites-available/default
I noticed the version of php-fpm used was 7.0 and the php version i downloaded was 7.2
I simply changed the version to 7.2 and it worked.
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
Similar setup here and looks like it was just a bug in my code. At the start of my app I looked for the offending URL and this worked: echo '<html>test</html>'; exit();
In my case, turns out the problem was an uninitialized variable that only failed under peculiar circumstances.