Nginx+ php-Fpm Nginx+ php-Fpm Nginx+ Php-Fpm Nginx+ FPM Today, I will review a 502 error encountered at that time (another problem will have the opportunity to talk about), and the final solution, we do not look down on this 502 error, full understanding is very necessary, I hope that through this article we can learn some knowledge.
In my case, Nginx is connected to php-fpm (7.1) via the FastCGI protocol. Nginx and php-FPM are deployed on the same machine.
First of all, I would like to quote the introduction of 502 from encyclopedia:
The server was acting as a gateway or proxy and received an invalid response from the upstream server.
Nginx did not get a phP-FPM response.
I was in a hurry to deal with it and it took a long time. Here I ignore all kinds of investigation process and first paste the final correct configuration (related to this problem).
(1) nginx.conf:
error_log logs/error.log;
user www-data www-data;
Copy the code
Php-fpm. conf:
access.log = /var/log/fpm.log
Copy the code
Pool. d/www.conf (php-fpm pool configuration file) :
User = WWW -data group = WWW -data listen = /run/ PHP /php7.1-fpm.sock list. owner = WWW -data Listener.owner = WWW) listener.group = WWW -data (configuration when error occurs: listener.owner = WWW) listener.mode = 0660 access.log = /var/log/fpm-www.access.log
Copy the code
Nginx has a php-fpm pool file for each virtual host, so that different php-fPM worker processes are isolated from each other.
The following analysis process is introduced:
Nginx error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error: error
2018/09/18 18:34:32 [crit] 2831#0: *493 connect() to Unix :/run/ PHP /php7.1-fpm.sock failed (13: Permission denied) while connecting to upstream, client: 18.179.21.152, server: www.simplehttps.com, request: "GET / 1. HTTP / 1.1 PHP", upstream: "fastcgi: / / Unix: / run/PHP/php7.1 - FPM. The sock:", host: "www.simplehttps.com"
Copy the code
Php-fpm: PHP-FPM: PHP-FPM: PHP-FPM
2: Check the error. Log of the main PHP process
I found that /var/log/fpm.log file did not have any output. I checked the official information, but there was very little explanation for the error_log command.
I guess it works in two ways:
- Errors from each pool are redirected to this file. (After testing, the pool error has nothing to do with this file)
- Some control errors in the php-fpm main process. (In this case, the main process does not know that Nginx encountered an error, so there is no error output.)
Finally, the error_log directive in php-fpm.conf does not seem to me to have any practical use.
(3) Positioning problems
Listen. Owner and listener. group directives are located because nginx has encountered a permission issue with phP-Fpm using a local socket.
The owner of the nginx process is WWW -data, and the owner of the listen. The owner of the Nginx process is WWW. After they are modified to be consistent, the problem is solved.
We can’t help but ask, what do the listener. owner and listener. group directives represent? Look at the official introduction:
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Man
y
Copy the code
They indicate that when the PHP-FPM worker process connects to the Web server using a Unix socket, the socket must have the same operation (read) permissions as the Web server.
The listener. owner directive is similar to the listener. owner directive. The listener. owner directive is similar to the listener. owner directive.
; Unix user/group of processes
Copy the code
Explanation is not very clear, in fact, that is the PHP – FPM process itself permissions (through ps aux | grep PHP – FPM can further confirm), if the PHP – FPM to deliver wrong data to nginx, The user and group directives must be configured the same as the nginx user directives (explained in a future article).
This also indirectly indicates that if the nginx user directive is configured differently from the PHP-Fpm worker listener. user directive, it does not affect the interaction between the two. Nginx and PHP-FPM need to be configured the same way if they want to read or operate on the same file.
In fact, the simplest solution is to connect nginx to PHP-Fpm via TCP (www.conf configure listen = 127.0.0.1:9000), so there is no problem with permission operation, but for the local machine, socket connection is more reliable than TCP connection speed.