PHP-FPM - errors

Dibs · June 23, 2020, 2:50pm

I have a freshly built VPS:

Ubuntu 18.04
Virtualmin 6.09.gpl
PHP versions 7.0.33, 7.2.31, 7.4.7
Apache 2.4.29

I thought I’d configured PHP-FPM (with Apache) and got it working but obviously not.

When I go into Virtualmin (selecting a Virtual Server) >> Server Configuration >> Website Options - FPM (run as virtual server owner) is selected.

Hitting Save - returns no errors.

I have RoundCube installed in the public_html of the Virtual Server - it does work and I do not believe it is the cause of the issue\s.

going to myDomain.com\roundcube give me a 503 error. Checking in /home/virtualServer/logs/error_log i see these 2 lines:

[Tue Jun 23 15:08:13.461432 2020] [proxy:error] [pid 12919:tid 139891748878080] (111)Connection refused: AH00957: FCGI: attempt to connect to 127.0.0.1:8000 (*) failed
[Tue Jun 23 15:08:13.461493 2020] [proxy_fcgi:error] [pid 12919:tid 139891748878080] [client 11.22.33.44:61604] AH01079: failed to make connection to backend: localhost

In Website Options - the Virtual Server is set to use PHP7.0 and in /etc/php.7.0.fpm/pool.d the is a file 15915691444676.conf with the following

[15915691444676]
user = user1
group = user1
listen = localhost:8000
pm = dynamic
pm.max_children = 9999
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 5
php_admin_value[upload_tmp_dir] = /home/user1/tmp
php_admin_value[session.save_path] = /home/user1/tmp

The relevant Apache sites-enabled file has

SetHandler proxy:fcgi://localhost:8000

in both the non-SSL section and SSL section.

A netstat -plunt | egrep “(php|apache|:90)” results in

tcp6 0 0 ::1:8000 :::* LISTEN 10065/php-fpm: mast
tcp6 0 0 ::1:8002 :::* LISTEN 10065/php-fpm: mast
tcp6 0 0 :::80 :::* LISTEN 26085/apache2
tcp6 0 0 :::443 :::* LISTEN 26085/apache2

The tcp6 in the 1st column has me wondering but maybe it’s supposed to be like that.

If I set it back to FCGId in Server Configuration >> Website Options - everything seems to work.

I’m wondering if I’ve missed something or messed something up.

Anyone any suggestions\pointers? Greatly appreciated.

Thanks in advance

Dibs

Dibs · June 23, 2020, 5:04pm

The weird thing is - php_info shows the following,

phpInfo

In /etc/php.7.0.fpm/pool.d there is no [domainID].conf file. And there’s no entry in the sites-available conf file for the domain for anything remotely php-fpm related.

Any thoughts\advice - I suspect something has gone wrong along the path of tinkering.

Thanks

Dibs

ramin · June 24, 2020, 2:34am

Your Apache files may have started out ok. Are you restarting php-fpm for all three installations? I’m a dullard with Ubuntu but if it’s anything like CentOS, different php-fpm installations need to be restarted separately.

I was having a problem related to the same handler (but different syntax)…

I couldn’t get phpinfo() for two sites/two PHPs/two pools to match up with info in Virtualmin until I remembered to restart the second PHP installation.

noisemarine · June 24, 2020, 4:18am

You might also need to edit /etc/php/7.0/fpm/pool.d/www.conf

;listen = /run/php/php7.0-fpm.sock
listen = localhost:8000

As above, don’t forget to restart the FPM service.

Dibs · June 24, 2020, 1:58pm

@ramin, @noisemarine - thanks for your replies.

I did try setting the listen = localhost:8000, even tried listen = 127.0.0.1:8000 - didn’t resolve the issue.

I think somewhere along the way in changing apache from mpm-prefork to mpm-event, things went off\weird.

I started up a new VPS - same o\s etc. and as soon as it was built, after the std Virtualmin build, I changed Apache to mpm-event and then the default template to PHP-FPM, placed a test (“hello world”) html index file in the doc root and it displayed.

Added a php_info file and that displayed too.

So far - it looks to be behaving. Just need to enable\configure F2B (and it’s jails) - hopefully just a cut & paste from the mis-behaving VPS (F2B seemed fine) and DKIM.

I’m writing it all down in a “build” document - hoping to end up with something to follow for when I need to do a build again. LOL

Thanks

Dibs

Dibs · June 24, 2020, 8:45pm

All I can think of is that at some point making the change from mpm-prefork to mpm-event for Apache, I’ve messed it up.

I’ve since built a new VPS and changed from mpm-prefork to mpm-event right at the beginning, then switched to PHP-FPM (in Virtualmin) for all Virtual Servers (the default setting) going forward.

Then created Virtual Servers 1 at a time, HTTP 1st, tested it and then enabled HTTPS, tested it, created the LE SSL Cert, tested, and then uploaded the content.

No real issues apart from the DKIM socket thing - which I knew about from last time.

Thanks

Dibs

Dibs · June 25, 2020, 6:49pm

Some more bizarre behaviour today on the new VPS.

Everything worked fine yesterday evening - had 2 Virtual Servers, a test html file displayed “Hello World” and a test php file displayed php_info.

Come today - creating a new Virtual Server, the test html file displayed but the test php file gave a 503 error. The log showed more of the

[proxy:error] [pid 14255:tid 140690669303552] (111)Connection refused: AH00957: FCGI: attempt to connect to 127.0.0.1:8004 (*) failed

Looking through the forums - there were a few similar posts. Some mentioned making the ports the same in the apache hosts file and the pool.d conf file\s.

In my case the ports already matched.

Altering the pool.d conf file to say

listen: 8004

instead of

listen = localhost:8000

and changing the Apache hosts file

#SetHandler proxy:fcgi://localhost:8000
SetHandler proxy:fcgi://127.0.0.1:8000

got things working.

Then I stumbled across a post by @adamjedgar where he ran a netstat command and got

tcp6 0 0 ::1:8004 :::* LISTEN 29396/php-fpm: mast

Mine returned the same.

And that made me wonder - why was it listening on IP6. So I tried a ping localhost - no response. As far as I was concerned IP6 was disabled in the config for Virtualmin.

The Hosts files etc looked fine. So running a ip a command showed IP6 was actually active.

Changing the pool.d conf file & the Apache hosts file back - resulted in the 503 error again.

At this point - I disabled IP6 in Ubuntu:

$ sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
$ sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1

The above won’t persist across a reboot.

Then a pinging localhost responded as expected. Then going to test php_info page succeeded.

So a note to anyone reading this in the future - if your log says

failed to make connection to backend: localhost

you may find that fpm is listening on IP6, your Virtualmin\Virtual Server may not be using IP6 (could be disabled), but your O\S has it enabled. Either enable it fully (O\S, Virtualmin & Virtual Server) or disable it completely - half disabled will cause more issues.

Hope it helps someone.

Dibs

ramin · June 26, 2020, 3:02pm

If a service gets just a whiff of IPv6 it takes precedence. Nice job shooting that trouble!

system · June 30, 2020, 3:14pm

This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.