IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,084
PHP-FPM 5.4 Processes keep building until it no longer works. Then I clear them and everything works again. What can cause that?
PHP-FPM Processes keep building
- Thread starter IT_Architect
- Start date
Maybe this
serverfault.com
stackoverflow.com
Constantly have to reload PHP-FPM
We have a fairly heavily loaded server running nginx and PHP-FPM. We have 6 websites on this server, running PHP-FPM and nginx. Software is all vBulletin 3.8 and WordPress. Databases are on a separ...
serverfault.com
PHP-FPM for WordPress gobbling up memory
I have a small, though not tiny, VPS: 1.5GHz, 1GB dedicated RAM, 1GB burstable RAM, some 40GB HDD. The stack is CentOS nginX mySQL(Percona) PHP-FPM. I have 3 low traffic websites (10-40 visitors ...
stackoverflow.com
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,084
I'm looking through things now.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,084
It would be fine for a while and then suddenly the processes would build to high levels and stop the site.
- I noticed that newer processes would come and go, while older ones would remain and build in number. That indicated to me that they were waiting for something and not using up their pm.max_requests.
- I did find two PHP scripts on the site before I stopped looking that used CRON and CURL to downloaded many small files from a site and it had no CURLOPT_TIMEOUT. I sent the parameter to fix the problem to the site owner who implemented it on those two.
- The problem hasn't surfaced since, but it had been an off-and-on problem before. The problem went away but there didn't seem to be any delay at the download site when downloading the files individually, so I cannot be confident that the change had anything to do with the problem going away.
- I suggested adding logging and putting a timeout on the PHP procedures that rely on information off site, but he did not opt to have me write that.
- What I did do is write a CRON that runs every minute and checks for the number of PHP-FPM processes, and clears them if they build past 100, and send him and I an email when it happens. I've also got him to entertain that this is more likely a site problem than a server problem. I don't currently have a way to determine which scripts are running on what appear to be the hung processes, but maybe I'll look into https://stackoverflow.com/questions...h-script-is-being-executed-in-php-fpm-process . It would be good to have some handy code that would allow me to see the scripts processes are executing at any point in time to track down issues like this as well as maybe how long it has been executing.
- I noticed that newer processes would come and go, while older ones would remain and build in number. That indicated to me that they were waiting for something and not using up their pm.max_requests.
- I did find two PHP scripts on the site before I stopped looking that used CRON and CURL to downloaded many small files from a site and it had no CURLOPT_TIMEOUT. I sent the parameter to fix the problem to the site owner who implemented it on those two.
- The problem hasn't surfaced since, but it had been an off-and-on problem before. The problem went away but there didn't seem to be any delay at the download site when downloading the files individually, so I cannot be confident that the change had anything to do with the problem going away.
- I suggested adding logging and putting a timeout on the PHP procedures that rely on information off site, but he did not opt to have me write that.
- What I did do is write a CRON that runs every minute and checks for the number of PHP-FPM processes, and clears them if they build past 100, and send him and I an email when it happens. I've also got him to entertain that this is more likely a site problem than a server problem. I don't currently have a way to determine which scripts are running on what appear to be the hung processes, but maybe I'll look into https://stackoverflow.com/questions...h-script-is-being-executed-in-php-fpm-process . It would be good to have some handy code that would allow me to see the scripts processes are executing at any point in time to track down issues like this as well as maybe how long it has been executing.
Last edited:
ikkeben
Verified User
php 5.4 hmm EOL and some more, so take care of bogus ....
Just saying.
Just saying.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,084
This is because the main commercial sites on this server cannot do higher at the moment. We highly encourage them to get to 7.x, but they prefer to spend their time on the business side code and not much on the technical side. That turns the timing of updates into a strategy. They pay very well to have us put up with them, and it is precisely that situation that limits their options.
I did not say anything because I was sure he knew it was eol. I do agree though.php 5.4 hmm EOL and some more, so take care of bogus ....
Just saying.
ikkeben
Verified User
Yup sometimes if you have a complete ecommerce solution with also backoffice connections and payment providers you are kind of stucked if it is total not standard software but customized.
Should however be possible to update and change to version 5.6 that is still get some backported security updates depending which RPM release as remy and more. ( 5.4 to 5.6 should be possible for programmers to handle. )
You're stucked whith such one on a server ok if the are the only one, then and the risks are wel writen down in contract, it is a income, but on the edge now while lot of extra checks for security and monitoring needed.
That's why i did write BOGUS... take care and good luck, you need that with to old versions to.
Lynis - Security auditing and hardening tool for Linux/Unix
Lynis is an open source security auditing tool. Part of Lynis Enterprise Suite, its main goal is to audit and harden Unix and Linux based systems.
Last edited:
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,084
They don't take payment with it. It is simply a large complex program that that is no longer supported by the vendor. A long time ago they had me bring it from 4.x to 5.x and again from 5.2 to 5.3. The significant code they have changed and added is to replace obsolete service references and integrate them. We buy high-end bare metal servers that are in IBM data centers, formerly SoftLayer when they spun off The Planet Prior to that we were COLO at SAVVIS. We started with VMware VMs in 2007 and since 2008 all of our servers have been VMs. This makes having people with out-of-date operating systems easy to handle. Just copy them to the new server. It's not the last old one we have. While they don't have the latest bugs and security vulnerabilities like current software, none have been hacked. None of them have any pecuniary liability issues. Our biggest problem with them is server VMs constrained by software are a pain in the butt because you have about 50 dependencies you need to consider every time you want to make a move, and you only have about one or two sites left on them. These particular sites do not work on any higher version at the moment, which by the way isn't 5.4 like I mentioned earlier, it is 5.3. I made them a VM from a backup to work with late last year. They worked on the code but never got it working right. They tried the shim method too which also didn't work. I offered to help them isolate the areas and tell them how to fix the areas, and how I could save them significant money each month if they did. They sometimes say they will have someone work with me to get it done, but it never happens. Working on and adding capabilities that generate revenue prevent it from happening. I have to admit they are pumped, and have done a fabulous job of doing that.
Arieh
Verified User
Just for your/everyones info, CloudLinux does patch older php versions https://www.cloudlinux.com/hardenedphp