2014-12-04
发表者 Venus
分布式文件系统MFS、Ceph、GlusterFS、Lustre的比较已关闭评论
2014-12-03
发表者 Venus
nginx502和504错误分析已关闭评论
nginx502和504错误分析
本文整理于网络
在使用Nginx时,经常会碰到502 Bad Gateway和504 Gateway Time-out错误,下面以Nginx+PHP-FPM来分析下这两种常见错误的原因和解决方案。
1.502 Bad Gateway错误
在php.ini和php-fpm.conf中分别有这样两个配置项:max_execution_time和request_terminate_timeout。
这两项都是用来配置一个PHP脚本的最大执行时间的。当超过这个时间时,php-fpm不仅会终止脚本的执行,
还会终止执行脚本的worker进程。所以nginx会发现与自己通信的连接断掉了,就会返回给客户端502错误。
以php-fpm的request_terminate_timeout=30 秒时为例,报502 Bad Gateway错误的具体信息如下:
1)Nginx错误访问日志:
2013/09/19 01:09:00 [error] 27600#0: *78887 recv() failed (104: Connection reset by peer) while reading response header from upstream,
client: 192.168.1.101, server: test.com, request: “POST /index.php HTTP/1.1”, upstream: “fastcgi://unix:/dev/shm/php-fcgi.sock:”,
host: “test.com”, referrer: “http://test.com/index.php”
2)php-fpm报错日志:
WARNING: child 25708 exited on signal 15 (SIGTERM) after 21008.883410 seconds from start
所以只需将这两项的值调大一些就可以让PHP脚本不会因为执行时间长而被终止了。request_terminate_timeout可以覆盖max_execution_time,
所以如果不想改全局的php.ini,那只改php-fpm的配置就可以了。
此外要注意的是nginx的upstream模块中的 max_fail 和 fail_timeout 两项。有时Nginx与上游服务器(如Tomcat、FastCGI)的通信只是偶然断掉了,
但max_fail如果设置的比较小的话,那么在接下来的fail_timeout时间内,nginx都会认为上游服务器挂掉了,都会返回502错误。
所以可以将 max_fail 调大一些,将 fail_timeout 调小一些。
2.504 Gateway Time-out错误
php-fpm设置的脚本最大执行时间已经够长了,但执行耗时php脚本时,发现nginx报错从502变为504了。这是为什么呢?
因为我们修改的只是php的配置,nginx中也有关于与上游服务器通信超时时间的配置:
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
以nginx超时时间为90秒,php-fpm超时时间为300秒为例,报504 Gateway Timeout错误时的Nginx错误访问日志如下:
2013/09/19 00:55:51 [error] 27600#0: *78877 upstream timed out (110: Connection timed out) while reading response header from upstream,
client: 192.168.1.101, server: test.com, request: “POST /index.php HTTP/1.1”, upstream: “fastcgi://unix:/dev/shm/php-fcgi.sock:”,
host: “test.com”, referrer: “http://test.com/index.php”
调高这三项的值(主要是read和send两项,默认不配置的话Nginx会将超时时间设为60秒)之后,504错误也解决了。
而且这三项配置可以配置在http、server级别,也可以配置在location级别。担心影响其他应用的话,就配置在自己应用的location中。
注意:
以下部分是对FastCGI生效
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
以下部分是对proxy_pass生效
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
配置举例:
location ~ \.php$ {
root /home/test.com;
include fastcgi_params;
fastcgi_connect_timeout 180;
fastcgi_read_timeout 600;
fastcgi_send_timeout 600;
fastcgi_pass unix:/dev/shm/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /home/cdai/test.com$fastcgi_script_name;
}
2014-12-02
发表者 Venus
GlusterFS分布式文件系统-安装配置已关闭评论
GlusterFS分布式文件系统-安装配置
GlusterFS是一个开源的分布式文件系统,用户可以使用多台服务器,并通过以太网或者Infiniband RDMA互联从而组成一个GlusterFS的集群。
GlusterFS集群对外提供NFS,CIFS和Gluster Native(通过FUSE进行挂载)的接口以便用户访问GlusterFS的存储池。
GlusterFS使用了弹性哈希算法来定位文件存储的位置。 由于使用了弹性哈希算法,GlusterFS不需要专门的Meta-Data Server来保存元数据,因此可以避免因为元数据服务器宕机导致的整个集群不可用。
也正是因为不需要元数据服务器,所以GlusterFS在多个挂载点同时进行数据读写的时候,其整体性能很突出。
下载:
fuse-2.9.3.tar.gz #依赖于fuse
glusterfs-3.6.0.tar.gz #本文用的版本
准备2台机器,系统为centos6.5 64位。
IP地址 主机名
192.168.0.107 g1
192.168.0.136 g2
首先关闭iptables和selinux。
修改主机名,并添加hosts映射:
g1:
[root@localhost ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=g1
[root@localhost ~]# hostname
g1
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.107 g1
192.168.0.136 g2
g2:
[root@localhost ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=g2
[root@localhost ~]# hostname
g2
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.107 g1
192.168.0.136 g2
安装预编译环境:
[root@localhost ~]# yum install -y gcc gcc-c++ flex flex-devel bison bison-devel openssl openssl-devel libxml2 libxml2-devel
安装fuse:
[root@localhost ~]# cd fuse-2.9.3
[root@localhost fuse-2.9.3]# ./configure && make && make install
[root@localhost fuse-2.9.3]# cd
安装gluster:
[root@localhost ~]# cd glusterfs-3.6.0
[root@localhost glusterfs-3.6.0]# ./configure --prefix=/usr/local/glusterfs && make && make install
g1和g2均执行上面操作。
g1和g2启动gluster:
[root@localhost ~]# service glusterd start
添加集群:
[root@localhost ~]# ln -s /usr/local/glusterfs/sbin/gluster /usr/bin/gluster #做一个软链接方便执行命令
[root@localhost ~]# gluster peer probe g2 #在g1中将g2加入到gluster集群中,本机(g1)不需要加入。
peer probe: success. Probe on localhost not needed
查看集群信息:
[root@localhost ~]# gluster peer status
Number of Peers: 1
Hostname: g2
Uuid: c7aa664a-3161-4716-9f81-2dc4b4718fa1
State: Peer in Cluster (Connected) #已连接
剔除机器:
[root@localhost ~]# gluster peer detach g2
peer detach: success
创建卷:
[root@localhost ~]# gluster volume create test-volume replica 2 transport tcp g1:/data g2:/data force
volume create: test-volume: success: please start the volume to access data
test-volume 卷名 replica 副本数 transport 传输协议 g1:/data 服务器名及存储路径
启动卷:
[root@localhost ~]# gluster volume start test-volume
volume start: test-volume: success
查看卷:
[root@localhost ~]# gluster volume info
Volume Name: test-volume
Type: Replicate
Volume ID: 104d73c5-17f5-4150-a40d-b97cd78dd6bb
Status: Started
Number of Bricks: 1 x 2 = 2
Transport-type: tcp
Bricks:
Brick1: g1:/data
Brick2: g2:/data
客户端1挂载(同样安装fuse和glusterfs才能支持glusterfs文件系统):
[root@localhost ~]# mkdir /mnt/gfs
[root@localhost ~]# mount -t glusterfs g1:test-volume /mnt/gfs/
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 77G 3.7G 70G 6% /
tmpfs 499M 0 499M 0% /dev/shm
g1:test-volume 77G 3.8G 70G 6% /mnt/gfs
客户端2挂载:
[root@localhost ~]# mkdir /mnt/gfs
[root@localhost ~]# mount -t glusterfs g2:test-volume /mnt/gfs
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 77G 3.8G 70G 6% /
tmpfs 499M 0 499M 0% /dev/shm
g2:test-volume 77G 3.8G 70G 6% /mnt/gfs
可以看到g1和g2都支持挂载。
gluster支持的参数:
[root@localhost ~]# gluster help #查看参数
安装配置完成。
2014-11-25
发表者 Venus
goaccess分析nginx日志已关闭评论
goaccess分析nginx日志
安装:
[root@Rootop tar_gz]# wget -c http://tar.goaccess.io/goaccess-0.8.5.tar.gz
[root@Rootop tar_gz]# tar zxvf goaccess-0.8.5.tar.gz
[root@Rootop tar_gz]# cd goaccess-0.8.5
[root@Rootop goaccess-0.8.5]# ./configure
[root@Rootop goaccess-0.8.5]# make && make install
我这里web服务器为nginx。
可以直接输入goaccess -f +日志路径 进入控制台,操作不多说,百度一大片。
开始日志分析并导出为html文件:
[root@Rootop ~]# goaccess -f /home/wwwlogs/www.rootop.org.log --log-format='%h %^[%d:%^] "%r" %s %b "%R" "%u"' --date-format='%d/%b/%Y' -d -a > test.html
也可以通过指定配置文件方式来分析。就不需要在命令中体现日志格式:
首先下载配置文件:
[root@Rootop ~]# wget -O .goaccessrc https://raw.githubusercontent.com/allinurl/goaccess/master/config/goaccess.conf --no-check-certificate
编辑.goaccess文件,把16和27行的前面注释去掉。(NCSA Combined Log Format)
date-format %d/%b/%Y
log-format %h %^[%d:%^] “%r” %s %b “%R” “%u”
[root@Rootop ~]# goaccess -f /home/wwwlogs/www.rootop.org.log -d -a -p ~/.goaccessrc > test2.html
需要注意这里的日志格式,每个nginx日志格式配置可能不同,goaccess指定的日志格式也不一定一样,需要对照下面的参数和nginx日志格式来指定命令中日志的格式。否则日志
分析的时候会报错。需要对nginx的日志格式有一定了解。
goaccess时间和日志格式支持的参数:
date_format
The date_format variable followed by a space, specifies the log format date containing any combination of regular characters and special format specifiers. They all
begin with a percentage (%) sign. See http://linux.die.net/man/3/strftime
Note that there is no need to use time specifiers since they are not used by GoAccess. It’s recommended to use only date specifiers, i.e., %Y-%m-%d.
log_format
The log_format variable followed by a space or \t , specifies the log format string.
%d date field matching the date_format variable.
%h host (the client IP address, either IPv4 or IPv6)
%r The request line from the client. This requires specific delimiters around the request (as single quotes, double quotes, or anything else) to be parsable. If not, we
have to use a combination of special format specifiers as %m %U %H.
%m The request method.
%U The URL path requested (including any query string).
%H The request protocol.
%s The status code that the server sends back to the client.
%b The size of the object returned to the client.
%R The “Referrer” HTTP request header.
%u The user-agent HTTP request header.
%D The time taken to serve the request, in microseconds.
%T The time taken to serve the request, in seconds or milliseconds. Note: %D will take priority over %T if both are used.
%^ Ignore this field.
PS:
之前配置文件错误,分析nginx日志报错,经过求助软件作者解决,并对goaccess有更深入的了解。赞一下软件作者。
[root@Rootop ~]# goaccess -d -f /home/wwwlogs/www.rootop.org.log -a -p ~/.goaccesssrc > test.html
Parsing… [373,734] [373,734/s]
GoAccess – version 0.8.5 – Nov 20 2014 16:48:39
Fatal error has occurred
Error occured at: goaccess.c – main – 832
Nothing valid to process.
~/.goaccesssrc文件内容:
date_format %d/%b/%Y
log_format %^:%^ %h %^[%d:%^] “%r” %s %b
nginx日志:
58.251.136.61 – – [20/Nov/2014:17:29:21 +0800] “GET /wp-content/themes/g-white/js/all.js HTTP/1.1″200 1292 “https://www.rootop.org/pages/890.html””Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36” –
2014-11-21
发表者 Venus
There are unfinished transactions remaining. You might consider running yum-complete-transaction first to finish them已关闭评论
There are unfinished transactions remaining. You might consider running yum-complete-transaction first to finish them
之前yum安装软件的时候用ctrl c 停止过,结果每次装软件或者卸载都提示有未完成的传输。
[root@Rootop ~]# yum remove goaccess
Loaded plugins: fastestmirror
Setting up Remove Process
Resolving Dependencies
There are unfinished transactions remaining. You might consider running yum-complete-transaction first to finish them.
The program yum-complete-transaction is found in the yum-utils package.
提示通过执行 yum-complete-transaction 完成,需要先安装 yum-utils 包
[root@Rootop ~]# yum install -y yum-utils
[root@Rootop ~]# yum-complete-transaction
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* epel: ftp.sjtu.edu.cn
* extras: mirrors.skyshe.cn
* updates: mirrors.skyshe.cn
There are 6 outstanding transactions to complete. Finishing the most recent one
The remaining transaction had 6 elements left to run
Package libtalloc-2.0.7-2.el6.x86_64 already installed and latest version
Package libtevent-0.9.18-3.el6.x86_64 already installed and latest version
Nothing in the unfinished transaction to cleanup.
Cleaning up completed transaction file
再次执行卸载:
[root@Rootop ~]# yum remove samba
Loaded plugins: fastestmirror
Setting up Remove Process
Resolving Dependencies
There are unfinished transactions remaining. You might consider running yum-complete-transaction first to finish them.
还是提示有未完成。
执行下面两个命令:
[root@Rootop ~]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base epel extras updates
Cleaning up Everything
Cleaning up list of fastest mirrors
[root@Rootop ~]# yum-complete-transaction --cleanup-only
Loaded plugins: fastestmirror
Determining fastest mirrors
Cannot retrieve metalink for repository: epel. Please verify its path and try again
又有别的报错,查资料说需要修改epel的仓库配置文件,把https改为http。
[epel] name=Extra Packages for Enterprise Linux 6 - $basearch #下面的https改为http mirrorlist=http://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch failovermethod=priority enabled=1
重新执行yum-complete-transaction:
[root@Rootop yum.repos.d]# yum-complete-transaction --cleanup-only Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.yun-idc.com * epel: mirrors.yun-idc.com * extras: mirrors.yun-idc.com * updates: mirrors.yun-idc.com Cleaning up unfinished transaction journals Cleaning up 2014-06-15.01:05.45 Cleaning up 2014-06-15.01:07.56
看到2个清理提示。
再次执行yum install或者remove没有了未完成的提示。曾经因为这个问题把系统的yum折腾坏一次。