V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
kmdd33
V2EX  ›  程序员

在线请教小伙伴:重启 openresty 后,站点突然打不开了, 502 bad gateway

  •  
  •   kmdd33 · 2018-06-28 07:40:21 +08:00 · 6491 次点击
    这是一个创建于 2342 天前的主题,其中的信息可能已经有所发展或是发生改变。

    环境:centos7+php+mysql+openresty,目前测试 systemctl status openresty ,systemctl status php-fpm,systemctl status mysql 都 active,正常的状态。

    目前:

    ps -ef | grep php-fpm

    root 3348 1 0 00:13 ? 00:00:05 php-fpm: master process (/etc/php-fpm.conf) apache 3351 3348 0 00:13 ? 00:00:00 php-fpm: pool www apache 3352 3348 0 00:13 ? 00:00:00 php-fpm: pool www apache 3353 3348 0 00:13 ? 00:00:00 php-fpm: pool www apache 3354 3348 0 00:13 ? 00:00:00 php-fpm: pool www apache 3355 3348 0 00:13 ? 00:00:00 php-fpm: pool www apache 3356 3348 0 00:13 ? 00:00:00 php-fpm: pool www apache 3357 3348 0 00:13 ? 00:00:00 php-fpm: pool www apache 3358 3348 0 00:13 ? 00:00:00 php-fpm: pool www root 18518 18497 0 23:32 pts/1 00:00:00 grep --color=auto php-fpm

    netstat -an |grep 80

    tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN
    unix 2 [ ACC ] STREAM LISTENING 28071 /var/lib/mysql/mysql.sock unix 3 [ ] STREAM CONNECTED 11800
    unix 3 [ ] STREAM CONNECTED 11801 /run/systemd/journal/stdout

    贴出自己的 nginx.conf 和 error.log 粘贴如下:

    #user root; worker_processes 1;

    #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info;

    #pid logs/nginx.pid;

    events { worker_connections 1024; }

    http { include mime.types; default_type application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
    
    #access_log  logs/access.log  main;
    
    sendfile        on;
    #tcp_nopush     on;
    
    #keepalive_timeout  0;
    keepalive_timeout  65;
    
    client_max_body_size 8m;    #允许客户端请求的最大单文件字节数
    client_body_buffer_size 2m;  #缓冲区代理缓冲用户端请求的最大字节
    
    gzip  on;
    #WAF
    lua_shared_dict limit 50m;
    lua_shared_dict guard_dict 100m;
    lua_shared_dict dict_captcha 70m;
    lua_package_path "/usr/local/openresty/nginx/conf/waf/?.lua";
    init_by_lua_file "/usr/local/openresty/nginx/conf/waf/init.lua";
    access_by_lua_file "/usr/local/openresty/nginx/conf/waf/access.lua";
    
    server {
        listen       127.0.0.1;
        server_name  mywebsitedomain.com;
    
        #charset koi8-r;
    
        #access_log  logs/host.access.log  main;
    
        location / {
            root   html;
            index  index.php index.html index.htm;
        }
    
        #error_page  404              /404.html;
    
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    
        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}
    
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
            root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }
    
        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }
    
    
    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;
    
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
    
    
    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;
    
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;
    
    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;
    
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;
    
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
    

    }

    /usr/local/openresty/nginx/logs/error.log

    2018/06/26 21:27:10 [alert] 740#740: *7927 open socket #10 left in connection 12

    2018/06/26 21:27:10 [alert] 740#740: *7926 open socket #3 left in connection 13

    2018/06/26 21:27:10 [alert] 740#740: aborting

    16 条回复    2018-06-30 23:33:48 +08:00
    0312birdzhang
        1
    0312birdzhang  
       2018-06-28 08:09:32 +08:00 via iPhone
    access_by_lua_file "/usr/local/openresty/nginx/conf/waf/access.lua"; 放在 http 底下会不会有问题?你的 waf 看着像 httpguard
    建议把 nginx 杀掉再启动看看
    kmdd33
        2
    kmdd33  
    OP
       2018-06-28 08:25:31 +08:00
    @0312birdzhang systemctl status openresty 正常啊现在
    kmdd33
        3
    kmdd33  
    OP
       2018-06-28 08:49:19 +08:00
    @0312birdzhang 请问 nginx 的 error.log 只能显示到 6.26 号,没有昨天和今天的错误日志
    ytlm
        4
    ytlm  
       2018-06-28 09:39:10 +08:00
    debug 日志打开看一下喽,
    torbrowserbridge
        5
    torbrowserbridge  
       2018-06-28 09:42:07 +08:00
    把 lua 那几行注释掉试试
    kmdd33
        6
    kmdd33  
    OP
       2018-06-28 14:07:54 +08:00
    @torbrowserbridge 注释掉也不行
    kmdd33
        7
    kmdd33  
    OP
       2018-06-28 14:12:26 +08:00
    @ytlm 请问 openresty 如何查看 debug 日志,我之前是 yum 安装的 openresty
    kmdd33
        8
    kmdd33  
    OP
       2018-06-28 17:50:52 +08:00
    @0312birdzhang @ytlm

    # ps -ef |grep nginx
    root 19205 1 0 00:16 ? 00:00:00 nginx: master process /usr/local/openresty/nginx/sbin/nginx -c /usr/local/openresty/nginx/conf/nginx.conf
    nginx 19364 19363 0 00:20 ? 00:00:00 php-fpm: pool www
    nginx 19365 19363 0 00:20 ? 00:00:00 php-fpm: pool www
    nginx 19366 19363 0 00:20 ? 00:00:00 php-fpm: pool www
    nginx 19367 19363 0 00:20 ? 00:00:00 php-fpm: pool www
    nginx 19368 19363 0 00:20 ? 00:00:00 php-fpm: pool www
    nginx 19369 19363 0 00:20 ? 00:00:00 php-fpm: pool www
    nginx 19370 19363 0 00:20 ? 00:00:00 php-fpm: pool www
    nginx 19371 19363 0 00:20 ? 00:00:00 php-fpm: pool www
    root 19989 19205 0 01:08 ? 00:00:00 nginx: worker process
    root 25860 25839 0 09:49 pts/0 00:00:00 grep --color=auto nginx
    banksiae
        9
    banksiae  
       2018-06-28 17:53:39 +08:00
    openresty, lua, waf ?
    kmdd33
        10
    kmdd33  
    OP
       2018-06-28 18:10:05 +08:00
    @banksiae yes 请问该如何解决这个问题呢? google 了一天一夜了
    defunct9
        11
    defunct9  
       2018-06-28 19:42:56 +08:00 via iPhone
    开 ssh,让我上去试试
    kmdd33
        12
    kmdd33  
    OP
       2018-06-29 01:55:00 +08:00
    @banksiae lsof -i :80 没有任何结果现在
    kmdd33
        13
    kmdd33  
    OP
       2018-06-29 02:15:55 +08:00
    reload openresty 后

    # lsof -i :80
    COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
    nginx 32255 root 6u IPv4 170338 0t0 TCP localhost:http (LISTEN)
    nginx 32332 root 6u IPv4 170338 0t0 TCP localhost:http (LISTEN)
    kmdd33
        14
    kmdd33  
    OP
       2018-06-29 02:51:10 +08:00
    头疼到现在
    sajesemuy
        15
    sajesemuy  
       2018-06-29 09:17:11 +08:00
    @kmdd33 listen 127.0.0.1:80? 你是在这台服务器上 curl http://127.0.0.1 出现 502 ?
    kmdd33
        16
    kmdd33  
    OP
       2018-06-30 23:33:48 +08:00
    同意谢谢各位。在 stackoverflow 上面找到了答案:

    解决步骤:

    1.在 nginx.conf 中把 error_log and pid 前面的注释去掉。 就像这样,方便得出正确的 error.log

    user root;
    worker_processes 1;

    #error_log logs/error.log;
    error_log logs/error.log debug;
    #error_log logs/error.log info;

    pid logs/nginx.pid;

    2.http{}里面的 80 端口正确配置方式是:

    listen 80;
    listen [::]:80 default_server;

    3.检查哪个 pid 占用了 80 端口:809 这个进程占用了 80 端口

    # sudo netstat -tulpn | grep --color :80
    tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 809/nginx: master p
    [root@li1382-238 ~]# sudo kill -2 809 (这个命令很重要)
    [root@li1382-238 ~]# sudo netstat -tulpn | grep --color :80
    [root@li1382-238 ~]# openresty
    [root@li1382-238 ~]# openresty -t

    # netstat -antp 这个命令也可以查出来哪个端口占用了 80 端口。

    然后重启:openresty
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   5459 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 29ms · UTC 05:59 · PVG 13:59 · LAX 21:59 · JFK 00:59
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.