Apache-2.2

Apache 執行時出現“FetchError no backend connection”錯誤

  • October 27, 2021
[centos@ip-172-35-25-65 ~]$  varnishlog
   0 CLI          - Rd ping
   0 CLI          - Wr 200 19 PONG 1635280998 1.0
   0 CLI          - Rd ping
   0 CLI          - Wr 200 19 PONG 1635281001 1.0
  10 SessionOpen  c 127.0.0.2 55870 127.0.0.2:80
  10 ReqStart     c 127.0.0.2 55870 894208400
  10 RxRequest    c GET
  10 RxURL        c /
  10 RxProtocol   c HTTP/1.0
  10 RxHeader     c X-Real-IP: 198.95.75.75
  10 RxHeader     c X-Forwarded-For: 198.95.75.75
  10 RxHeader     c X-Forwarded-Proto: https
  10 RxHeader     c X-Forwarded-Port: 80
  10 RxHeader     c Host: staging03.cherry.com
  10 RxHeader     c Connection: close
  10 RxHeader     c Cache-Control: max-age=0
  10 RxHeader     c Authorization: Basic aGc6am9objEyMw==
  10 RxHeader     c Upgrade-Insecure-Requests: 1
  10 RxHeader     c User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
  10 RxHeader     c Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
  10 RxHeader     c Accept-Encoding: gzip, deflate
  10 RxHeader     c Accept-Language: en-US,en;q=0.9,fr;q=0.8
  10 RxHeader     c Cookie: ajs_anonymous_id=%22424f4cd9-cbbc-4ead-83b1-273cb21cf453%22; _fbp=fb.1.1630002144579.2012566540; __qca=P0-1416512434-1630002144589; _edwvts=708154457303700204; _gid=GA1.2.1572498662.1635275261; ajs_user_id=%224543534%40mimpi99.com%22; _gcl_au=1.1.
  10 VCL_call     c recv pass
  10 VCL_call     c hash
  10 Hash         c /
  10 Hash         c staging03.cherry.com
  10 Hash         c 80
  10 Hash         c ajs_anonymous_id=%22424f4cd9-cbbc-4ead-83b1-273cb21cf453%22; _fbp=fb.1.1630002144579.2012566540; __qca=P0-1416512434-1630002144589; _edwvts=708154457303700204; _gid=GA1.2.1572498662.1635275261; ajs_user_id=%224543534%40mimpi99.com%22; _gcl_au=1.1.1880042
  10 VCL_return   c hash
  10 VCL_call     c pass pass
  10 FetchError   c no backend connection
  10 VCL_call     c error deliver
  10 VCL_call     c deliver deliver
  10 TxProtocol   c HTTP/1.1
  10 TxStatus     c 503
  10 TxResponse   c Service Unavailable
  10 TxHeader     c Server: Varnish
  10 TxHeader     c Content-Type: text/html; charset=utf-8
  10 TxHeader     c Retry-After: 5
  10 TxHeader     c Content-Length: 392
  10 TxHeader     c Accept-Ranges: bytes
  10 TxHeader     c Date: Tue, 26 Oct 2021 20:43:23 GMT
  10 TxHeader     c X-Varnish: 894208400
  10 TxHeader     c Via: 1.1 varnish
  10 TxHeader     c Connection: close
  10 TxHeader     c X-Age: 0
  10 TxHeader     c X-Cache: MISS
  10 Length       c 392
  10 ReqEnd       c 894208400 1635281003.852778196 1635281003.852984428 0.000073195 0.000165701 0.000040531
  10 SessionClose c error
  10 StatSess     c 127.0.0.2 55870 0 1 1 0 1 0 273 392
   0 CLI          - Rd ping
   0 CLI          - Wr 200 19 PONG 1635281004 1.0
   0 CLI          - Rd ping
   0 CLI          - Wr 200 19 PONG 1635281007 1.0
   0 CLI          - Rd ping
   0 CLI          - Wr 200 19 PONG 1635281010 1.0
   0 CLI          - Rd ping
   0 CLI          - Wr 200 19 PONG 1635281013 1.0

我試圖記錄從客戶端獲取時發生的事情:

Error 503 Service Unavailable
Service Unavailable

Guru Meditation:
XID: 894208400

現在,我認為這是因為 Apache 沒有執行,因為當我關閉清漆時,我從 nginx 收到 502 網關錯誤。無論如何,我閱讀了錯誤日誌:

[Tue Oct 26 14:53:47 2021] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Tue Oct 26 14:53:47 2021] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Oct 26 14:53:47 2021] [notice] Digest: generating secret for digest authentication ...
[Tue Oct 26 14:53:47 2021] [notice] Digest: done
[Tue Oct 26 14:53:47 2021] [notice] FastCGI: process manager initialized (pid 23090)
[Tue Oct 26 14:53:47 2021] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fastcgi/2.4.6 configured -- resuming normal operations
[Tue Oct 26 14:53:52 2021] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/
[Tue Oct 26 14:53:52 2021] [error] [client 127.0.0.1] File does not exist: /var/www/html/favicon.ico, referer: http://staging03.hgreg.com/
[Tue Oct 26 15:01:21 2021] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/
[Tue Oct 26 15:01:42 2021] [notice] caught SIGTERM, shutting down
[Tue Oct 26 15:01:42 2021] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Tue Oct 26 15:01:42 2021] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue Oct 26 15:01:42 2021] [notice] Digest: generating secret for digest authentication ...
[Tue Oct 26 15:01:42 2021] [notice] Digest: done
[Tue Oct 26 15:01:42 2021] [notice] FastCGI: process manager initialized (pid 23299)
[Tue Oct 26 15:01:42 2021] [notice] Apache/2.2.15 (Unix) DAV/2 mod_fastcgi/2.4.6 configured -- resuming normal operations
[Tue Oct 26 15:11:56 2021] [notice] caught SIGTERM, shutting down

我看到 SIGTERM 正在關閉,所以我想也許我應該重新啟動 Apache,我確實這樣做了,但是我得到了同樣的錯誤,並且 error_log 中沒有新的日誌。

[centos@ip-172-35-25-65 ~]$ sudo service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]
[centos@ip-172-35-25-65 ~]$ date
Tue Oct 26 17:12:32 EDT 2021
[centos@ip-172-35-25-65 ~]$ 

現在,我執行了一個 puppet 配置,但它並沒有完全執行,但我有相同的文件。所以我想知道可能是什麼問題。由於載入了所有帶有 conf 的文件,因此載入的 Apache 配置文件之一是這樣的:

<VirtualHost *>
   ServerName preprod.staging03.cherry.com

   
   
   ServerAlias betacherry.staging03.cherry.com staging03.cherry.com
   
   

   DocumentRoot /home/staging03/version/preprod.staging03.cherry.com
   ServerAdmin webmaster@cherry.ca

   SetEnv environment preprod
   SetEnv project staging03

   UseCanonicalName Off
   #CustomLog /var/log/httpd/preprod.staging03.cherry.com_log combined
   #CustomLog /var/log/httpd/preprod.staging03.cherry.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."

   ## User cherry # Needed for Cpanel::ApacheConf
   UserDir disabled
   UserDir enabled staging03
   
     #<IfModule mod_suphp.c>
   #    suPHP_UserGroup staging03 staging03
   #</IfModule>
   
   SuexecUserGroup staging03 staging03
   
   <directory "/home/staging03/version">
       AddHandler php5-fcgi .php
       Action php5-fcgi /php5-fcgi-staging03
       AllowOverride All

       
       AuthType Basic
       AuthName "staging03-preprod"
       AuthUserFile "/etc/httpd/conf.d/htpasswd.staging03"
       require valid-user

       satisfy any
       deny from all

       Order deny,allow
       SetEnvIf X-Hg-Internal-IP 1 HgInternalIP=1
       Allow from env=HgInternalIP

       SetEnvIf User-Agent "Amazon CloudFront" AmazonCloudFront
       Allow from env=AmazonCloudFront

       SetEnvIf User-Agent "^(.*)Lighthouse(.*)$" Lighthouse=1
       Allow from env=Lighthouse
       
   </directory>
   <IfModule concurrent_php.c>
       php5_admin_value open_basedir "/home/staging03:/usr/lib/php:/usr/local/lib/php:/tmp"
   </IfModule>
   <IfModule !concurrent_php.c>
       <IfModule mod_php5.c>
           php_admin_value open_basedir "/home/staging03:/usr/lib/php:/usr/local/lib/php:/tmp"
       </IfModule>
       <IfModule sapi_apache2.c>
           php_admin_value open_basedir "/home/staging03:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp"
       </IfModule>
   </IfModule>
   <IfModule !mod_disable_suexec.c>
       <IfModule !mod_ruid2.c>
           SuexecUserGroup staging03 staging03
       </IfModule>
   </IfModule>
   <IfModule mod_ruid2.c>
       RMode config
       RUidGid staging03 staging03
   </IfModule>
   <IfModule itk.c>
       # For more information on MPM ITK, please read:
       #   http://mpm-itk.sesse.net/
       AssignUserID staging03 staging03
   </IfModule>
</VirtualHost>

那麼我應該查看哪些文件以及如何檢查問題不是 Apache,因為我們有 nginx 路由到清漆,然後路由到 Apache,所以我認為 Apache 是問題所在,但我沒有得到任何有用的資訊從日誌和 Apache 執行沒有任何問題,它只是沒有為頁面提供服務,並且 Varnish 出於某種原因無法訪問 Apache?

我正在執行 CENTOS 6,並且我有另一台具有相同配置且執行良好的伺服器,但是當我比較 etc 文件夾時,我並沒有真正看到任何顯著差異。

根據您的日誌,我可以看到 Varnish 和 Apache 都在同一台機器上執行。Varnish 應該在 port 上執行80,Apache 在 port 上執行8080

顯然還有一個 Nginx 正在執行,所以我假設這是為了 TLS 終止,在 port 上執行443

第 1 步:確保 Apache 成功偵聽埠 8080

執行sudo netstat -plnt以確定每個服務使用哪些埠。

確保httpd服務正在偵聽埠8080並通過執行來驗證這一點curl -I localhost:8080

第 2 步:在 VCL 文件中為後端添加執行狀況探測

標準 VCL 不為您的預設後端提供執行狀況探測。使用下面的 VCL 程式碼,您可以持續監控後端執行狀況:

backend default {
   .host = "127.0.0.1";
   .port = "8080";
   .probe = {
       .url = "/";
       .timeout = 2s;
       .interval = 5s;
       .window = 10;
       .threshold = 5;
  }
}

添加探針並載入新的 VCL 後,您可以根據探針呼叫以下命令來檢查後端的執行狀況:

varnishlog -g raw -i backend_health

如果輸出包含Still sick,您知道後端不可用,狀態碼可能會告訴您原因。

第三步:升級你的 Varnish 伺服器

我忍不住注意到RxHeader您的 VSL 輸出中的術語。這清楚地表明您正在使用不再受支持的古老版本的 Varnish。

即使在真正舊版本的 Varnish 中,RxHeader也被替換為ReqHeader.

我的建議:升級到Varnish 6.0 LTS。這個 LTS 版本的 Varnish 帶有頻繁的錯誤修復和安全更新檔。請參閱https://www.varnish-software.com/developers/tutorials/installing-varnish-centos/了解如何在 CentOS 上安裝此版本。

引用自:https://serverfault.com/questions/1081801