diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.2.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.2.conf index 7daaeb75..15dc03df 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.2.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.2.conf @@ -40,7 +40,7 @@ Set listen(2) backlog - 1024 + 128 Set permissions for unix socket, if one used. In Linux read/write permissions must be set in order to allow connections from web server. Many BSD-derrived systems allow connections regardless of permissions. diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.3.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.3.conf index 3ddf1d8d..f649cd65 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.3.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.3.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -116,4 +130,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.4.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.4.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.4.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.4.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.5.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.5.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.5.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.5.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.6.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.6.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.6.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-5.6.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.0.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.0.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.0.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.0.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.1.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.1.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.1.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.1.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.2.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.2.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.2.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.2.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.3.conf b/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.3.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.3.conf +++ b/Dockerfiles/base/data/php-fpm.conf/php-fpm-7.3.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.2.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.2.conf index efd82405..c50be446 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.2.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.2.conf @@ -40,7 +40,7 @@ Set listen(2) backlog - 1024 + 128 Set permissions for unix socket, if one used. In Linux read/write permissions must be set in order to allow connections from web server. Many BSD-derrived systems allow connections regardless of permissions. diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.3.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.3.conf index 3ddf1d8d..f649cd65 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.3.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.3.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -116,4 +130,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.4.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.4.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.4.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.4.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.5.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.5.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.5.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.5.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.6.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.6.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.6.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-5.6.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.0.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.0.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.0.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.0.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.1.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.1.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.1.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.1.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.2.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.2.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.2.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.2.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.3.conf b/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.3.conf index 1d63a44e..9f1632de 100644 --- a/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.3.conf +++ b/Dockerfiles/work/data/php-fpm.conf/php-fpm-7.3.conf @@ -30,11 +30,25 @@ access.log = /proc/self/fd/2 ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = 128 + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -118,4 +132,3 @@ group = devilbox [www] ; Ensure to listen here listen = 9000 -listen.backlog = 1024 diff --git a/build/ansible/CONFIGURATIONS/php-fpm.conf.j2 b/build/ansible/CONFIGURATIONS/php-fpm.conf.j2 index d4d297c6..e85b7491 100644 --- a/build/ansible/CONFIGURATIONS/php-fpm.conf.j2 +++ b/build/ansible/CONFIGURATIONS/php-fpm.conf.j2 @@ -31,11 +31,25 @@ access.log = {{ item.cfg[item.key].access_log | default(item.cfg[item.alt].acces ; ############################################################ -; Worker configuration +; Backlog configuration ; ############################################################ [www] +; A maximum of backlog incoming connections will be queued for processing. +; If a connection request arrives with the queue full the client may receive an error with an +; indication of ECONNREFUSED, or, if the underlying protocol supports retransmission, +; the request may be ignored so that retries may succeed. + +; This should not be greater than `cat /proc/sys/net/core/somaxconn`, otherwise connections +; are silently truncated +listen.backlog = {{ item.cfg[item.key].listen_backlog | default(item.cfg[item.alt].listen_backlog) }} + + +; ############################################################ +; Worker configuration +; ############################################################ +[www] ; static - the number of child processes is fixed (pm.max_children). ; ; dynamic - the number of child processes is set dynamically based on the following directives: @@ -122,8 +136,6 @@ group = {{ item.cfg[item.key].group | default(item.cfg[item.alt].group) }} [www] ; Ensure to listen here listen = {{ item.cfg[item.key].listen | default(item.cfg[item.alt].listen)}} -{# Available since PHP >= 5.4 #} -listen.backlog = {{ item.cfg[item.key].listen_backlog | default(item.cfg[item.alt].listen_backlog) }} {% else %} {# PHP-FPM 5.2 uses XML format for configuration #} diff --git a/build/ansible/group_vars/all.yml b/build/ansible/group_vars/all.yml index 493e4c2f..91b04a58 100644 --- a/build/ansible/group_vars/all.yml +++ b/build/ansible/group_vars/all.yml @@ -95,7 +95,8 @@ php_settings_fpm: request_terminate_timeout: "{{ php_timeout }}s" # Network listen: 9000 - listen_backlog: 1024 + # Backlog + listen_backlog: 128 # Logging log_level: notice error_log: /proc/self/fd/2