Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

centos:web_c7:apache_4 [20.04.2018 10:29. ]
centos:web_c7:apache_4 [22.07.2019 14:57. ] (aktuell)
Zeile 1: Zeile 1:
 +====== Alternativer FastCGI Process Manager für den Apache httpd unter CentOS 7.x ======
 +{{:​centos:​web_c7:​phpfpmlogo.png?​nolink&​250 |Bild: PHP-FPM Logo }} Mit **[[https://​php-fpm.org/​|PHP-FPM]]** kann ein alternativer FastCGI Process Manager (FastCGI-Implementierung) beim Apache Webserver verwendet werden, um z.B. die PHP-Verarbeitungs erheblich zu beschleunigen und somit die Antwortzeiten des Webservers signifikant zu verbessern. [[https://​php-fpm.org/​|PHP-FPM]] ist seit der PHP **Version 5.3.3** fest in PHP integriert. [[https://​php-fpm.org/​|PHP-FPM]] startet dazu mehrere PHP-Interpreter-Prozesse,​ die ständig im Hintergrund laufen um auf Anfragen zu warten. Eingehende Requests nimmt er vom Apache-Webserver [[http://​httpd.apache.org|Apache HTTP Server]] entgegen und teilt dies dann den bereitstehenden Prozessen des PHP-Interpreter zu.
 +
 +Grundsätzlich gibt es **drei** Varianten, wie die Kommunikation zwischen dem WEB-Server [[http://​httpd.apache.org|Apache HTTP Server]] und dem [[http://​php.net/​|PHP]] realisiert werden kann:
 +  * **[[https://​wiki.apache.org/​httpd/​php|mod_php]]** Die wohl am meist verbreitete PHP Implementierung innerhalb des [[http://​httpd.apache.org|Apache HTTP Servers]].
 +  * **[[https://​wiki.apache.org/​httpd/​php-fastcgi|mod_fcgid]]** Alternativ zur Nutzung des PHP-Moduls **mod_php** kann auch **//​CGI/​FastCGI//​** vom [[http://​httpd.apache.org|Apache HTTP Server]] an eigens gestartete externen Prozess delegiert werden.
 +  * **[[https://​wiki.apache.org/​httpd/​PHP-FPM|php-fpm]]** Bei der dritten Variante mit Verwendung von **FPM/​FastCGI** übergibt der  [[http://​httpd.apache.org|Apache HTTP Server]] Anfragen an einen externen separat laufenden Dienstes/​Daemon. Dadurch ergeben sich folgende (zusätzliche) Vorteile:
 +    * Die PHP Prozesse **müssen __nicht__** mehr zwingend in der gleichen Umgebung wie der Webserver laufen; bzw. im einfachsten Fall wird der PHP-FPMD-Daemon mit anderen User- und Gruppenrechten betrieben als der WEB-Server selbst.
 +    * Die PHP-FPM Prozesse können unabhängig vom Webserver neu gestartet werden. Somit werden keinen ankommende Clientprozesse des Apache-Webservers beim Neustart des PHP-FPM-Daemon getrennt und gehen somit __nicht__ verloren.
 +    * Durch geschickte Konfiguration des PHP-FPM-Daemon können getrennte und unterschiedliche Pools definiert werden. Bei der Konfiguration dieser Pools kann definiert werden, mit welchen User- und Gruppenrechten der bzw. die Prozesse laufen sollen und bei Bedarf können die PHP-FPM-Prozesse auch in eigenen **//​chroot//​-Umgebungen** laufen. Auch können unterschiedliche PHP-Einstellungen mit Hilfe von getrennten **php.ini** Dateien festgelegt werden. Angesprochen werden diese Pools entweder über einen **[[https://​de.wikipedia.org/​wiki/​POSIX_local_inter-process_communication_socket|UNIX Domain Socket]]** bzw. über unterschiedliche **[[https://​de.wikipedia.org/​wiki/​Port_(Protokoll)|Ports]]**.
 +    * Nicht mehr benötigte PHP-FPM-Prozesse können automatisiert beendet werden, wenn diese nicht mehr benötigt werden sollten.
 +    * Durch Verwendung der Option **request_slowlog_timeout** kann definiert werden, wie lange max. auf einen Antwort eines Anfrage gewartet werden soll. Wir dieser Wert überschritten,​ wird automatisch ein **[[https://​de.wikipedia.org/​wiki/​Backtracking|backtrace]]** der Anfrage in eine LOG-Datei geschrieben.
 +    * Durch Verwendung des alternativer FastCGI Process Managers **[[https://​php-fpm.org/​|PHP-FPM]]** kann der [[http://​httpd.apache.org|Apache HTTP Server]] im **__[[http://​httpd.apache.org/​docs/​2.4/​mod/​event.html|event]]__-Mode** statt dem standardmässigen **__[[http://​httpd.apache.org/​docs/​2.4/​mod/​prefork.html|prefork]]__-Mode** betrieben werden. Dadurch kann der Durchsatz des webservers erheblich verbessert werden.
 +
 +Nachfolgend wird in diesem Kapitel beschrieben,​ wie der PHP-FPM-Daemon installiert,​ eingerichtet und an den Apache Webserver angebunden werden kann.
 +
 +===== Installation =====
 +Die Installation des FastCGI Process Managers **[[https://​php-fpm.org/​|PHP-FPM]]** erfolgt mit Hilfe des Paketmanager Tools **YUM**. Verwendet man die Standard-PHP-Installation unter **CentOS 7** ist das Paket **php-fpm** aus dem //​**Base-Repository**//​ zu installieren.
 +   # yum install php-fpm -y 
 +
 +Im weiteren werden wir uns die Installation des zugehörigen Daemon bei Verwendung von **PHP 7.0** aus dem Repository **[[https://​ius.io/​Packages/​|IUS]]** betrachten. ​
 +   # yum install php70u-fpm
 +
 +Was uns das Paket **php70u-fpm** alles mit ins System bringt, zeigt uns der Befehl **rpm** mit der Option **-qil**. ​
 +   # rpm -qil php70u-fpm
 +<​code>​Name ​       : php70u-fpm
 +Version ​    : 7.0.21
 +Release ​    : 1.ius.centos7
 +Architecture:​ x86_64
 +Install Date: Fri 21 Jul 2017 10:24:28 PM CEST
 +Group       : Development/​Languages
 +Size        : 4759319
 +License ​    : PHP and Zend and BSD and MIT and ASL 1.0
 +Signature ​  : DSA/SHA1, Wed 19 Jul 2017 06:23:42 AM CEST, Key ID da221cdf9cd4953f
 +Source RPM  : php70u-7.0.21-1.ius.centos7.src.rpm
 +Build Date  : Thu 06 Jul 2017 04:28:31 PM CEST
 +Build Host  : 606890-build04.rpmdev.rackspace.com
 +Relocations : (not relocatable)
 +URL         : http://​www.php.net/​
 +Summary ​    : PHP FastCGI Process Manager
 +Description :
 +PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI
 +implementation with some additional features useful for sites of
 +any size, especially busier sites.
 +/​etc/​logrotate.d/​php-fpm
 +/​etc/​php-fpm.conf
 +/​etc/​php-fpm.d
 +/​etc/​php-fpm.d/​www.conf
 +/​etc/​systemd/​system/​php-fpm.service.d
 +/​run/​php-fpm
 +/​usr/​lib/​systemd/​system/​php-fpm.service
 +/​usr/​lib/​tmpfiles.d/​php-fpm.conf
 +/​usr/​sbin/​php-fpm
 +/​usr/​share/​doc/​php70u-fpm-7.0.21
 +/​usr/​share/​doc/​php70u-fpm-7.0.21/​php-fpm.conf.default
 +/​usr/​share/​doc/​php70u-fpm-7.0.21/​www.conf.default
 +/​usr/​share/​fpm
 +/​usr/​share/​fpm/​status.html
 +/​usr/​share/​licenses/​php70u-fpm-7.0.21
 +/​usr/​share/​licenses/​php70u-fpm-7.0.21/​fpm_LICENSE
 +/​usr/​share/​man/​man8/​php-fpm.8.gz
 +/​var/​lib/​php/​fpm
 +/​var/​lib/​php/​fpm/​opcache
 +/​var/​lib/​php/​fpm/​session
 +/​var/​lib/​php/​fpm/​wsdlcache
 +/​var/​log/​php-fpm</​code>​
 +
 +===== Konfiguration =====
 +==== Daemon ====
 +Die Konfiguration des Daemon erfolgt über die  Konfigurationsdatei //​**/​etc/​php-fpm.conf**//​ .
 +   # vim /​etc/​php-fpm.conf
 +<file code /​etc/​php-fpm.conf>;;;;;;;;;;;;;;;;;;;;;​
 +; FPM Configuration ;
 +;;;;;;;;;;;;;;;;;;;;;​
 +
 +; All relative paths in this configuration file are relative to PHP's install
 +; prefix.
 +
 +; Include one or more files. If glob(3) exists, it is used to include a bunch of
 +; files from a glob(3) pattern. This directive can be used everywhere in the
 +; file.
 +include=/​etc/​php-fpm.d/​*.conf
 +
 +;;;;;;;;;;;;;;;;;;​
 +; Global Options ;
 +;;;;;;;;;;;;;;;;;;​
 +
 +[global]
 +; Pid file
 +; Default Value: none
 +pid = /​run/​php-fpm/​php-fpm.pid
 +
 +; Error log file
 +; If it's set to "​syslog",​ log is sent to syslogd instead of being written
 +; in a local file.
 +; Default Value: /​var/​log/​php-fpm.log
 +error_log = /​var/​log/​php-fpm/​error.log
 +
 +; syslog_facility is used to specify what type of program is logging the
 +; message. This lets syslogd specify that messages from different facilities
 +; will be handled differently.
 +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
 +; Default Value: daemon
 +;​syslog.facility = daemon
 +
 +; syslog_ident is prepended to every message. If you have multiple FPM
 +; instances running on the same server, you can change the default value
 +; which must suit common needs.
 +; Default Value: php-fpm
 +;​syslog.ident = php-fpm
 +
 +; Log level
 +; Possible Values: alert, error, warning, notice, debug
 +; Default Value: notice
 +;log_level = notice
 +
 +; If this number of child processes exit with SIGSEGV or SIGBUS within the time
 +; interval set by emergency_restart_interval then FPM will restart. A value
 +; of '​0'​ means '​Off'​.
 +; Default Value: 0
 +;​emergency_restart_threshold = 0
 +
 +; Interval of time used by emergency_restart_interval to determine when 
 +; a graceful restart will be initiated. ​ This can be useful to work around
 +; accidental corruptions in an accelerator'​s shared memory.
 +; Available Units: s(econds), m(inutes), h(ours), or d(ays)
 +; Default Unit: seconds
 +; Default Value: 0
 +;​emergency_restart_interval = 0
 +
 +; Time limit for child processes to wait for a reaction on signals from master.
 +; Available units: s(econds), m(inutes), h(ours), or d(ays)
 +; Default Unit: seconds
 +; Default Value: 0
 +;​process_control_timeout = 0
 +
 +; The maximum number of processes FPM will fork. This has been design to control
 +; the global number of processes when using dynamic PM within a lot of pools.
 +; Use it with caution.
 +; Note: A value of 0 indicates no limit
 +; Default Value: 0
 +;​process.max = 128
 +
 +; Specify the nice(2) priority to apply to the master process (only if set)
 +; The value can vary from -19 (highest priority) to 20 (lower priority)
 +; Note: - It will only work if the FPM master process is launched as root
 +;       - The pool process will inherit the master process priority
 +;         ​unless it specified otherwise
 +; Default Value: no set
 +;​process.priority = -19
 +
 +; Send FPM to background. Set to '​no'​ to keep FPM in foreground for debugging.
 +; Default Value: yes
 +daemonize = yes
 +
 +; Set open file descriptor rlimit for the master process.
 +; Default Value: system defined value
 +;​rlimit_files = 1024
 +
 +; Set max core size rlimit for the master process.
 +; Possible Values: '​unlimited'​ or an integer greater or equal to 0
 +; Default Value: system defined value
 +;​rlimit_core = 0
 +
 +; Specify the event mechanism FPM will use. The following is available:
 +; - select ​    (any POSIX os)
 +; - poll       (any POSIX os)
 +; - epoll      (linux >= 2.5.44)
 +; Default Value: not set (auto detection)
 +;​events.mechanism = epoll
 +
 +; When FPM is build with systemd integration,​ specify the interval,
 +; in second, between health report notification to systemd.
 +; Set to 0 to disable.
 +; Available Units: s(econds), m(inutes), h(ours)
 +; Default Unit: seconds
 +; Default value: 10
 +;​systemd_interval = 10
 +
 +;;;;;;;;;;;;;;;;;;;;​
 +; Pool Definitions ; 
 +;;;;;;;;;;;;;;;;;;;;​
 +
 +; Multiple pools of child processes may be started with different listening
 +; ports and different management options. ​ The name of the pool will be
 +; used in logs and stats. There is no limitation on the number of pools which
 +; FPM can handle. Your system will tell you anyway :)
 +
 +; See /​etc/​php-fpm.d/​*.conf
 +</​file>​
 +
 +==== Pool www ====
 +Bei der Installation wurde für den Pool **www** einen vordefiniert Konfigurationsdatei //​**/​etc/​php-fpm.d/​www.conf**//​ mitgeliefert.
 +   # vim /​etc/​php-fpm.d/​www.conf
 +<file code /​etc/​php-fpm.d/​www.conf>;​ Start a new pool named '​www'​.
 +; the variable $pool can we used in any directive and will be replaced by the
 +; pool name ('​www'​ here)
 +[www]
 +
 +; Per pool prefix
 +; It only applies on the following directives:
 +; - '​access.log'​
 +; - '​slowlog'​
 +; - '​listen'​ (unixsocket)
 +; - '​chroot'​
 +; - '​chdir'​
 +; - '​php_values'​
 +; - '​php_admin_values'​
 +; When not set, the global prefix (or @php_fpm_prefix@) applies instead.
 +; Note: This directive can also be relative to the global prefix.
 +; Default Value: none
 +;prefix = /​path/​to/​pools/​$pool
 +
 +; Unix user/group of processes
 +; Note: The user is mandatory. If the group is not set, the default user's group
 +;       will be used.
 +user = php-fpm
 +group = php-fpm
 +
 +; The address on which to accept FastCGI requests.
 +; Valid syntaxes are:
 +;   '​ip.add.re.ss:​port' ​   - to listen on a TCP socket to a specific IPv4 address on
 +;                            a specific port;
 +;   '​[ip:​6:​addr:​ess]:​port'​ - to listen on a TCP socket to a specific IPv6 address on
 +;                            a specific port;
 +;   '​port' ​                - to listen on a TCP socket to all addresses
 +;                            (IPv6 and IPv4-mapped) on a specific port;
 +;   '/​path/​to/​unix/​socket'​ - to listen on a unix socket.
 +; Note: This value is mandatory.
 +listen = 127.0.0.1:​9000
 +; WARNING: If you switch to a unix socket, you have to grant your webserver user
 +;          access to that socket by setting listen.acl_users to the webserver user.
 +;listen = /​run/​php-fpm/​www.sock
 +
 +; Set listen(2) backlog.
 +; Default Value: 511
 +;​listen.backlog = 511
 +
 +; Set permissions for unix socket, if one is used. In Linux, read/write
 +; permissions must be set in order to allow connections from a web server.
 +; Default Values: user and group are set as the running user
 +;                 mode is set to 0660
 +;​listen.owner = root
 +;​listen.group = root
 +;​listen.mode = 0660
 +
 +; When POSIX Access Control Lists are supported you can set them using
 +; these options, value is a comma separated list of user/group names.
 +; When set, listen.owner and listen.group are ignored
 +;​listen.acl_users = apache,​nginx
 +;​listen.acl_users = apache
 +;​listen.acl_users = nginx
 +;​listen.acl_groups =
 +
 +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
 +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
 +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
 +; must be separated by a comma. If this value is left blank, connections will be
 +; accepted from any ip address.
 +; Default Value: any
 +listen.allowed_clients = 127.0.0.1
 +
 +; Specify the nice(2) priority to apply to the pool processes (only if set)
 +; The value can vary from -19 (highest priority) to 20 (lower priority)
 +; Note: - It will only work if the FPM master process is launched as root
 +;       - The pool processes will inherit the master process priority
 +;         ​unless it specified otherwise
 +; Default Value: no set
 +; process.priority = -19
 +
 +; Choose how the process manager will control the number of child processes.
 +; Possible Values:
 +;   ​static ​ - a fixed number (pm.max_children) of child processes;
 +;   ​dynamic - the number of child processes are set dynamically based on the
 +;             ​following directives. With this process management, there will be
 +;             ​always at least 1 children.
 +;             ​pm.max_children ​     - the maximum number of children that can
 +;                                    be alive at the same time.
 +;             ​pm.start_servers ​    - the number of children created on startup.
 +;             ​pm.min_spare_servers - the minimum number of children in '​idle'​
 +;                                    state (waiting to process). If the number
 +;                                    of '​idle'​ processes is less than this
 +;                                    number then some children will be created.
 +;             ​pm.max_spare_servers - the maximum number of children in '​idle'​
 +;                                    state (waiting to process). If the number
 +;                                    of '​idle'​ processes is greater than this
 +;                                    number then some children will be killed.
 +;  ondemand - no children are created at startup. Children will be forked when
 +;             new requests will connect. The following parameter are used:
 +;             ​pm.max_children ​          - the maximum number of children that
 +;                                         can be alive at the same time.
 +;             ​pm.process_idle_timeout ​  - The number of seconds after which
 +;                                         an idle process will be killed.
 +; Note: This value is mandatory.
 +pm = dynamic
 +
 +; The number of child processes to be created when pm is set to '​static'​ and the
 +; maximum number of child processes when pm is set to '​dynamic'​ or '​ondemand'​.
 +; This value sets the limit on the number of simultaneous requests that will be
 +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
 +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
 +; CGI. The below defaults are based on a server without much resources. Don't
 +; forget to tweak pm.* to fit your needs.
 +; Note: Used when pm is set to '​static',​ '​dynamic'​ or '​ondemand'​
 +; Note: This value is mandatory.
 +pm.max_children = 50
 +
 +; The number of child processes created on startup.
 +; Note: Used only when pm is set to '​dynamic'​
 +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
 +pm.start_servers = 5
 +
 +; The desired minimum number of idle server processes.
 +; Note: Used only when pm is set to '​dynamic'​
 +; Note: Mandatory when pm is set to '​dynamic'​
 +pm.min_spare_servers = 5
 +
 +; The desired maximum number of idle server processes.
 +; Note: Used only when pm is set to '​dynamic'​
 +; Note: Mandatory when pm is set to '​dynamic'​
 +pm.max_spare_servers = 35
 +
 +; The number of seconds after which an idle process will be killed.
 +; Note: Used only when pm is set to '​ondemand'​
 +; Default Value: 10s
 +;​pm.process_idle_timeout = 10s;
 +
 +; The number of requests each child process should execute before respawning.
 +; This can be useful to work around memory leaks in 3rd party libraries. For
 +; endless request processing specify '​0'​. Equivalent to PHP_FCGI_MAX_REQUESTS.
 +; Default Value: 0
 +;​pm.max_requests = 500
 +
 +; The URI to view the FPM status page. If this value is not set, no URI will be
 +; recognized as a status page. It shows the following informations:​
 +;   ​pool ​                - the name of the pool;
 +;   ​process manager ​     - static, dynamic or ondemand;
 +;   start time           - the date and time FPM has started;
 +;   start since          - number of seconds since FPM has started;
 +;   ​accepted conn        - the number of request accepted by the pool;
 +;   ​listen queue         - the number of request in the queue of pending
 +;                          connections (see backlog in listen(2));
 +;   max listen queue     - the maximum number of requests in the queue
 +;                          of pending connections since FPM has started;
 +;   ​listen queue len     - the size of the socket queue of pending connections;​
 +;   idle processes ​      - the number of idle processes;
 +;   ​active processes ​    - the number of active processes;
 +;   total processes ​     - the number of idle + active processes;
 +;   max active processes - the maximum number of active processes since FPM
 +;                          has started;
 +;   max children reached - number of times, the process limit has been reached,
 +;                          when pm tries to start more children (works only for
 +;                          pm '​dynamic'​ and '​ondemand'​);​
 +; Value are updated in real time.
 +; Example output:
 +;   ​pool: ​                www
 +;   ​process manager: ​     static
 +;   start time:           ​01/​Jul/​2011:​17:​53:​49 +0200
 +;   start since: ​         62636
 +;   ​accepted conn:        190460
 +;   ​listen queue: ​        0
 +;   max listen queue: ​    1
 +;   ​listen queue len:     42
 +;   idle processes: ​      4
 +;   ​active processes: ​    11
 +;   total processes: ​     15
 +;   max active processes: 12
 +;   max children reached: 0
 +;
 +; By default the status page output is formatted as text/plain. Passing either
 +; '​html',​ '​xml'​ or '​json'​ in the query string will return the corresponding
 +; output syntax. Example:
 +;   ​http://​www.foo.bar/​status
 +;   ​http://​www.foo.bar/​status?​json
 +;   ​http://​www.foo.bar/​status?​html
 +;   ​http://​www.foo.bar/​status?​xml
 +;
 +; By default the status page only outputs short status. Passing '​full'​ in the
 +; query string will also return status for each pool process.
 +; Example:
 +;   ​http://​www.foo.bar/​status?​full
 +;   ​http://​www.foo.bar/​status?​json&​full
 +;   ​http://​www.foo.bar/​status?​html&​full
 +;   ​http://​www.foo.bar/​status?​xml&​full
 +; The Full status returns for each process:
 +;   ​pid ​                 - the PID of the process;
 +;   ​state ​               - the state of the process (Idle, Running, ...);
 +;   start time           - the date and time the process has started;
 +;   start since          - the number of seconds since the process has started;
 +;   ​requests ​            - the number of requests the process has served;
 +;   ​request duration ​    - the duration in µs of the requests;
 +;   ​request method ​      - the request method (GET, POST, ...);
 +;   ​request URI          - the request URI with the query string;
 +;   ​content length ​      - the content length of the request (only with POST);
 +;   ​user ​                - the user (PHP_AUTH_USER) (or '​-'​ if not set);
 +;   ​script ​              - the main script called (or '​-'​ if not set);
 +;   last request cpu     - the %cpu the last request consumed
 +;                          it's always 0 if the process is not in Idle state
 +;                          because CPU calculation is done when the request
 +;                          processing has terminated;
 +;   last request memory ​ - the max amount of memory the last request consumed
 +;                          it's always 0 if the process is not in Idle state
 +;                          because memory calculation is done when the request
 +;                          processing has terminated;
 +; If the process is in Idle state, then informations are related to the
 +; last request the process has served. Otherwise informations are related to
 +; the current request being served.
 +; Example output:
 +;   ​************************
 +;   ​pid: ​                 31330
 +;   ​state: ​               Running
 +;   start time:           ​01/​Jul/​2011:​17:​53:​49 +0200
 +;   start since: ​         63087
 +;   ​requests: ​            12808
 +;   ​request duration: ​    ​1250261
 +;   ​request method: ​      GET
 +;   ​request URI:          /​test_mem.php?​N=10000
 +;   ​content length: ​      0
 +;   ​user: ​                -
 +;   ​script: ​              /​home/​fat/​web/​docs/​php/​test_mem.php
 +;   last request cpu:     0.00
 +;   last request memory: ​ 0
 +;
 +; Note: There is a real-time FPM status monitoring sample web page available
 +;       ​It'​s available in: @EXPANDED_DATADIR@/​fpm/​status.html
 +;
 +; Note: The value must start with a leading slash (/). The value can be
 +;       ​anything,​ but it may not be a good idea to use the .php extension or it
 +;       may conflict with a real PHP file.
 +; Default Value: not set
 +;​pm.status_path = /status
 +
 +; The ping URI to call the monitoring page of FPM. If this value is not set, no
 +; URI will be recognized as a ping page. This could be used to test from outside
 +; that FPM is alive and responding, or to
 +; - create a graph of FPM availability (rrd or such);
 +; - remove a server from a group if it is not responding (load balancing);
 +; - trigger alerts for the operating team (24/7).
 +; Note: The value must start with a leading slash (/). The value can be
 +;       ​anything,​ but it may not be a good idea to use the .php extension or it
 +;       may conflict with a real PHP file.
 +; Default Value: not set
 +;ping.path = /ping
 +
 +; This directive may be used to customize the response of a ping request. The
 +; response is formatted as text/plain with a 200 response code.
 +; Default Value: pong
 +;​ping.response = pong
 +
 +; The access log file
 +; Default: not set
 +;access.log = log/​$pool.access.log
 +
 +; The access log format.
 +; The following syntax is allowed
 +;  %%: the '​%'​ character
 +;  %C: %CPU used by the request
 +;      it can accept the following format:
 +;      - %{user}C for user CPU only
 +;      - %{system}C for system CPU only
 +;      - %{total}C ​ for user + system CPU (default)
 +;  %d: time taken to serve the request
 +;      it can accept the following format:
 +;      - %{seconds}d (default)
 +;      - %{miliseconds}d
 +;      - %{mili}d
 +;      - %{microseconds}d
 +;      - %{micro}d
 +;  %e: an environment variable (same as $_ENV or $_SERVER)
 +;      it must be associated with embraces to specify the name of the env
 +;      variable. Some exemples:
 +;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
 +;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
 +;  %f: script filename
 +;  %l: content-length of the request (for POST request only)
 +;  %m: request method
 +;  %M: peak of memory allocated by PHP
 +;      it can accept the following format:
 +;      - %{bytes}M (default)
 +;      - %{kilobytes}M
 +;      - %{kilo}M
 +;      - %{megabytes}M
 +;      - %{mega}M
 +;  %n: pool name
 +;  %o: output header
 +;      it must be associated with embraces to specify the name of the header:
 +;      - %{Content-Type}o
 +;      - %{X-Powered-By}o
 +;      - %{Transfert-Encoding}o
 +;      - ....
 +;  %p: PID of the child that serviced the request
 +;  %P: PID of the parent of the child that serviced the request
 +;  %q: the query string
 +;  %Q: the '?'​ character if query string exists
 +;  %r: the request URI (without the query string, see %q and %Q)
 +;  %R: remote IP address
 +;  %s: status (response code)
 +;  %t: server time the request was received
 +;      it can accept a strftime(3) format:
 +;      %d/​%b/​%Y:​%H:​%M:​%S %z (default)
 +;      The strftime(3) format must be encapsuled in a %{<​strftime_format>​}t tag
 +;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:​%M:​%S%z}t
 +;  %T: time the log has been written (the request has finished)
 +;      it can accept a strftime(3) format:
 +;      %d/​%b/​%Y:​%H:​%M:​%S %z (default)
 +;      The strftime(3) format must be encapsuled in a %{<​strftime_format>​}t tag
 +;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:​%M:​%S%z}t
 +;  %u: remote user
 +;
 +; Default: "%R - %u %t \"%m %r\" %s"
 +;​access.format = "%R - %u %t \"%m %r%Q%q\"​ %s %f %{mili}d %{kilo}M %C%%"
 +
 +; The log file for slow requests
 +; Default Value: not set
 +; Note: slowlog is mandatory if request_slowlog_timeout is set
 +slowlog = /​var/​log/​php-fpm/​www-slow.log
 +
 +; The timeout for serving a single request after which a PHP backtrace will be
 +; dumped to the '​slowlog'​ file. A value of '​0s'​ means '​off'​.
 +; Available units: s(econds)(default),​ m(inutes), h(ours), or d(ays)
 +; Default Value: 0
 +;​request_slowlog_timeout = 0
 +
 +; The timeout for serving a single request after which the worker process will
 +; be killed. This option should be used when the '​max_execution_time'​ ini option
 +; does not stop script execution for some reason. A value of '​0'​ means '​off'​.
 +; Available units: s(econds)(default),​ m(inutes), h(ours), or d(ays)
 +; Default Value: 0
 +;​request_terminate_timeout = 0
 +
 +; Set open file descriptor rlimit.
 +; Default Value: system defined value
 +;​rlimit_files = 1024
 +
 +; Set max core size rlimit.
 +; Possible Values: '​unlimited'​ or an integer greater or equal to 0
 +; Default Value: system defined value
 +;​rlimit_core = 0
 +
 +; Chroot to this directory at the start. This value must be defined as an
 +; absolute path. When this value is not set, chroot is not used.
 +; Note: you can prefix with '​$prefix'​ to chroot to the pool prefix or one
 +; of its subdirectories. If the pool prefix is not set, the global prefix
 +; will be used instead.
 +; Note: chrooting is a great security feature and should be used whenever
 +;       ​possible. However, all PHP paths will be relative to the chroot
 +;       ​(error_log,​ sessions.save_path,​ ...).
 +; Default Value: not set
 +;chroot =
 +
 +; Chdir to this directory at the start.
 +; Note: relative path can be used.
 +; Default Value: current directory or / when chroot
 +;chdir = /var/www
 +
 +; Redirect worker stdout and stderr into main error log. If not set, stdout and
 +; stderr will be redirected to /dev/null according to FastCGI specs.
 +; Note: on highloaded environement,​ this can cause some delay in the page
 +; process time (several ms).
 +; Default Value: no
 +;​catch_workers_output = yes
 +
 +; Clear environment in FPM workers
 +; Prevents arbitrary environment variables from reaching FPM worker processes
 +; by clearing the environment in workers before env vars specified in this
 +; pool configuration are added.
 +; Setting to "​no"​ will make all environment variables available to PHP code
 +; via getenv(), $_ENV and $_SERVER.
 +; Default Value: yes
 +;clear_env = no
 +
 +; Limits the extensions of the main script FPM will allow to parse. This can
 +; prevent configuration mistakes on the web server side. You should only limit
 +; FPM to .php extensions to prevent malicious users to use other extensions to
 +; exectute php code.
 +; Note: set an empty value to allow all extensions.
 +; Default Value: .php
 +;​security.limit_extensions = .php .php3 .php4 .php5 .php7
 +
 +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
 +; the current environment.
 +; Default Value: clean env
 +;​env[HOSTNAME] = $HOSTNAME
 +;env[PATH] = /​usr/​local/​bin:/​usr/​bin:/​bin
 +;env[TMP] = /tmp
 +;​env[TMPDIR] = /tmp
 +;env[TEMP] = /tmp
 +
 +; Additional php.ini defines, specific to this pool of workers. These settings
 +; overwrite the values previously defined in the php.ini. The directives are the
 +; same as the PHP SAPI:
 +;   ​php_value/​php_flag ​            - you can set classic ini defines which can
 +;                                    be overwritten from PHP call '​ini_set'​.
 +;   ​php_admin_value/​php_admin_flag - these directives won't be overwritten by
 +;                                     PHP call '​ini_set'​
 +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
 +
 +; Defining '​extension'​ will load the corresponding shared extension from
 +; extension_dir. Defining '​disable_functions'​ or '​disable_classes'​ will not
 +; overwrite previously defined php.ini values, but will append the new value
 +; instead.
 +
 +; Note: path INI options can be relative and will be expanded with the prefix
 +; (pool, global or @prefix@)
 +
 +; Default Value: nothing is defined by default except the values in php.ini and
 +;                specified at startup with the -d argument
 +;​php_admin_value[sendmail_path] = /​usr/​sbin/​sendmail -t -i -f www@my.domain.com
 +;​php_flag[display_errors] = off
 +php_admin_value[error_log] = /​var/​log/​php-fpm/​www-error.log
 +php_admin_flag[log_errors] = on
 +;​php_admin_value[memory_limit] = 128M
 +
 +; Set data paths to directories owned by process user
 +php_value[session.save_handler] = files
 +php_value[session.save_path] ​   = /​var/​lib/​php/​fpm/​session
 +php_value[soap.wsdl_cache_dir] ​ = /​var/​lib/​php/​fpm/​wsdlcache
 +;​php_value[opcache.file_cache] ​ = /​var/​lib/​php/​fpm/​opcache
 +
 +</​file>​
 +
 +===== Systemstart =====
 +==== erster manueller Start ====
 +   # systemctl start php-fpm.service
 +
 +Im syslog wird der erfolgreiche Start entsprechend protokolliert.
 +   # tail -n2 /​var/​log/​messages
 +
 +  Jul 21 22:54:28 vml000107 systemd: Starting The PHP FastCGI Process Manager...
 +  Jul 21 22:54:28 vml000107 systemd: Started The PHP FastCGI Process Manager.
 +
 +Ebenso kann man den Status des Daemons mit Hilfe des Befehls **systemctl** abfragen.
 +   # systemctl status php-fpm.service
 +
 +<​html><​pre class="​code">​
 +<font style="​color:​ rgb(29, 180, 29)"><​b>​●</​b></​font>​ php-fpm.service - The PHP FastCGI Process Manager
 +   ​Loaded:​ loaded (/​usr/​lib/​systemd/​system/​php-fpm.service;​ disabled; vendor preset: disabled)
 +   ​Active:<​font style="​color:​ rgb(29, 180, 29)"><​b>​active (running)</​b></​font>​ since Fri 2017-07-21 22:54:28 CEST; 4min 6s ago
 + Main PID: 6470 (php-fpm)
 +   ​Status:​ "​Processes active: 0, idle: 5, Requests: 0, slow: 0, Traffic: 0req/​sec"​
 +   ​CGroup:​ /​system.slice/​php-fpm.service
 +           ​├─6470 php-fpm: master process (/​etc/​php-fpm.conf)
 +           ​├─6471 php-fpm: pool www
 +           ​├─6472 php-fpm: pool www
 +           ​├─6473 php-fpm: pool www
 +           ​├─6474 php-fpm: pool www
 +           ​└─6475 php-fpm: pool www
 +
 +Jul 21 22:54:28 vml000107.dmz.nausch.org systemd[1]: Starting The PHP FastCGI Process Manager...
 +Jul 21 22:54:28 vml000107.dmz.nausch.org systemd[1]: Started The PHP FastCGI Process Manager.</​font></​pre>​
 +</​html>​
 +
 +Im Verzeichnis //​**/​var/​log/​php-fpm/​**//​ werden vom Daemon Logdateien abgelegt. In der Datei **error.log** wird der Start des Daemon auch entsprechend protokolliert.
 +   # less /​var/​log/​php-fpm/​error.log
 +
 +  [21-Jul-2017 22:54:28] NOTICE: fpm is running, pid 6470
 +  [21-Jul-2017 22:54:28] NOTICE: ready to handle connections
 +  [21-Jul-2017 22:54:28] NOTICE: systemd monitor interval set to 10000ms
 +
 +Der Daemon ist nun ohne Fehlermeldung gestartet und wir überprüfen nun, ob der Port **9000** vom Daemon geöffnet wurde.
 +   # netstat -tulpen ​   ​
 +
 +<​code>​Active Internet connections (only servers)
 +Proto Recv-Q Send-Q Local Address ​          ​Foreign Address ​        ​State ​      ​User ​      ​Inode ​     PID/Program name    ​
 +tcp        0      0 127.0.0.1:​199 ​          ​0.0.0.0:​* ​              ​LISTEN ​     0          26573      1098/​snmpd ​         ​
 +tcp        0      0 127.0.0.1:​9000 ​         0.0.0.0:​* ​              ​LISTEN ​     0          230280 ​    ​6470/​php-fpm:​ maste 
 +</​code>​
 +
 +
 +
 +
 +
 +
 +==== automatischer Start beim Systemstart ====
 +Wollen wir den Daemon beim Hochfahren des Systems automatisch starten, greifen wir auf den Befehl **systemctl** zurück.
 +   # systemctl enable php-fpm.service
 +
 +  Created symlink from /​etc/​systemd/​system/​multi-user.target.wants/​php-fpm.service to /​usr/​lib/​systemd/​system/​php-fpm.service.
 +
 +Möchten wir uns vergewissern,​ ob der Daemon beim Systemstart gestartet wird oder nicht, erfahren wir ebenfalls mit dem Befehl **systemctl**.
 +   # systemctl is-enabled php-fpm.service
 +
 +  enabled
 +
 +Startet der Server nicht automatisch,​ wird uns ein "​**disabled**"​ zurückgemeldet.
 +
 +===== Anbindung an den Apache Webserver =====
 +Für die Anbindung des Apache Webservers an unseren nun eingerichteten PHP-FPM-Daemon stellt uns das **IUS-Repository** ein passendes RPM zur Verfügung.
 + 
 +==== Installation ====
 +Wir installieren uns nun dieses RPM wie gewohnt mit Hilfe von **yum**.
 +   # yum install php70u-fpm-httpd
 +
 +Was uns das Paket **php70u-fpm-httpd** alles mit ins System bringt, zeigt uns der Befehl **rpm** mit der Option **-qil**. ​
 +   # rpm -qil php70u-fpm-httpd
 +<​code>​Name ​       : php70u-fpm-httpd
 +Version ​    : 7.0.21
 +Release ​    : 1.ius.centos7
 +Architecture:​ noarch
 +Install Date: Fri 21 Jul 2017 11:55:35 PM CEST
 +Group       : Development/​Languages
 +Size        : 715
 +License ​    : PHP and Zend and BSD and MIT and ASL 1.0
 +Signature ​  : DSA/SHA1, Wed 19 Jul 2017 06:23:27 AM CEST, Key ID da221cdf9cd4953f
 +Source RPM  : php70u-7.0.21-1.ius.centos7.src.rpm
 +Build Date  : Thu 06 Jul 2017 04:28:31 PM CEST
 +Build Host  : 606890-build04.rpmdev.rackspace.com
 +Relocations : (not relocatable)
 +URL         : http://​www.php.net/​
 +Summary ​    : Apache HTTP Server configuration for PHP-FPM
 +Description :
 +Apache HTTP Server configuration file for the PHP FastCGI Process Manager.
 +/​etc/​httpd/​conf.d/​php-fpm.conf
 +</​code>​
 +
 +==== Konfiguration ====
 +Die Konfiguration unseres Webservers erfolgt über Einträge in einzelnen Konfigurationsdateien,​ die wir nun im Detail einzeln in Augenschein nehmen wollen und dort unsere Änderungen vornehmen wollen.
 +=== 00-proxy.conf ===
 +Damit der Apache Webserver die PHP-Request an den externen **[[https://​wiki.apache.org/​httpd/​PHP-FPM|PHP-FPM-Daemon]]** weiterreichen kann, wird das Proxymodul **[[http://​httpd.apache.org/​docs/​2.4/​de/​mod/​mod_proxy_fcgi.html|mod_proxy_fcgi]]** verwendet. Die Integration bzw. das Laden des Moduls wir über die Konfigurationsdatei //​**/​etc/​httpd/​conf.modules.d/​00-proxy.conf**//​ gesteuert. Dort ist nötige Eintrag beeits vorkonfiguriert,​ was wir wie folgt überprüfen können: ​
 +
 +   # grep mod_proxy_fcgi /​etc/​httpd/​conf.modules.d/​00-proxy.conf
 +
 +  LoadModule proxy_fcgi_module modules/​mod_proxy_fcgi.so
 +
 +=== 00-mpm.conf ===
 +Zur Performanceverbesserung wollen wir den [[http://​httpd.apache.org|Apache HTTP Server]] im **__[[http://​httpd.apache.org/​docs/​2.4/​mod/​event.html|event]]__-Mode** statt dem standardmässigen **__[[http://​httpd.apache.org/​docs/​2.4/​mod/​prefork.html|prefork]]__-Mode** betreiben. Die zugehörige Konfiguration erfolgt über die Konfigurationsdatei //​**/​etc/​httpd/​conf.modules.d/​00-mpm.conf**//​.
 +
 +Wir deaktivieren zunächst das Modul **prefork** in dem wir den ersten Eintrag auskommentieren. Anschliessend aktivieren die dritte Option - das Modul **event**.
 +   # vim /​etc/​httpd/​conf.modules.d/​00-mpm.conf
 +
 +<file apache /​etc/​httpd/​conf.modules.d/​00-mpm.conf>#​ Select the MPM module which should be used by uncommenting exactly
 +# one of the following LoadModule lines:
 +
 +# prefork MPM: Implements a non-threaded,​ pre-forking web server
 +# See: http://​httpd.apache.org/​docs/​2.4/​mod/​prefork.html
 +# Django : 2017-07-22 - Modul prefork deaktiviert
 +# default: LoadModule mpm_prefork_module modules/​mod_mpm_prefork.so
 +
 +# worker MPM: Multi-Processing Module implementing a hybrid
 +# multi-threaded multi-process web server
 +# See: http://​httpd.apache.org/​docs/​2.4/​mod/​worker.html
 +#
 +#LoadModule mpm_worker_module modules/​mod_mpm_worker.so
 +
 +# event MPM: A variant of the worker MPM with the goal of consuming
 +# threads only for connections with active processing
 +# See: http://​httpd.apache.org/​docs/​2.4/​mod/​event.html
 +#
 +# Django ​ : 2017-07-22 - Modul event aktiviert und damit auch
 +#                        mod_php deaktiviert.
 +# default : #LoadModule mpm_event_module modules/​mod_mpm_event.so
 +LoadModule mpm_event_module modules/​mod_mpm_event.so</​file>​
 +
 +=== php-fpm.conf (FastCGI PM) ===
 +Das grundsätzliche Verhalten des alternativen FastCGI Prozess Managers **php-fpm** wird über die Konfigurationsdatei //​**/​etc/​php-fpm.conf**//​ gesteuert. Diese Datei wir durch das RPM-Paket **''​php70u-fpm''​** bereitgestellt und darf nicht mit der Apache Konfigurationsdatei //​**/​etc/​httpd/​conf.d/​php-fpm.conf**//​ verwechselt werden. Auf diese werden wir später noch eingehen!
 +
 +In der Regel lassen wir diese Konfigurationsdatei unangetastet,​ es sei den wir wollten das Loggingverhalten unseren Wünschen nach anpassen.
 +   # vim /​etc/​php-fpm.conf
 +<file php /​etc/​php-fpm.conf>;;;;;;;;;;;;;;;;;;;;;​
 +; FPM Configuration ;
 +;;;;;;;;;;;;;;;;;;;;;​
 +
 +; All relative paths in this configuration file are relative to PHP's install
 +; prefix.
 +
 +; Include one or more files. If glob(3) exists, it is used to include a bunch of
 +; files from a glob(3) pattern. This directive can be used everywhere in the
 +; file.
 +include=/​etc/​php-fpm.d/​*.conf
 +
 +;;;;;;;;;;;;;;;;;;​
 +; Global Options ;
 +;;;;;;;;;;;;;;;;;;​
 +
 +[global]
 +; Pid file
 +; Default Value: none
 +pid = /​run/​php-fpm/​php-fpm.pid
 +
 +; Error log file
 +; If it's set to "​syslog",​ log is sent to syslogd instead of being written
 +; in a local file.
 +; Default Value: /​var/​log/​php-fpm.log
 +error_log = /​var/​log/​php-fpm/​error.log
 +
 +; syslog_facility is used to specify what type of program is logging the
 +; message. This lets syslogd specify that messages from different facilities
 +; will be handled differently.
 +; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
 +; Default Value: daemon
 +;​syslog.facility = daemon
 +
 +; syslog_ident is prepended to every message. If you have multiple FPM
 +; instances running on the same server, you can change the default value
 +; which must suit common needs.
 +; Default Value: php-fpm
 +;​syslog.ident = php-fpm
 +
 +; Log level
 +; Possible Values: alert, error, warning, notice, debug
 +; Default Value: notice
 +;log_level = notice
 +
 +; If this number of child processes exit with SIGSEGV or SIGBUS within the time
 +; interval set by emergency_restart_interval then FPM will restart. A value
 +; of '​0'​ means '​Off'​.
 +; Default Value: 0
 +;​emergency_restart_threshold = 0
 +
 +; Interval of time used by emergency_restart_interval to determine when 
 +; a graceful restart will be initiated. ​ This can be useful to work around
 +; accidental corruptions in an accelerator'​s shared memory.
 +; Available Units: s(econds), m(inutes), h(ours), or d(ays)
 +; Default Unit: seconds
 +; Default Value: 0
 +;​emergency_restart_interval = 0
 +
 +; Time limit for child processes to wait for a reaction on signals from master.
 +; Available units: s(econds), m(inutes), h(ours), or d(ays)
 +; Default Unit: seconds
 +; Default Value: 0
 +;​process_control_timeout = 0
 +
 +; The maximum number of processes FPM will fork. This has been design to control
 +; the global number of processes when using dynamic PM within a lot of pools.
 +; Use it with caution.
 +; Note: A value of 0 indicates no limit
 +; Default Value: 0
 +;​process.max = 128
 +
 +; Specify the nice(2) priority to apply to the master process (only if set)
 +; The value can vary from -19 (highest priority) to 20 (lower priority)
 +; Note: - It will only work if the FPM master process is launched as root
 +;       - The pool process will inherit the master process priority
 +;         ​unless it specified otherwise
 +; Default Value: no set
 +;​process.priority = -19
 +
 +; Send FPM to background. Set to '​no'​ to keep FPM in foreground for debugging.
 +; Default Value: yes
 +daemonize = yes
 +
 +; Set open file descriptor rlimit for the master process.
 +; Default Value: system defined value
 +;​rlimit_files = 1024
 +
 +; Set max core size rlimit for the master process.
 +; Possible Values: '​unlimited'​ or an integer greater or equal to 0
 +; Default Value: system defined value
 +;​rlimit_core = 0
 +
 +; Specify the event mechanism FPM will use. The following is available:
 +; - select ​    (any POSIX os)
 +; - poll       (any POSIX os)
 +; - epoll      (linux >= 2.5.44)
 +; Default Value: not set (auto detection)
 +;​events.mechanism = epoll
 +
 +; When FPM is build with systemd integration,​ specify the interval,
 +; in second, between health report notification to systemd.
 +; Set to 0 to disable.
 +; Available Units: s(econds), m(inutes), h(ours)
 +; Default Unit: seconds
 +; Default value: 10
 +;​systemd_interval = 10
 +
 +;;;;;;;;;;;;;;;;;;;;​
 +; Pool Definitions ; 
 +;;;;;;;;;;;;;;;;;;;;​
 +
 +; Multiple pools of child processes may be started with different listening
 +; ports and different management options. ​ The name of the pool will be
 +; used in logs and stats. There is no limitation on the number of pools which
 +; FPM can handle. Your system will tell you anyway :)
 +
 +; See /​etc/​php-fpm.d/​*.conf
 +
 +</​file>​
 +
 +=== php-fpm.conf (HTTPD) ===
 +Über die Konfigurationsdatei //​**/​etc/​httpd/​conf.d/​php-fpm.conf**//​ aus dem RPM-Paket **''​php70u-fpm-httpd''​** kann definiert werden, wie der PHP-Interpreter vom HTTP-Daemon angesprochen werden soll. 
 +
 +<WRAP center round tip 80%>
 +Der UNIX-Domain-Socket kann bei Apache 2.4 unter CentOS erst ab Version 2.10 unterstützt - für **CentOS 7** wurde diese Funktion aber nach Apache Version **2.4.6** zurück portiert und kann daher bei Bedarf auch konfiguriert und verwendet werden.
 +</​WRAP>​
 +
 +Je nach Umgebung und Konfigurationspräferenzen können diese Optionen entweder global in der Datei //​**/​etc/​httpd/​conf.d/​php-fpm.conf**//​ gesetzt, bzw. in den einzelnen **Apache-//​vHOST//​**-Konfigurationsdatei(en) im Verzeichnis //​**/​etc/​httpd/​conf.d**//​ hinterlegt werden.
 + 
 +   # vim /​etc/​httpd/​conf.d/​php-fpm.conf
 +
 +<file apache /​etc/​httpd/​conf.d/​php-fpm.conf>​
 +# This configuration requires httpd 2.4 with support for UDS (Unix domain
 +# sockets). ​ This was added upstream in version 2.4.10, and was also backported
 +# to 2.4.6 in EL7.
 +
 +# The following lines prevent .user.ini files from being viewed by Web clients.
 +<Files "​.user.ini">​
 +    Require all denied
 +</​Files>​
 +
 +# Allow php to handle Multiviews.
 +AddType text/html .php
 +
 +# Add index.php to the list of files that will be served as directory indexes.
 +DirectoryIndex index.php
 +
 +# Enable http authorization headers.
 +SetEnvIfNoCase ^Authorization$ "​(.+)"​ HTTP_AUTHORIZATION=$1
 +
 +<​FilesMatch \.php$>
 +    SetHandler "​proxy:​fcgi://​127.0.0.1:​9000"​
 +    #SetHandler "​proxy:​unix:/​run/​php-fpm/​www.sock|fcgi://​localhost"​
 +</​FilesMatch>​
 +</​file>​
 +
 +
 +=== www.conf (Pools) ===
 +Im Verzeichnis //​**/​etc/​php-fpm.d/​**//​ wird uns eine Beispielkonfigurationsdatei **''​www.conf''​** mitgeliefert. Mit Hilfe dieser Konfigurationsdatei bzw. -Dateien können unterschiedliche Pools definiert werden, die von den einzelnen Apache-Prozessen angesprochen werden und später bei Bedarf für den Dienst/​Daemon die einzelnen „Child-Threats“ starten wird.
 +
 +Diese Vorlage-Datei passen wir nun unseren Gegebenheiten nach an.
 +   # vim /​etc/​php-fpm.d/​www.conf
 +
 +<file php /​etc/​php-fpm.d/​www.conf>;​ Start a new pool named '​www'​.
 +; the variable $pool can we used in any directive and will be replaced by the
 +; pool name ('​www'​ here)
 +[www]
 +
 +; Per pool prefix
 +; It only applies on the following directives:
 +; - '​access.log'​
 +; - '​slowlog'​
 +; - '​listen'​ (unixsocket)
 +; - '​chroot'​
 +; - '​chdir'​
 +; - '​php_values'​
 +; - '​php_admin_values'​
 +; When not set, the global prefix (or @php_fpm_prefix@) applies instead.
 +; Note: This directive can also be relative to the global prefix.
 +; Default Value: none
 +;prefix = /​path/​to/​pools/​$pool
 +
 +; Unix user/group of processes
 +; Note: The user is mandatory. If the group is not set, the default user's group
 +;       will be used.
 +user = php-fpm
 +group = php-fpm
 +
 +; The address on which to accept FastCGI requests.
 +; Valid syntaxes are:
 +;   '​ip.add.re.ss:​port' ​   - to listen on a TCP socket to a specific IPv4 address on
 +;                            a specific port;
 +;   '​[ip:​6:​addr:​ess]:​port'​ - to listen on a TCP socket to a specific IPv6 address on
 +;                            a specific port;
 +;   '​port' ​                - to listen on a TCP socket to all addresses
 +;                            (IPv6 and IPv4-mapped) on a specific port;
 +;   '/​path/​to/​unix/​socket'​ - to listen on a unix socket.
 +; Note: This value is mandatory.
 +listen = 127.0.0.1:​9000
 +; WARNING: If you switch to a unix socket, you have to grant your webserver user
 +;          access to that socket by setting listen.acl_users to the webserver user.
 +;listen = /​run/​php-fpm/​www.sock
 +
 +; Set listen(2) backlog.
 +; Default Value: 511
 +;​listen.backlog = 511
 +
 +; Set permissions for unix socket, if one is used. In Linux, read/write
 +; permissions must be set in order to allow connections from a web server.
 +; Default Values: user and group are set as the running user
 +;                 mode is set to 0660
 +;​listen.owner = root
 +;​listen.group = root
 +;​listen.mode = 0660
 +
 +; When POSIX Access Control Lists are supported you can set them using
 +; these options, value is a comma separated list of user/group names.
 +; When set, listen.owner and listen.group are ignored
 +;​listen.acl_users = apache,​nginx
 +;​listen.acl_users = apache
 +;​listen.acl_users = nginx
 +;​listen.acl_groups =
 +
 +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
 +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
 +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
 +; must be separated by a comma. If this value is left blank, connections will be
 +; accepted from any ip address.
 +; Default Value: any
 +listen.allowed_clients = 127.0.0.1
 +
 +; Specify the nice(2) priority to apply to the pool processes (only if set)
 +; The value can vary from -19 (highest priority) to 20 (lower priority)
 +; Note: - It will only work if the FPM master process is launched as root
 +;       - The pool processes will inherit the master process priority
 +;         ​unless it specified otherwise
 +; Default Value: no set
 +; process.priority = -19
 +
 +; Choose how the process manager will control the number of child processes.
 +; Possible Values:
 +;   ​static ​ - a fixed number (pm.max_children) of child processes;
 +;   ​dynamic - the number of child processes are set dynamically based on the
 +;             ​following directives. With this process management, there will be
 +;             ​always at least 1 children.
 +;             ​pm.max_children ​     - the maximum number of children that can
 +;                                    be alive at the same time.
 +;             ​pm.start_servers ​    - the number of children created on startup.
 +;             ​pm.min_spare_servers - the minimum number of children in '​idle'​
 +;                                    state (waiting to process). If the number
 +;                                    of '​idle'​ processes is less than this
 +;                                    number then some children will be created.
 +;             ​pm.max_spare_servers - the maximum number of children in '​idle'​
 +;                                    state (waiting to process). If the number
 +;                                    of '​idle'​ processes is greater than this
 +;                                    number then some children will be killed.
 +;  ondemand - no children are created at startup. Children will be forked when
 +;             new requests will connect. The following parameter are used:
 +;             ​pm.max_children ​          - the maximum number of children that
 +;                                         can be alive at the same time.
 +;             ​pm.process_idle_timeout ​  - The number of seconds after which
 +;                                         an idle process will be killed.
 +; Note: This value is mandatory.
 +pm = dynamic
 +
 +; The number of child processes to be created when pm is set to '​static'​ and the
 +; maximum number of child processes when pm is set to '​dynamic'​ or '​ondemand'​.
 +; This value sets the limit on the number of simultaneous requests that will be
 +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
 +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
 +; CGI. The below defaults are based on a server without much resources. Don't
 +; forget to tweak pm.* to fit your needs.
 +; Note: Used when pm is set to '​static',​ '​dynamic'​ or '​ondemand'​
 +; Note: This value is mandatory.
 +pm.max_children = 50
 +
 +; The number of child processes created on startup.
 +; Note: Used only when pm is set to '​dynamic'​
 +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
 +pm.start_servers = 5
 +
 +; The desired minimum number of idle server processes.
 +; Note: Used only when pm is set to '​dynamic'​
 +; Note: Mandatory when pm is set to '​dynamic'​
 +pm.min_spare_servers = 5
 +
 +; The desired maximum number of idle server processes.
 +; Note: Used only when pm is set to '​dynamic'​
 +; Note: Mandatory when pm is set to '​dynamic'​
 +pm.max_spare_servers = 35
 +
 +; The number of seconds after which an idle process will be killed.
 +; Note: Used only when pm is set to '​ondemand'​
 +; Default Value: 10s
 +;​pm.process_idle_timeout = 10s;
 +
 +; The number of requests each child process should execute before respawning.
 +; This can be useful to work around memory leaks in 3rd party libraries. For
 +; endless request processing specify '​0'​. Equivalent to PHP_FCGI_MAX_REQUESTS.
 +; Default Value: 0
 +;​pm.max_requests = 500
 +
 +; The URI to view the FPM status page. If this value is not set, no URI will be
 +; recognized as a status page. It shows the following informations:​
 +;   ​pool ​                - the name of the pool;
 +;   ​process manager ​     - static, dynamic or ondemand;
 +;   start time           - the date and time FPM has started;
 +;   start since          - number of seconds since FPM has started;
 +;   ​accepted conn        - the number of request accepted by the pool;
 +;   ​listen queue         - the number of request in the queue of pending
 +;                          connections (see backlog in listen(2));
 +;   max listen queue     - the maximum number of requests in the queue
 +;                          of pending connections since FPM has started;
 +;   ​listen queue len     - the size of the socket queue of pending connections;​
 +;   idle processes ​      - the number of idle processes;
 +;   ​active processes ​    - the number of active processes;
 +;   total processes ​     - the number of idle + active processes;
 +;   max active processes - the maximum number of active processes since FPM
 +;                          has started;
 +;   max children reached - number of times, the process limit has been reached,
 +;                          when pm tries to start more children (works only for
 +;                          pm '​dynamic'​ and '​ondemand'​);​
 +; Value are updated in real time.
 +; Example output:
 +;   ​pool: ​                www
 +;   ​process manager: ​     static
 +;   start time:           ​01/​Jul/​2011:​17:​53:​49 +0200
 +;   start since: ​         62636
 +;   ​accepted conn:        190460
 +;   ​listen queue: ​        0
 +;   max listen queue: ​    1
 +;   ​listen queue len:     42
 +;   idle processes: ​      4
 +;   ​active processes: ​    11
 +;   total processes: ​     15
 +;   max active processes: 12
 +;   max children reached: 0
 +;
 +; By default the status page output is formatted as text/plain. Passing either
 +; '​html',​ '​xml'​ or '​json'​ in the query string will return the corresponding
 +; output syntax. Example:
 +;   ​http://​www.foo.bar/​status
 +;   ​http://​www.foo.bar/​status?​json
 +;   ​http://​www.foo.bar/​status?​html
 +;   ​http://​www.foo.bar/​status?​xml
 +;
 +; By default the status page only outputs short status. Passing '​full'​ in the
 +; query string will also return status for each pool process.
 +; Example:
 +;   ​http://​www.foo.bar/​status?​full
 +;   ​http://​www.foo.bar/​status?​json&​full
 +;   ​http://​www.foo.bar/​status?​html&​full
 +;   ​http://​www.foo.bar/​status?​xml&​full
 +; The Full status returns for each process:
 +;   ​pid ​                 - the PID of the process;
 +;   ​state ​               - the state of the process (Idle, Running, ...);
 +;   start time           - the date and time the process has started;
 +;   start since          - the number of seconds since the process has started;
 +;   ​requests ​            - the number of requests the process has served;
 +;   ​request duration ​    - the duration in µs of the requests;
 +;   ​request method ​      - the request method (GET, POST, ...);
 +;   ​request URI          - the request URI with the query string;
 +;   ​content length ​      - the content length of the request (only with POST);
 +;   ​user ​                - the user (PHP_AUTH_USER) (or '​-'​ if not set);
 +;   ​script ​              - the main script called (or '​-'​ if not set);
 +;   last request cpu     - the %cpu the last request consumed
 +;                          it's always 0 if the process is not in Idle state
 +;                          because CPU calculation is done when the request
 +;                          processing has terminated;
 +;   last request memory ​ - the max amount of memory the last request consumed
 +;                          it's always 0 if the process is not in Idle state
 +;                          because memory calculation is done when the request
 +;                          processing has terminated;
 +; If the process is in Idle state, then informations are related to the
 +; last request the process has served. Otherwise informations are related to
 +; the current request being served.
 +; Example output:
 +;   ​************************
 +;   ​pid: ​                 31330
 +;   ​state: ​               Running
 +;   start time:           ​01/​Jul/​2011:​17:​53:​49 +0200
 +;   start since: ​         63087
 +;   ​requests: ​            12808
 +;   ​request duration: ​    ​1250261
 +;   ​request method: ​      GET
 +;   ​request URI:          /​test_mem.php?​N=10000
 +;   ​content length: ​      0
 +;   ​user: ​                -
 +;   ​script: ​              /​home/​fat/​web/​docs/​php/​test_mem.php
 +;   last request cpu:     0.00
 +;   last request memory: ​ 0
 +;
 +; Note: There is a real-time FPM status monitoring sample web page available
 +;       ​It'​s available in: @EXPANDED_DATADIR@/​fpm/​status.html
 +;
 +; Note: The value must start with a leading slash (/). The value can be
 +;       ​anything,​ but it may not be a good idea to use the .php extension or it
 +;       may conflict with a real PHP file.
 +; Default Value: not set
 +;​pm.status_path = /status
 +
 +; The ping URI to call the monitoring page of FPM. If this value is not set, no
 +; URI will be recognized as a ping page. This could be used to test from outside
 +; that FPM is alive and responding, or to
 +; - create a graph of FPM availability (rrd or such);
 +; - remove a server from a group if it is not responding (load balancing);
 +; - trigger alerts for the operating team (24/7).
 +; Note: The value must start with a leading slash (/). The value can be
 +;       ​anything,​ but it may not be a good idea to use the .php extension or it
 +;       may conflict with a real PHP file.
 +; Default Value: not set
 +;ping.path = /ping
 +
 +; This directive may be used to customize the response of a ping request. The
 +; response is formatted as text/plain with a 200 response code.
 +; Default Value: pong
 +;​ping.response = pong
 +
 +; The access log file
 +; Default: not set
 +;access.log = log/​$pool.access.log
 +
 +; The access log format.
 +; The following syntax is allowed
 +;  %%: the '​%'​ character
 +;  %C: %CPU used by the request
 +;      it can accept the following format:
 +;      - %{user}C for user CPU only
 +;      - %{system}C for system CPU only
 +;      - %{total}C ​ for user + system CPU (default)
 +;  %d: time taken to serve the request
 +;      it can accept the following format:
 +;      - %{seconds}d (default)
 +;      - %{miliseconds}d
 +;      - %{mili}d
 +;      - %{microseconds}d
 +;      - %{micro}d
 +;  %e: an environment variable (same as $_ENV or $_SERVER)
 +;      it must be associated with embraces to specify the name of the env
 +;      variable. Some exemples:
 +;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
 +;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
 +;  %f: script filename
 +;  %l: content-length of the request (for POST request only)
 +;  %m: request method
 +;  %M: peak of memory allocated by PHP
 +;      it can accept the following format:
 +;      - %{bytes}M (default)
 +;      - %{kilobytes}M
 +;      - %{kilo}M
 +;      - %{megabytes}M
 +;      - %{mega}M
 +;  %n: pool name
 +;  %o: output header
 +;      it must be associated with embraces to specify the name of the header:
 +;      - %{Content-Type}o
 +;      - %{X-Powered-By}o
 +;      - %{Transfert-Encoding}o
 +;      - ....
 +;  %p: PID of the child that serviced the request
 +;  %P: PID of the parent of the child that serviced the request
 +;  %q: the query string
 +;  %Q: the '?'​ character if query string exists
 +;  %r: the request URI (without the query string, see %q and %Q)
 +;  %R: remote IP address
 +;  %s: status (response code)
 +;  %t: server time the request was received
 +;      it can accept a strftime(3) format:
 +;      %d/​%b/​%Y:​%H:​%M:​%S %z (default)
 +;      The strftime(3) format must be encapsuled in a %{<​strftime_format>​}t tag
 +;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:​%M:​%S%z}t
 +;  %T: time the log has been written (the request has finished)
 +;      it can accept a strftime(3) format:
 +;      %d/​%b/​%Y:​%H:​%M:​%S %z (default)
 +;      The strftime(3) format must be encapsuled in a %{<​strftime_format>​}t tag
 +;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:​%M:​%S%z}t
 +;  %u: remote user
 +;
 +; Default: "%R - %u %t \"%m %r\" %s"
 +;​access.format = "%R - %u %t \"%m %r%Q%q\"​ %s %f %{mili}d %{kilo}M %C%%"
 +
 +; The log file for slow requests
 +; Default Value: not set
 +; Note: slowlog is mandatory if request_slowlog_timeout is set
 +slowlog = /​var/​log/​php-fpm/​www-slow.log
 +
 +; The timeout for serving a single request after which a PHP backtrace will be
 +; dumped to the '​slowlog'​ file. A value of '​0s'​ means '​off'​.
 +; Available units: s(econds)(default),​ m(inutes), h(ours), or d(ays)
 +; Default Value: 0
 +;​request_slowlog_timeout = 0
 +
 +; The timeout for serving a single request after which the worker process will
 +; be killed. This option should be used when the '​max_execution_time'​ ini option
 +; does not stop script execution for some reason. A value of '​0'​ means '​off'​.
 +; Available units: s(econds)(default),​ m(inutes), h(ours), or d(ays)
 +; Default Value: 0
 +;​request_terminate_timeout = 0
 +
 +; Set open file descriptor rlimit.
 +; Default Value: system defined value
 +;​rlimit_files = 1024
 +
 +; Set max core size rlimit.
 +; Possible Values: '​unlimited'​ or an integer greater or equal to 0
 +; Default Value: system defined value
 +;​rlimit_core = 0
 +
 +; Chroot to this directory at the start. This value must be defined as an
 +; absolute path. When this value is not set, chroot is not used.
 +; Note: you can prefix with '​$prefix'​ to chroot to the pool prefix or one
 +; of its subdirectories. If the pool prefix is not set, the global prefix
 +; will be used instead.
 +; Note: chrooting is a great security feature and should be used whenever
 +;       ​possible. However, all PHP paths will be relative to the chroot
 +;       ​(error_log,​ sessions.save_path,​ ...).
 +; Default Value: not set
 +;chroot =
 +
 +; Chdir to this directory at the start.
 +; Note: relative path can be used.
 +; Default Value: current directory or / when chroot
 +;chdir = /var/www
 +
 +; Redirect worker stdout and stderr into main error log. If not set, stdout and
 +; stderr will be redirected to /dev/null according to FastCGI specs.
 +; Note: on highloaded environement,​ this can cause some delay in the page
 +; process time (several ms).
 +; Default Value: no
 +;​catch_workers_output = yes
 +
 +; Clear environment in FPM workers
 +; Prevents arbitrary environment variables from reaching FPM worker processes
 +; by clearing the environment in workers before env vars specified in this
 +; pool configuration are added.
 +; Setting to "​no"​ will make all environment variables available to PHP code
 +; via getenv(), $_ENV and $_SERVER.
 +; Default Value: yes
 +;clear_env = no
 +
 +; Limits the extensions of the main script FPM will allow to parse. This can
 +; prevent configuration mistakes on the web server side. You should only limit
 +; FPM to .php extensions to prevent malicious users to use other extensions to
 +; exectute php code.
 +; Note: set an empty value to allow all extensions.
 +; Default Value: .php
 +;​security.limit_extensions = .php .php3 .php4 .php5 .php7
 +
 +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
 +; the current environment.
 +; Default Value: clean env
 +;​env[HOSTNAME] = $HOSTNAME
 +;env[PATH] = /​usr/​local/​bin:/​usr/​bin:/​bin
 +;env[TMP] = /tmp
 +;​env[TMPDIR] = /tmp
 +;env[TEMP] = /tmp
 +
 +; Additional php.ini defines, specific to this pool of workers. These settings
 +; overwrite the values previously defined in the php.ini. The directives are the
 +; same as the PHP SAPI:
 +;   ​php_value/​php_flag ​            - you can set classic ini defines which can
 +;                                    be overwritten from PHP call '​ini_set'​.
 +;   ​php_admin_value/​php_admin_flag - these directives won't be overwritten by
 +;                                     PHP call '​ini_set'​
 +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
 +
 +; Defining '​extension'​ will load the corresponding shared extension from
 +; extension_dir. Defining '​disable_functions'​ or '​disable_classes'​ will not
 +; overwrite previously defined php.ini values, but will append the new value
 +; instead.
 +
 +; Note: path INI options can be relative and will be expanded with the prefix
 +; (pool, global or @prefix@)
 +
 +; Default Value: nothing is defined by default except the values in php.ini and
 +;                specified at startup with the -d argument
 +;​php_admin_value[sendmail_path] = /​usr/​sbin/​sendmail -t -i -f www@my.domain.com
 +;​php_flag[display_errors] = off
 +php_admin_value[error_log] = /​var/​log/​php-fpm/​www-error.log
 +php_admin_flag[log_errors] = on
 +;​php_admin_value[memory_limit] = 128M
 +
 +; Set data paths to directories owned by process user
 +php_value[session.save_handler] = files
 +php_value[session.save_path] ​   = /​var/​lib/​php/​fpm/​session
 +php_value[soap.wsdl_cache_dir] ​ = /​var/​lib/​php/​fpm/​wsdlcache
 +;​php_value[opcache.file_cache] ​ = /​var/​lib/​php/​fpm/​opcache
 +
 +</​file>​
 +
 +Auf folgende Parameter werfen wir nun ein besonderes Augenmerk:
 +  * **''​[nextcloud]''​** \\ Definition des Pool-Namens
 +  * **''​user = apache''​** und **''​group = apache''​** \\ **UID** und **GID** mit dem der **PHP-FPM** FastCGI Prozess Manager gestartet wird. Möchte man den PHP Interpreter und den HTTP-Daemon aus Sicherheitsgründen mit unterschiedlichen Rechten laufen lassen, belässt man den Standardeintrag. Ist aus Anwendungsgründen dies nicht möglich setzt man diese beiden Werte einfach auf die des Apache-Webservers.
 +  * **''​listen = 127.0.0.1:​9002''​** \\ IP-Adresse und Port an der der FastCGI Prozess Manager Verbindungen des HTTP-Daemon entgegennehmen soll. Da der FastCGI Prozess Manager und der Apache-Webserver auf dem gleichen Host laufen, wählen wir hier die Adresse **127.0.0.1**.
 +  * **''​listen.allowed_clients = 127.0.0.1''​** \\ Angabe des Clients-/​Hosts der sich mit dem FastCGI Prozess Manager verbinden darf. Da der FastCGI Prozess Manager und der Apache-Webserver auf dem gleichen Host laufen, wählen wir hier die Adresse **127.0.0.1**.
 +  * **''​pm.status_path = /​nextcloud-pool-status''​** \\ URI der Status Seite des **FPM** FastCGI Prozess Managers. Neben der Definition der URI ist es __zusätzlich__ noch erforderlich,​ eine **Lacation** in einem vHOST oder in einer eigenen Konfigurationsdatei zu definieren. Im folgenden Konfigurationsbeispiel werden wir eine eigene Konfigurationsdatei dazu verwenden. Den Zugriff auf die Statusseite,​ sicher wir natürlich entsprechend ab, so dass sich ausschließlich unser Administrator des WEB-Servers entsprechend anmelden muss. Eine obligatorische Absicherung des Transportkanals mittels **[[/​centos:​web_c7:​apache_2|TLS]]** muss nicht näher erläutert werden! <​code>​ # vim /​etc/​httpd/​conf.d/​nextcloud-pool-status.conf</​code><​file apache /​etc/​httpd/​conf.d/​nextcloud-pool-status.conf> ​   <​Location /​nextcloud-pool-status>​
 +        SetHandler "​proxy:​fcgi://​127.0.0.1:​9002"​
 +        AuthType Basic
 +        AuthName "Fuer den Zugriff auf den Webserver bitte Anmeldedaten eingeben!"​
 +        AuthBasicProvider ldap
 +        AuthLDAPUrl ldaps://​openldap.dmz.nausch.org:​636/​ou=People,​dc=nausch,​dc=org?​uid
 +        AuthLDAPBindDN cn=Technischer_User,​dc=nausch,​dc=org
 +        AuthLDAPBindPassword "​e1n531f!D4xIi57n38103034u!"​
 +        AuthLDAPBindAuthoritative on
 +        Require ldap-user webserver-admin
 +    </​Location>​
 +</​file>​ In der Konfigurationsdatei finden sich ausführliche Hinweise zu den Ausgabemöglichkeiten bei der Statusabfrage. \\ Bsp.: **text** <​code>​pool: ​                ​nextcloud
 +process manager: ​     dynamic
 +start time:           ​07/​Aug/​2017:​17:​33:​25 +0200
 +start since: ​         15054
 +accepted conn:        2723
 +listen queue: ​        0
 +max listen queue: ​    0
 +listen queue len:     128
 +idle processes: ​      7
 +active processes: ​    1
 +total processes: ​     8
 +max active processes: 3
 +max children reached: 0
 +slow requests: ​       </​code>​
 +Nachfolgendes Beispiel zeigt exemplarisch die detailierte html-Ausgabe. {{ :​centos:​web_c7:​php-fpm-statuspage.png?​nolink&​800 |Bild: PHP-FPM Statusseite}}
 +  * **''​slowlog = /​var/​log/​php-fpm/​www-slow.log''​** \\ Name der Loddatei in der die slow query logs protokolliert werden sollen.
 +  * **''​php_admin_value[error_log] = /​var/​log/​php-fpm/​nextcloud-error.log''​** \\ Name der Logdatei in der PHP-Fehlermeldungen geschrieben werden sollen. ​
 +
 +==== Aktivieren der Programmänderungen ====
 +Zum Aktiveren unsere durchgeführten Konfigurationsänderungen starten wir nun einmal den Apache-Webserver durch. Zuvor überprüfen wir aber noch, ob sich in den Apache-Konfigurationsdateien ein syntaktischer Fehler eingeschlichen hat.
 +   # apachectl -t
 +
 +  Syntax OK
 +
 +Nun können wir den HTTP-Daemon einmal durchstarten
 +   # systemctl restart httpd.service
 +
 +Den erfolgreichen Neustart des Webservers können wir nun auch abfragen.
 +   # systemctl status httpd.service ​
 +
 +<​html><​pre class="​code">​
 +<font style="​color:​ rgb(29, 180, 29)"><​b>​●</​b></​font>​ httpd.service - The Apache HTTP Server
 +   ​Loaded:​ loaded (/​etc/​systemd/​system/​httpd.service;​ enabled; vendor preset: disabled)
 +   ​Active:​ <font style="​color:​ rgb(29, 180, 29)"><​b>​active (running) since</​b></​font>​ Mon 2017-08-07 22:21:37 CEST; 2min 41s ago
 +     Docs: man:​httpd(8)
 +           ​man:​apachectl(8)
 +  Process: 9894 ExecStop=/​bin/​kill -WINCH ${MAINPID} (code=exited,​ status=0/​SUCCESS)
 +  Process: 12446 ExecReload=/​usr/​sbin/​httpd $OPTIONS -k graceful (code=exited,​ status=0/​SUCCESS)
 + Main PID: 9898 (httpd)
 +   ​Status:​ "Total requests: 39; Current requests/​sec:​ 0.2; Current traffic: 614 B/sec"
 +   ​CGroup:​ /​system.slice/​httpd.service
 +           ​├─9898 /​usr/​sbin/​httpd -DFOREGROUND
 +           ​├─9899 /​usr/​sbin/​httpd -DFOREGROUND
 +           ​├─9900 /​usr/​sbin/​httpd -DFOREGROUND
 +           ​├─9901 /​usr/​sbin/​httpd -DFOREGROUND
 +           ​├─9904 /​usr/​sbin/​httpd -DFOREGROUND
 +           ​└─9985 /​usr/​sbin/​httpd -DFOREGROUND
 +
 +Aug 07 22:21:37 vml000107.dmz.nausch.org systemd[1]: Starting The Apache HTTP Server...
 +Aug 07 22:21:37 vml000107.dmz.nausch.org systemd[1]: Started The Apache HTTP Server.</​font></​pre>​
 +</​html>​
 +
 +Anschließend starten wir den **PHP-FPM**-Daemon einmal durch.
 +   # systemctl restart php-fpm.service
 +
 +Auch hier können wir den erfolgreichen Restart abfragen.
 +
 +
 +<​html><​pre class="​code">​
 +<font style="​color:​ rgb(29, 180, 29)"><​b>​●</​b></​font>​ php-fpm.service - The PHP FastCGI Process Manager
 +   ​Loaded:​ loaded (/​usr/​lib/​systemd/​system/​php-fpm.service;​ enabled; vendor preset: disabled)
 +   ​Active:​ <font style="​color:​ rgb(29, 180, 29)"><​b>​active (running) since</​b></​font>​ Mon 2017-08-07 22:28:33 CEST; 44s ago
 + Main PID: 10260 (php-fpm)
 +   ​Status:​ "​Processes active: 1, idle: 15, Requests: 6, slow: 0, Traffic: 0.2req/​sec"​
 +   ​CGroup:​ /​system.slice/​php-fpm.service
 +           ​├─10260 php-fpm: master process (/​etc/​php-fpm.conf)
 +           ​├─10261 php-fpm: pool fpm
 +           ​├─10262 php-fpm: pool fpm
 +           ​├─10263 php-fpm: pool fpm
 +           ​├─10264 php-fpm: pool fpm
 +           ​├─10265 php-fpm: pool fpm
 +           ​├─10266 php-fpm: pool nextcloud
 +           ​├─10267 php-fpm: pool nextcloud
 +           ​├─10268 php-fpm: pool nextcloud
 +           ​├─10269 php-fpm: pool nextcloud
 +           ​├─10270 php-fpm: pool nextcloud
 +           ​├─10271 php-fpm: pool www
 +           ​├─10272 php-fpm: pool www
 +           ​├─10273 php-fpm: pool www
 +           ​├─10274 php-fpm: pool www
 +           ​├─10275 php-fpm: pool www
 +           ​├─10276 php-fpm: pool nextcloud
 +           ​└─10290 php-fpm: pool fpm
 +
 +Aug 07 22:28:33 vml000107.dmz.nausch.org systemd[1]: Starting The PHP FastCGI Process Manager...
 +Aug 07 22:28:33 vml000107.dmz.nausch.org systemd[1]: Started The PHP FastCGI Process Manager.</​font></​pre>​
 +</​html>​
 +
 +Alternativ dazu kann auch mit nachfolgendem Befehlsaufruf überprüft werden welche Prozesse mit den zugehörigen Pools gestartet wurden.
 +   # ps auxwwwf | grep php
 +<​code>​root ​    ​10331 ​ 0.0  0.0 112644 ​  928 pts/0    S+   ​22:​31 ​  ​0:​00 ​                     \_ grep --color=auto php
 +root     ​10260 ​ 0.0  0.7 466980 30676 ?        Ss   ​22:​28 ​  0:00 php-fpm: master process (/​etc/​php-fpm.conf)
 +php-fpm ​ 10261  0.2  0.7 559724 30696 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool fpm
 +php-fpm ​ 10262  0.0  0.5 467528 20792 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool fpm
 +php-fpm ​ 10263  0.0  0.4 467520 17476 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool fpm
 +php-fpm ​ 10264  0.0  0.1 466860 ​ 6996 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool fpm
 +php-fpm ​ 10265  0.0  0.1 466860 ​ 7000 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool fpm
 +apache ​  ​10266 ​ 0.5  0.7 471888 30596 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool nextcloud
 +apache ​  ​10267 ​ 0.4  0.6 471832 27628 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool nextcloud
 +apache ​  ​10268 ​ 0.3  0.7 473876 29936 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool nextcloud
 +apache ​  ​10269 ​ 0.3  0.5 469780 22724 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool nextcloud
 +apache ​  ​10270 ​ 0.1  0.6 471836 27720 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool nextcloud
 +apache ​  ​10271 ​ 0.0  0.1 466860 ​ 6996 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool www
 +apache ​  ​10272 ​ 0.0  0.1 466860 ​ 6996 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool www
 +apache ​  ​10273 ​ 0.0  0.1 466860 ​ 6996 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool www
 +apache ​  ​10274 ​ 0.0  0.1 466860 ​ 6996 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool www
 +apache ​  ​10275 ​ 0.0  0.1 466860 ​ 7000 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool www
 +apache ​  ​10276 ​ 0.3  0.6 471828 26136 ?        S    22:28   ​0:​00 ​ \_ php-fpm: pool nextcloud
 +php-fpm ​ 10290  0.0  0.1 466860 ​ 7012 ?        S    22:29   ​0:​00 ​ \_ php-fpm: pool fpm</​code>​
 +
 +===== Überprüfung der verwendeten PHP-API =====
 +Zum Schluss wollen wir noch prüfen, ob auch wirklich die gewünschte PHP-API sich in Verwendung befindet. Hierzu legen wir eine einfache Textdatei im Document-ROOT unseres Webservers ab und rufen die zugehörige UIR über den Browser unserer Wahl auf.
 +
 +==== PHP Info bei Verwendung von mod_php ====
 +Das erste Beispiel zeigt die Verwendung des **//Apache 2.0 Handlers//​** an, der bei Verwendung der originären PHP-Anbindung mit Hilfe von **mod_php** zur Anwendung kommt.
 +   # echo '<?​php phpinfo(); ?>' > /​srv/​www/​html/​info.php
 +
 +   $ firefox 10.0.0.107/​info.php
 +
 +{{ :​centos:​web_c7:​info-mod_php.png?​nolink&​800 |Bild: PHP Info unter Verwendung von mod_php}}
 +
 +   # rm /​srv/​www/​html/​info.php
 +
 +Da die Datei **info.php** nur zu Demozwecken notwendig war, können wir dies nun auch wieder löschen.
 +==== PHP Info bei Verwendung von php-fpm ====
 +Das zweite Beispiel zeigt die erfolgreiche Verwendung des alternativen //**FastCGI Prozess Managers**//:​ __FPM/​FastCGI__. ​
 +   # echo '<?​php phpinfo(); ?>' > /​srv/​www/​html/​info.php
 +
 +   $ firefox 10.0.0.107/​info.php
 +
 +{{ :​centos:​web_c7:​info-php-fpm.png?​nolink&​800 |Bild: PHP Info unter Verwendung von php-fpm}}
 +
 +Da auch hier dies nur ein Demonstrationszweck war, entfernen wir auch hier wieder die zuvor angelegte Testdatei **info.php**.
 +   # rm /​srv/​www/​html/​info.php
 +
 +====== Links ======
 +  * **[[centos:​web_c7:​start| ⇐ Zurück zu Kapitel "​Webserverinstallation unter CentOS 7.x"​]]**
 +  * **[[wiki:​start|Zurück zu Projekte und Themenkapitel]]**
 +  * **[[http://​dokuwiki.nausch.org/​doku.php/​|Zurück zur Startseite]]**
 +