Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:116916 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 47062 invoked from network); 23 Jan 2022 19:28:11 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 23 Jan 2022 19:28:11 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id A03E71804BA for ; Sun, 23 Jan 2022 12:40:12 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-io1-f43.google.com (mail-io1-f43.google.com [209.85.166.43]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Sun, 23 Jan 2022 12:40:09 -0800 (PST) Received: by mail-io1-f43.google.com with SMTP id v6so17170313iom.6 for ; Sun, 23 Jan 2022 12:40:09 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=31ggVCty97YiOe8V6D8CjvGlQXY700v8ilZ14gVlGCc=; b=TcwMyhmCFaaS/5G8jRLAaQUqlocNu70wQyr3qeoZqKf1gwEuQzj4mvt8Wg7tunEPng CuK+Y2CDhcRXIeOPGmMRadMMq0X/4So5ljZ2BUCjepGZpgtJH3LESiAz70dPC1boZ9dK rb+VA3lMKNJkwIWr/32Ii1IETFBSg3WDiY0sA2TBVyszq4vB6YC+4KRj57GlM3t5cgTx ov3Eq/3CTVJg0NAe1u7MjHHt05sYfTQ92OYzL+hCEMxMwFZ4MxwY7ydDvVqrCc8XpIvH XlpgEwEnOmm5FL7dhXEi6hrwGxdbJyAUgF4VPb99ILlxTvreGy9cQADEJHOxlOKSGAaJ qp2A== X-Gm-Message-State: AOAM533c3wxNjkz3k7Z3At7FuZAKI/sEYwSRtMCPBtO2pLhW0nh0TzJj BAfUWFFG11msJRwcISfIQVTNfUmeEkpuMdE7DAmKCevik+U= X-Google-Smtp-Source: ABdhPJxvuQJXaDBo7/Vs/kAGUze7UguUxRG+X4gkqdZMcF7QSapZ8P+G3OdHg0P2+opuWwKwXT2+2Q957hQHa3nq7aY= X-Received: by 2002:a05:6638:32a5:: with SMTP id f37mr5534974jav.208.1642970408481; Sun, 23 Jan 2022 12:40:08 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: Date: Sun, 23 Jan 2022 20:39:57 +0000 Message-ID: To: Adam Hamsik Cc: PHP internals list Content-Type: multipart/alternative; boundary="00000000000092f5aa05d645db3b" Subject: Re: [PHP-DEV] Best way to monitor php-fpm container liveness on Kubernetes From: bukka@php.net (Jakub Zelenka) --00000000000092f5aa05d645db3b Content-Type: text/plain; charset="UTF-8" Hi On Sat, Jan 22, 2022 at 8:00 PM Adam Hamsik wrote: > Hello, > > We are using PHP for our application backends, this works very well as we > have developed s imple way to clone them with minimal effort(they can be > very similar). For our orchestration we are using Kubernetes (>= 1.21). Our > application pod generally contains NGINX + php-fpm and fluentbit for log > shipping. We generally want to have LivenessProbe(for an simple explanation > this is a simple check which is run against our pod to verify if it's > alive, if it fails particular container will be restarted). > > This works very we(we are also using swoole which is roughly 80-70% > better)l, but in certain unstable situations when we see higher application > latency (db problem or a bug in our application). We often experience > problems, because pods are falsely marked as dead (failed liveness probe > and restarted by kubelet). This happens all processes in our static pool > are allocated to application requests. For our livenessProbe we tried to > use both fpm.ping and fpm.status endpoints but both of them behave in a > same way as they are managed with worker processes. > > I had a look at pgp-src repo if e.g. we can use signals to verify if > application server is running as a way to go around our issue. When looking > at this I saw fpm-systemd.c which is a SystemD specific check. This check > reports fpm status every couple seconds(configurable to systemd). Would you > be willing to integrate similar feature for kubernetes. This would be based > on a pull model probably with and REST interface. > > My idea is following: > > 1) During startup if this is enabled php-fpm master will open a secondary > port pm.health_port(9001) and listen for a pm.health_path(/healtz)[2]. > 2) If we receive GET request fpm master process will respond with HTTP > code 200 and string ok. If anything is wrong (we can later add some > checks/metrics to make sure fpm is in a good state). If we do not respond > or fpm is not ok our LivenessProbe will fail. based on configuration this > will trigger container restart. > > Would you be interested to integrate feature like this ? or is there any > other way how we can achieve similar results ? > > This is already being tracked as https://bugs.php.net/bug.php?id=68678 . You could probably already use pm.status_listen but which should cover what you need. We should eventually add support for ping.listen . It's a bit lower priority on my list because status already sort of cover it but if someone wants to send a PR for that, than I will be happy to review it - I would imagine that the implementation will be pretty much the same like pm.status_listen. I'm wondering if it would be also useful to add HTTP support for ping because currently it's just FCGI so you still need to hit it through web server, right? Adding HTTP support could be a bit harder as it would need to be a different listener... Regards Jakub --00000000000092f5aa05d645db3b--