Jump to content
Froxlor Forum
  • 0

OpCache pro PHP-FPM Pool/Domain


mrmanuel

Question

Hallo,

ich würde gerne den OpCache Speicherplatz pro Pool/Domain nutzen. Aktuell wird der Speicherplatz jedoch pro PHP Konfiguration geteilt, d.h. alle Scripts der Domains welche dieselbe PHP Konfiguration verwenden werden mir im OpCache angezeigt. Laut meiner Recherche sollte der OpCache Speicherplatz nur vom jeweiligen PHP-FPM Pool genutzt werden. Da pro Domain ein PHP-FPM Pool angelegt wird, sollte dies doch nicht für alle geteilt werden?

 

# Scripts welche im selben OpCache Speicherplatz gecached werden

/var/customers/webs/customer01/domain-1.com/test-1.php
/var/customers/webs/customer01/domain-2.com/test-2.php
/var/customers/webs/customer01/domain-3.com/test-3.php
/var/customers/webs/customer02/domain-4.com/test-4.php
/var/customers/webs/customer02/domain-5.com/test-5.php

 

# PHP-FPM Einstellungen

grafik.thumb.png.6e83027a51f6670f61ac132e166a8c6a.png

 

# PHP Konfiguration

grafik.thumb.png.64fa9a6141eda89d4ff5d6d2419e2e4e.png

php.ini settings

allow_url_fopen = Off
allow_url_include = Off
auto_append_file =
auto_globals_jit = On
auto_prepend_file =
bcmath.scale = 0
cli_server.color = On
default_charset = "UTF-8"
default_mimetype = "text/html"
default_socket_timeout = 60
asp_tags = Off
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_exec,curl_multi_exec,exec,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system
display_errors = Off
display_startup_errors = Off
doc_root =
enable_dl = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE
expose_php = Off
file_uploads = On
html_errors = On
ignore_repeated_errors = Off
ignore_repeated_source = Off
include_path = ".:{PEAR_DIR}"
implicit_flush = Off
ldap.max_links = -1
log_errors = On
log_errors_max_len = 1024
mail.add_x_header = Off
max_execution_time = 30
max_file_uploads = 20
max_input_time = 60
memory_limit = 48M
{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"
output_buffering = 4096
post_max_size = 16M
precision = 14
register_argc_argv = Off
report_memleaks = On
request_order = "GP"
sendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"
serialize_precision = -1
session.auto_start = 0
session.cache_expire = 180
session.cache_limiter = nocache
session.cookie_domain =
session.cookie_httponly =
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_samesite =
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.gc_probability = 0
session.name = PHPSESSID
session.referer_check =
session.save_handler = files
session.save_path = "{TMP_DIR}"
session.serialize_handler = php
session.sid_bits_per_character = 5
session.sid_length = 26
session.trans_sid_tags = "a=href,area=href,frame=src,form="
session.use_cookies = 1
session.use_only_cookies = 1
session.use_strict_mode = 0
session.use_trans_sid = 0
short_open_tag = On
upload_max_filesize = 16M
upload_tmp_dir = "{TMP_DIR}"
variables_order = "GPCS"


apc.enabled=0
apc.shm_size=1M

opcache.enable=1
opcache.memory_consumption=16
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=16229
opcache.validate_timestamps=1
opcache.save_comments=1
opcache.revalidate_freq=60
opcache.fast_shutdown=1

opcache.restrict_api = "{DOCUMENT_ROOT}"

 

# PHP-FPM Pools welche erstellt werden

root@froxlorserver:/etc/php/7.4/fpm/pool.d# ls -l
total 20
-rw-r--r-- 1 root root 3420 Dec 21 19:49 domain-1.conf
-rw-r--r-- 1 root root 3528 Dec 21 19:49 domain-2.conf
-rw-r--r-- 1 root root 3454 Dec 21 19:49 domain-3.conf
-rw-r--r-- 1 root root 3480 Dec 21 19:49 domain-4.conf
-rw-r--r-- 1 root root 3096 Dec 21 19:49 domain-5.conf

 

# domain-1.conf (domain-2.conf und domain-3.conf ist bis auf den Domainnamen gleich)

root@froxlorserver:/etc/php/7.4/fpm/pool.d# cat domain-1.com.conf 
;PHP-FPM configuration for "domain-1.com" created on 2021.12.21 19:49:47
[domain-1.com]
listen = /var/lib/apache2/fastcgi/1-customer01-domain-1.com-php-fpm.socket
listen.owner = customer01
listen.group = customer01
listen.mode = 0660
user = customer01
group = customer01
pm = dynamic
pm.max_children = 10
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 4
pm.max_requests = 200
;chroot = /var/customers/webs/customer01/domain-1.com/
security.limit_extensions = .php
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /var/customers/tmp/customer01/
env[TMPDIR] = /var/customers/tmp/customer01/
env[TEMP] = /var/customers/tmp/customer01/
php_admin_value[upload_tmp_dir] = /var/customers/tmp/customer01/


php_admin_flag[allow_url_fopen] = Off
php_admin_flag[allow_url_include] = Off
php_value[auto_append_file] = 
php_value[auto_prepend_file] = 
php_value[default_charset] = "UTF-8"
php_flag[asp_tags] = Off
php_admin_value[disable_functions] = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_multi_exec,exec,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system
php_flag[display_errors] = Off
php_flag[display_startup_errors] = Off
php_admin_flag[enable_dl] = Off
php_value[error_reporting] = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE
php_admin_flag[expose_php] = Off
php_admin_flag[file_uploads] = On
php_flag[html_errors] = On
php_admin_flag[ignore_repeated_errors] = Off
php_admin_flag[ignore_repeated_source] = Off
php_value[include_path] = ".:/usr/share/php/"
php_flag[log_errors] = On
php_admin_flag[log_errors] = On
php_value[log_errors_max_len] = 1024
php_flag[mail.add_x_header] = Off
php_value[max_execution_time] = 30
php_admin_value[max_input_time] = 60
php_admin_value[memory_limit] = 48M
php_admin_value[open_basedir] = "/var/customers/webs/customer01/domain-1.com:/var/customers/tmp/customer01:/usr/share/php:/tmp"
php_admin_value[output_buffering] = 4096
php_admin_value[post_max_size] = 16M
php_admin_value[precision] = 14
php_admin_flag[register_argc_argv] = Off
php_admin_flag[report_memleaks] = On
php_admin_value[sendmail_path] = "/usr/sbin/sendmail -t -i -f support@domain.tld"
php_value[session.auto_start] = 0
php_value[session.cookie_domain] = 
php_value[session.cookie_lifetime] = 0
php_value[session.cookie_path] = /
php_admin_value[session.gc_divisor] = 1000
php_admin_value[session.gc_probability] = 0
php_value[session.name] = PHPSESSID
php_value[session.serialize_handler] = php
php_flag[session.use_cookies] = 1
php_flag[short_open_tag] = On
php_value[upload_max_filesize] = 16M
php_admin_value[variables_order] = "GPCS"
php_admin_flag[opcache.enable] = 1
php_admin_value[opcache.memory_consumption] = 256
php_admin_value[opcache.interned_strings_buffer] = 8
php_admin_value[opcache.max_accelerated_files] = 16229
php_admin_flag[opcache.validate_timestamps] = 1
php_admin_flag[opcache.save_comments] = 1
php_admin_value[opcache.revalidate_freq] = 60
php_admin_flag[opcache.fast_shutdown] = 1
php_admin_value[opcache.restrict_api] = "/var/customers/webs/customer01/domain-1.com/"
php_admin_value[session.save_path] = /var/customers/tmp/customer01/

 

# domain-4.conf (domain-5.conf ist bis auf den Domainnamen gleich)

root@froxlorserver:/etc/php/7.4/fpm/pool.d# cat domain-4.com.conf 
;PHP-FPM configuration for "domain-4.com" created on 2021.12.21 19:49:47
[domain-4.com]
listen = /var/lib/apache2/fastcgi/1-customer02-domain-4.com-php-fpm.socket
listen.owner = customer02
listen.group = customer02
listen.mode = 0660
user = customer02
group = customer02
pm = dynamic
pm.max_children = 10
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 4
pm.max_requests = 200
;chroot = /var/customers/webs/customer02/domain-4.com/
security.limit_extensions = .php
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /var/customers/tmp/customer02/
env[TMPDIR] = /var/customers/tmp/customer02/
env[TEMP] = /var/customers/tmp/customer02/
php_admin_value[upload_tmp_dir] = /var/customers/tmp/customer02/


php_admin_flag[allow_url_fopen] = Off
php_admin_flag[allow_url_include] = Off
php_value[auto_append_file] = 
php_value[auto_prepend_file] = 
php_value[default_charset] = "UTF-8"
php_flag[asp_tags] = Off
php_admin_value[disable_functions] = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,curl_multi_exec,exec,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system
php_flag[display_errors] = Off
php_flag[display_startup_errors] = Off
php_admin_flag[enable_dl] = Off
php_value[error_reporting] = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE
php_admin_flag[expose_php] = Off
php_admin_flag[file_uploads] = On
php_flag[html_errors] = On
php_admin_flag[ignore_repeated_errors] = Off
php_admin_flag[ignore_repeated_source] = Off
php_value[include_path] = ".:/usr/share/php/"
php_flag[log_errors] = On
php_admin_flag[log_errors] = On
php_value[log_errors_max_len] = 1024
php_flag[mail.add_x_header] = Off
php_value[max_execution_time] = 30
php_admin_value[max_input_time] = 60
php_admin_value[memory_limit] = 48M
php_admin_value[open_basedir] = "/var/customers/webs/customer02/domain-4.com:/var/customers/tmp/customer02:/usr/share/php:/tmp"
php_admin_value[output_buffering] = 4096
php_admin_value[post_max_size] = 16M
php_admin_value[precision] = 14
php_admin_flag[register_argc_argv] = Off
php_admin_flag[report_memleaks] = On
php_admin_value[sendmail_path] = "/usr/sbin/sendmail -t -i -f support@domain.tld"
php_value[session.auto_start] = 0
php_value[session.cookie_domain] = 
php_value[session.cookie_lifetime] = 0
php_value[session.cookie_path] = /
php_admin_value[session.gc_divisor] = 1000
php_admin_value[session.gc_probability] = 0
php_value[session.name] = PHPSESSID
php_value[session.serialize_handler] = php
php_flag[session.use_cookies] = 1
php_flag[short_open_tag] = On
php_value[upload_max_filesize] = 16M
php_admin_value[variables_order] = "GPCS"
php_admin_flag[opcache.enable] = 1
php_admin_value[opcache.memory_consumption] = 256
php_admin_value[opcache.interned_strings_buffer] = 8
php_admin_value[opcache.max_accelerated_files] = 16229
php_admin_flag[opcache.validate_timestamps] = 1
php_admin_flag[opcache.save_comments] = 1
php_admin_value[opcache.revalidate_freq] = 60
php_admin_flag[opcache.fast_shutdown] = 1
php_admin_value[opcache.restrict_api] = "/var/customers/webs/customer02/domain-4.com/"
php_admin_value[session.save_path] = /var/customers/tmp/customer02/

 

Sollten noch Infos benötigt werden, kann ich diese gerne nachreichen.

Vielen Dank im Voraus!

Grüße,
Manuel

Link to comment
Share on other sites

7 answers to this question

Recommended Posts

  • 0

Sollte durch opcache.restrict_api und opcache.use_cwd=1 (default) eigentlich kein problem sein. Du könntest noch opcache.validate_permission auf 1 setzen (Validates the cached file permissions against the current user.) PHP default ist hier wohl 0 (aus). Du musst allerdings hierfür opcache.validate_permission noch in die PHP-FPM Versions Konfiguration eintragen als "erlaubter" php.ini eintrag, das müsste ein php_flag/php_admin_flag sein

Link to comment
Share on other sites

  • 0

Hallo d00p,

danke für deine schnelle Antwort. Leider hat das nicht funktioniert. In der domain-1.conf werden die Werte zwar geschrieben, über die OPcache Info auch angezeigt, trotzdem werden mir alle Scripts derselben PHP-FPM Version angezeigt. Das Blöde ist eben, dass ich mir bezüglich des Speicherverbrauchs nicht sicher sein kann, da ich dort solche Werte erhalte:

grafik.thumb.png.a9f77ac67049b1c4de3fa334fe4d417c.png

Link to comment
Share on other sites

  • 0

Das mache ich bereits. Ich habe zum Testen bei jeder Domain eine opcache.php (https://github.com/rlerdorf/opcache-status) hinterlegt. Das Script wird somit für domain-1.com bis domain-3.com mit dem User customer01 und für domain-3.com und domain-4.com mit dem User customer02 ausgeführt. Trotzdem werden alle Scripts aller PHP-FPM Pools, welche dieselbe PHP-FPM Version verwenden, in einen Topf geschmissen. Ist das Verhalten bei PHP-FPM normal? Ich habe einen anderen Server der dieselbe php.ini hat jedoch PHP-FGCI statt PHP-FPM verwendet. Dort wird korrekt pro Domain der OPcache zur Verfügung gestellt und nicht pro PHP Version.

Werden die Cache Dateien nur im RAM abgelegt oder kann ich irgendwelche Berechtigungen im Filesystem prüfen?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×
×
  • Create New...