503后端获取失败并"VSM:无法获取varnishd,它正在运行吗?“但它是活跃的
503后端获取失败并"VSM:无法获取varnishd,它正在运行吗?“但它是活跃的
提问于 2021-11-02 21:43:34
我在Nginx上与Drupal一起安装的Varnish有问题
nginx.conf:
user daemon daemon;
worker_processes auto;
error_log "/opt/bitnami/nginx/logs/error.log";
pid "/opt/bitnami/nginx/tmp/nginx.pid";
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log "/opt/bitnami/nginx/logs/access.log";
client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2;
proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2;
fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2;
scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2;
uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2;
sendfile on;
tcp_nopush on;
tcp_nodelay off;
#gzip off;
#gzip_http_version 1.0;
#gzip_comp_level 2;
#gzip_proxied any;
#gzip_types text/plain text/css text/js text/xml text/javascript application/javascript application/json application/xml application/xml+rss image/svg+xml;
keepalive_timeout 65;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
client_max_body_size 80M;
server_tokens off;
include "/opt/bitnami/nginx/conf/server_blocks/*.conf";
# HTTP Server
server {
# Port to listen on, can also be set in IP:PORT format
listen 8080;
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
location / {
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080;
}
location /status {
stub_status on;
access_log off;
allow 127.0.0.1;
}
location ~* .(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
expires 7d;
}
}
}drupal-https-server-block:
server {
# Port to listen on, can also be set in IP:PORT format
listen 443 ssl http2 default_server;
root /opt/bitnami/drupal;
# Catch-all server block See:
# https://nginx.org/en/docs/http/server_names.html#miscellaneous_names
server_name _;
ssl_certificate bitnami/certs/server.crt;
ssl_certificate_key bitnami/certs/server.key;
location / {
# Set recommended by Nginx version
proxy_http_version 1.1;
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
try_files $uri /index.php?$query_string;
}
location = /favicon.ico { log_not_found off; access_log off;
}
location = /robots.txt { allow all; log_not_found off; access_log off;
}
location ~ ^/sites/.*/private/ { return 403;
}
# Block access to scripts in site files directory
location ~ ^/sites/[^/]+/files/.*\.php$ { deny all;
}
# Allow "Well-Known URIs" as per RFC 5785
location ~* ^/.well-known/ { allow all;
}
location @rewrite { rewrite ^/(.*)$ /index.php?q=$1;
}
# Don't allow direct access to PHP files in the vendor directory.
location ~ /vendor/.*\.php$ { deny all; return 404;
}
# Fighting with Styles? This little gem is amazing.
location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite;
}
# Handle private files through Drupal. Private file's path can come with a
# language prefix.
location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
try_files $uri @rewrite;
expires max;
log_not_found off;
}
location ~ \.php$|^/update.php {
fastcgi_read_timeout 300;
fastcgi_pass unix:/opt/bitnami/php/var/run/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_split_path_info ^(.+?.php)(|/.*)$;
include fastcgi_params;
}
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
}drupal-server-block:
server {
# Port to listen on, can also be set in IP:PORT format
listen 8080 http2 default_server;
root /opt/bitnami/drupal;
# Catch-all server block See:
# https://nginx.org/en/docs/http/server_names.html#miscellaneous_names
server_name _;
location = /favicon.ico { log_not_found off; access_log off;
}
location = /robots.txt { allow all; log_not_found off; access_log off;
}
location /static/fonts { add_header "Access-Control-Allow-Origin" *; alias /opt/bitnami/drupal/libraries/bootstrap/fonts/;
}
location ~ ^/sites/.*/private/ { return 403;
}
# Block access to scripts in site files directory
location ~ ^/sites/[^/]+/files/.*\.php$ { deny all;
}
# Allow "Well-Known URIs" as per RFC 5785
location ~* ^/.well-known/ { allow all;
}
location / {
if ($request_filename ~* ^.?/([^/]?)$) {
set $filename $1;
}
if ($filename ~* ^.*?\.(eot)|(ttf)|(woff)$){
add_header Access-Control-Allow-Origin *;
}
try_files $uri /index.php?$query_string;
}
location @rewrite { rewrite ^/(.*)$ /index.php?q=$1;
}
# Don't allow direct access to PHP files in the vendor directory.
location ~ /vendor/.*\.php$ { deny all; return 404;
}
# Fighting with Styles? This little gem is amazing.
location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite;
}
# Handle private files through Drupal. Private file's path can come with a
# language prefix.
location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri
/index.php?$query_string;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { try_files $uri @rewrite;
expires max; log_not_found off;
}
location ~ \.php$|^/update.php {
fastcgi_read_timeout 300;
fastcgi_pass unix:/opt/bitnami/php/var/run/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_split_path_info ^(.+?.php)(|/.*)$;
include fastcgi_params;
}
include "/opt/bitnami/nginx/conf/bitnami/*.conf";
}/etc/systemd/system/varnish.service:
[Unit]
Description=Varnish HTTP accelerator
Documentation=https://www.varnish-cache.org/docs/6.1/ man:varnishd
[Service]
Type=simple
LimitNOFILE=131072
LimitMEMLOCK=82000
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -f /etc/varnish/default.vcl -S /etc/varnish/secret$
ExecReload=/usr/share/varnish/varnishreload
ProtectSystem=full
ProtectHome=true
PrivateTmp=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target/etc/default/varnish:
DAEMON_OPTS="-a :80 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m"default.vcl:
# This is the VCL configuration Varnish will automatically append to your VCL
# file during compilation/loading. See the vcl(7) man page for details on syntax
# and semantics.
# New users is recommended to use the example.vcl file as a starting point.
#
vcl 4.1;
sub vcl_recv {
#if (req.http.host) {
#set req.http.host = req.http.host.lower();
#}
if (req.method == "PRI") {
/* This will never happen in properly formed traffic (see: RFC7540) */
return (synth(405));
}
if (!req.http.host &&
req.esi_level == 0 &&
req.proto ~ "^(?i)HTTP/2") {
/* In HTTP/1.1, Host is required. */
return (synth(400));
}
if (req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
req.method != "POST" &&
req.method != "TRACE" &&
req.method != "OPTIONS" &&
req.method != "DELETE" &&
req.method != "PATCH") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.method != "GET" && req.method != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (hash);
}
sub vcl_pipe {
# By default Connection: close is set on all piped requests, to stop
# connection reuse from sending future requests directly to the
# (potentially) wrong backend. If you do want this to happen, you can undo
# it here.
# unset bereq.http.connection;
return (pipe);
}
sub vcl_pass {
return (fetch);
}
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
return (lookup);
}
#
sub vcl_purge {
return (synth(200, "Purged"));
}
#
sub vcl_hit {
return (deliver);
}
#
sub vcl_miss {
return (fetch);
}
#
sub vcl_deliver {
return (deliver);
if (obj.hits > 0) { set resp.http.Cache-Tags = "HIT";
}
else { set resp.http.Cache-Tags = "MISS";
}
}
#
# /* * We can come here "invisibly" with the following errors: 500 & 503 */
sub vcl_synth {
set resp.http.Content-Type = "text/html; charset=utf-8";
set resp.http.Retry-After = "5";
set resp.body = {"<!DOCTYPE html>
<html>
<head>
<title>"} + resp.status + " " + resp.reason + {"</title>
</head>
<body>
<h1>Error "} + resp.status + " " + resp.reason + {"</h1>
<p>"} + resp.reason + {"</p>
<h3>Guru Meditation:</h3>
<p>XID: "} + req.xid + {"</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>
"};
return (deliver);
}
#
# #######################################################################
# # Backend Fetch
#
sub vcl_backend_fetch {
if (bereq.method == "GET") {
unset bereq.body;
}
return (fetch);
}
#
sub vcl_backend_response {
if (bereq.uncacheable) {
return (deliver);
} else if (beresp.ttl <= 0s ||
beresp.http.Set-Cookie ||
beresp.http.Surrogate-control ~ "(?i)no-store" ||
(!beresp.http.Surrogate-Control &&
beresp.http.Cache-Control ~ "(?i:no-cache|no-store|private)") ||
beresp.http.Vary == "*") {
#Mark as "Hit-For-Miss" for the next 2 minutes
set beresp.ttl = 120s;
set beresp.uncacheable = true;
}
return (deliver);
}
#
sub vcl_backend_error {
set beresp.http.Content-Type = "text/html; charset=utf-8";
set beresp.http.Retry-After = "5";
set beresp.body = {"<!DOCTYPE html>
<html>
<head>
<title>"} + beresp.status + " " + beresp.reason + {"</title>
</head>
<body>
<h1>Error "} + beresp.status + " " + beresp.reason + {"</h1>
<p>"} + beresp.reason + {"</p>
<h3>Guru Meditation:</h3>
<p>XID: "} + bereq.xid + {"</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>
"};
return (deliver);
}
#
# #######################################################################
# # Housekeeping
sub vcl_init {
return (ok);
}
sub vcl_fini {
return (ok);
}
backend default {
.host = "127.0.0.1";
.port = "8080";
.connect_timeout = 600s;
.first_byte_timeout = 600s;
.probe = {
.timeout = 600s;
.interval = 10s;
.window = 5;
.threshold = 2;
.request = "GET HTTP/2"
"Host: https://www.example.com/index.html"
"Connection: close";
}
}sudo systemctl状态清漆:
Loaded: loaded (/etc/systemd/system/varnish.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-11-02 19:09:12 UTC; 1h 20min ago
Docs: https://www.varnish-cache.org/docs/6.1/
man:varnishd
Main PID: 24668 (varnishd)
Tasks: 217 (limit: 557)
Memory: 12.1M
CGroup: /system.slice/varnish.service ├─24668 /usr/sbin/varnishd -j unix,user=vcache -F -a :80 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m └─24680 /usr/sbin/varnishd -j unix,user=vcache -F -a :80 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Warnings:
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: VCL compiled.
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Debug: Version: varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Debug: Platform: Linux,4.19.0-18-cloud-amd64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Version: varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Platform: Linux,4.19.0-18-cloud-amd64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Debug: Child (24680) Started
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Child (24680) Started
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Info: Child (24680) said Child starts
Nov 02 19:09:12 ip-xxx-xx-xx-xx varnishd[24668]: Child (24680) said Child startssudo netstat -tlnp:
LISTEN 24668/varnishd tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN 13255/nginx: master tcp 0 00.0.0.0:8080 0.0.0.0:*
LISTEN 1352/sshd tcp 0 00.0.0.0:22 0.0.0.0:*
LISTEN 24668/varnishd tcp 0 0127.0.0.1:353210.0.0.0:*
LISTEN 13255/nginx: master tcp 0 00.0.0.0:443 0.0.0.0:*
LISTEN 537/trace-agent tcp 0 0127.0.0.1:8126 0.0.0.0:*
LISTEN 536/agent tcp 0 0127.0.0.1:5000 0.0.0.0:*
LISTEN 536/agent tcp 0 0127.0.0.1:5001 0.0.0.0:*
LISTEN 13201/mysqld tcp 0 0127.0.0.1:3306 0.0.0.0:*
LISTEN 589/redis-server 12 tcp 0 0127.0.0.1:6379 0.0.0.0:*
LISTEN 853/process-agent tcp6 0 0127.0.0.1:6062 0.0.0.0:*
LISTEN 24668/varnishd tcp6 0 0:::80 :::*
LISTEN 1352/sshd tcp6 0 0:::22 :::*
LISTEN 589/redis-server 12 tcp6 0 0::1:6379 :::*sudo apt-get install libwww-perl && GET -Used http://localhost:80/index.html
503 Backend fetch failed
Connection: close
Date: Tue, 02 Nov 2021 21:37:42 GMT
Via: 1.1 varnish (Varnish/6.0)
Age: 0
Retry-After: 5
Server: Varnish
Content-Length: 310
Content-Type: text/html; charset=utf-8
Client-Date: Tue, 02 Nov 2021 21:37:42 GMT
Client-Peer: 127.0.0.1:80
Client-Response-Num: 1
Title: 503 Backend fetch failed
X-Varnish: 32773回答 1
Stack Overflow用户
发布于 2021-11-05 13:11:39
请运行varnishlog -g raw -i backend_health来监视您的后端运行状况,并找出运行状况探测器可能获得的状态。
在此基础上,您将发现为什么Varnish返回503 Backend fetch failed错误。
这很可能是因为探测中的HTTP/2请求。如果我没记错的话,Varnish在后端不支持HTTP/2,只在客户端支持。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/69817264
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号