Crash Apache "aléatoire"

Coucou,

J’ai un problème sur mon serveur depuis quelques temps. Apache s’arrête à intervalles irréguliers avec cette erreur :

vincent@coucou:~$ sudo tail -n200 /var/log/apache2/error.log
[Thu Oct 05 12:29:28.775124 2017] [core:warn] [pid 22621] AH00098: pid file /var/run/apache2/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Thu Oct 05 12:29:28.778496 2017] [mpm_prefork:notice] [pid 22621] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Thu Oct 05 12:29:28.778526 2017] [core:notice] [pid 22621] AH00094: Command line: '/usr/sbin/apache2'
[Thu Oct 05 12:29:30.542991 2017] [mpm_prefork:notice] [pid 22621] AH00171: Graceful restart requested, doing restart
[Thu Oct 05 12:29:30.580987 2017] [core:error] [pid 22621] (EAI 2)Name or service not known: AH00547: Could not resolve host name *\\ -- ignoring!
[Thu Oct 05 12:29:30.595086 2017] [core:error] [pid 22621] (EAI 2)Name or service not known: AH00547: Could not resolve host name *\\ -- ignoring!
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
[Thu Oct 05 12:29:30.595398 2017] [mpm_prefork:alert] [pid 22621] no listening sockets available, shutting down
[Thu Oct 05 12:29:30.595402 2017] [:emerg] [pid 22621] AH00019: Unable to open logs, exiting
[Thu Oct 05 12:29:37.339108 2017] [core:warn] [pid 22655] AH00098: pid file /var/run/apache2/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Thu Oct 05 12:29:37.342617 2017] [mpm_prefork:notice] [pid 22655] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Thu Oct 05 12:29:37.342648 2017] [core:notice] [pid 22655] AH00094: Command line: '/usr/sbin/apache2'
[Thu Oct 05 12:29:39.223661 2017] [mpm_prefork:notice] [pid 22655] AH00171: Graceful restart requested, doing restart
[Thu Oct 05 12:29:39.256090 2017] [core:error] [pid 22655] (EAI 2)Name or service not known: AH00547: Could not resolve host name *\\ -- ignoring!
[Thu Oct 05 12:29:39.270577 2017] [core:error] [pid 22655] (EAI 2)Name or service not known: AH00547: Could not resolve host name *\\ -- ignoring!
AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
[Thu Oct 05 12:29:39.270975 2017] [mpm_prefork:alert] [pid 22655] no listening sockets available, shutting down
[Thu Oct 05 12:29:39.270981 2017] [:emerg] [pid 22655] AH00019: Unable to open logs, exiting
[Thu Oct 05 12:29:46.015073 2017] [core:warn] [pid 22684] AH00098: pid file /var/run/apache2/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Thu Oct 05 12:29:46.018315 2017] [mpm_prefork:notice] [pid 22684] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Thu Oct 05 12:29:46.018341 2017] [core:notice] [pid 22684] AH00094: Command line: '/usr/sbin/apache2'
[Thu Oct 05 12:29:46.096462 2017] [mpm_prefork:notice] [pid 22684] AH00169: caught SIGTERM, shutting down

J’ai aussi un service openvpn en port-share sur le 443. Il ne dit rien de spécial :

vincent@coucou:~$ sudo service openvpn@coucou status
● openvpn@coucou.service - OpenVPN connection to coucou
   Loaded: loaded (/lib/systemd/system/openvpn@.service; enabled; vendor preset: enabled)
   Active: active (running) since dim. 2017-10-01 19:32:10 CEST; 3 days ago
     Docs: man:openvpn(8)
           https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
           https://community.openvpn.net/openvpn/wiki/HOWTO
  Process: 896 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pid (code=exited, status=0/SUCCESS)
 Main PID: 1010 (openvpn)
   CGroup: /system.slice/system-openvpn.slice/openvpn@coucou.service
           ├─1010 /usr/sbin/openvpn --daemon ovpn-coucou --status /run/openvpn/coucou.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/coucou.conf --writepid /run/openvpn/coucou.pid
           └─1038 /usr/sbin/openvpn --daemon ovpn-coucou --status /run/openvpn/coucou.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/coucou.conf --writepid /run/openvpn/coucou.pid

oct. 05 12:43:43 coucou ovpn-coucou[1010]: 192.168.1.1:52861 SIGTERM[soft,port-share-redirect] received, client-instance exiting
oct. 05 12:43:45 coucou ovpn-coucou[1010]: TCP connection established with [AF_INET]192.168.1.1:52862
oct. 05 12:43:45 coucou ovpn-coucou[1010]: 192.168.1.1:52862 Non-OpenVPN client protocol detected
oct. 05 12:43:45 coucou ovpn-coucou[1010]: 192.168.1.1:52862 SIGTERM[soft,port-share-redirect] received, client-instance exiting
oct. 05 12:43:53 coucou ovpn-coucou[1010]: TCP connection established with [AF_INET]192.168.1.1:52865
oct. 05 12:43:53 coucou ovpn-coucou[1010]: 192.168.1.1:52865 Non-OpenVPN client protocol detected
oct. 05 12:43:53 coucou ovpn-coucou[1010]: 192.168.1.1:52865 SIGTERM[soft,port-share-redirect] received, client-instance exiting
oct. 05 12:43:55 coucou ovpn-coucou[1010]: TCP connection established with [AF_INET]192.168.1.1:52866
oct. 05 12:43:55 coucou ovpn-coucou[1010]: 192.168.1.1:52866 Non-OpenVPN client protocol detected
oct. 05 12:43:55 coucou ovpn-coucou[1010]: 192.168.1.1:52866 SIGTERM[soft,port-share-redirect] received, client-instance exiting

Avec /etc/apache2/ports.conf tel que :

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 80

<IfModule ssl_module>
        Listen 4443
</IfModule>

<IfModule mod_gnutls.c>
        Listen 4443
</IfModule>

Quelqu’un aurait une piste ?

Merci,

[quote=« addikt1ve, post:1, topic:3418 »] [Thu Oct 05 12:29:30.542991 2017] [mpm_prefork:notice] [pid 22621] AH00171: Graceful restart requested, doing restart [Thu Oct 05 12:29:30.580987 2017] [core:error] [pid 22621] (EAI 2)Name or service not known: AH00547: Could not resolve host name *\\ -- ignoring! [Thu Oct 05 12:29:30.595086 2017] [core:error] [pid 22621] (EAI 2)Name or service not known: AH00547: Could not resolve host name *\\ -- ignoring! AH00112: Warning: DocumentRoot [/var/lib/letsencrypt/tls_sni_01_page/] does not exist (98)Address already in use: AH00072: make_sock: could not bind to address [::]:443 (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443 [Thu Oct 05 12:29:30.595398 2017] [mpm_prefork:alert] [pid 22621] no listening sockets available, shutting down [Thu Oct 05 12:29:30.595402 2017] [:emerg] [pid 22621] AH00019: Unable to open logs, exiting[/quote]

Tu a visiblement un default vhost qui écoute encore sur le port 443
Et aussi « Unable to open logs » qui me semble bizarre, possible que ce soit aussi les logs de ce default vhost qui n’existe pas ou non inscriptible par root:www-data.

D’ailleurs, c’est écrit :slight_smile:

# If you just change the port or add more ports here, you will likely also # have to change the VirtualHost statement in # /etc/apache2/sites-enabled/000-default.conf

C’est justement ce qui m’étonne, je n’ai que 3 vhosts activés dans sites-enabled, et les trois écoutent sur 80 et 4443 pour garantir le port-share avec openvpn.

Le default-ssl.conf (dans sites-available) est également réglé sur 4443.
Le 000-default.conf est sur le 80.

Je devrais activer ces 2 vhosts par défaut Fanch, tu crois ?
(dans le doute je l’ai fait, on va voir si ça change quelque chose)

cd /etc/apache
grep 443 -r *
Killall -9 indiens

vincent@coucou:/etc/apache2$ grep 443 -r * ports.conf: Listen 4443 ports.conf: Listen 4443 sites-available/default-ssl.conf: <VirtualHost _default_:4443> sites-available/nuage.conf:<VirtualHost *:4443> sites-available/coucou.conf:<VirtualHost *:4443> sites-available/tipiak.conf:<VirtualHost *:4443>

:frowning:

Killall -9 indiens

:smiley:

Tu bluffe martoni !

À force de ne pas trouver de vraie solution, je commence à me dire qu’il “suffirait” de relancer automatiquement apache quand il crashe.

Tu ferais ça comment Fanch ? un bon vieux while avec le pid en bash ? il y a plus propre peut-être ?

J’utiliserais nginx :slight_smile:

Oui c’est une excellente idée. Je vais faire ça.