Tuesday, 7 October 2025

Troubleshooting Nginx & PHP-FPM on Kubernetes: Real-World Debugging & Fix

Our course you can check :-   Udemy course 

Ques:-   

We encountered an issue with our Nginx and PHP-FPM setup on the Kubernetes cluster this morning, which halted its functionality. Investigate and rectify the issue:

The pod name is nginx-phpfpm and configmap name is nginx-config. Identify and fix the problem.

Once resolved, copy /home/thor/index.php file from the jump host to the nginx-container within the nginx document root.



Ans:-

Based on the investigation, the nginx-phpfpm pod stopped working due to a misconfigured volume mount path. The Nginx container was expecting to serve files from /var/www/html, but the actual volume was mounted at a different path, causing the application to fail.

Shared volume: emptyDir named shared-files is correctly mounted in both containers.

Mismatch in Shared Volume Paths

  • PHP-FPM writes to /usr/share/nginx/html
  • Nginx serves from /var/www/html

    Use the same mount path in both containers, e.g.:

    mountPath: /var/www/html


raj@jumphost ~$ kubectl get cm

NAME               DATA   AGE

kube-root-ca.crt   1      15m

nginx-config       1      9m55s


raj@jumphost ~$ kubectl get pod

NAME           READY   STATUS    RESTARTS   AGE

nginx-phpfpm   2/2     Running   0          10m


raj@jumphost ~$ kubectl get svc

NAME            TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE

kubernetes      ClusterIP   10.96.0.1      <none>        443/TCP          16m

nginx-service   NodePort    10.96.119.83   <none>        8099:30008/TCP   10m


raj@jumphost ~$ kubectl describe cm nginx-config 

Name:         nginx-config

Namespace:    default

Labels:       <none>

Annotations:  <none>


Data

====

nginx.conf:

----

events {

}

http {

  server {

    listen 8099 default_server;

    listen [::]:8099 default_server;


    # Set nginx to serve files from the shared volume!

    root /var/www/html;

    index  index.html index.htm index.php;

    server_name _;

    location / {

      try_files $uri $uri/ =404;

    }

    location ~ \.php$ {

      include fastcgi_params;

      fastcgi_param REQUEST_METHOD $request_method;

      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

      fastcgi_pass 127.0.0.1:9000;

    }

  }

}



BinaryData

====


Events:  <none>



raj@jumphost ~$ kubectl get pod nginx-phpfpm -oyaml

apiVersion: v1

kind: Pod

metadata:

  annotations:

    kubectl.kubernetes.io/last-applied-configuration: |

      {"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"app":"php-app"},"name":"nginx-phpfpm","namespace":"default"},"spec":{"containers":[{"image":"php:7.2-fpm-alpine","name":"php-fpm-container","volumeMounts":[{"mountPath":"/usr/share/nginx/html","name":"shared-files"}]},{"image":"nginx:latest","name":"nginx-container","volumeMounts":[{"mountPath":"/var/www/html","name":"shared-files"},{"mountPath":"/etc/nginx/nginx.conf","name":"nginx-config-volume","subPath":"nginx.conf"}]}],"volumes":[{"emptyDir":{},"name":"shared-files"},{"configMap":{"name":"nginx-config"},"name":"nginx-config-volume"}]}}

  creationTimestamp: "2025-10-08T02:07:06Z"

  labels:

    app: php-app

  name: nginx-phpfpm

  namespace: default

  resourceVersion: "941"

  uid: fe31425d-d2f5-4d56-8450-d2a0c05bb077

spec:

  containers:

  - image: php:7.2-fpm-alpine

    imagePullPolicy: IfNotPresent

    name: php-fpm-container

    resources: {}

    terminationMessagePath: /dev/termination-log

    terminationMessagePolicy: File

    volumeMounts:

    - mountPath: /usr/share/nginx/html

      name: shared-files

    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount

      name: kube-api-access-s5m82

      readOnly: true

  - image: nginx:latest

    imagePullPolicy: Always

    name: nginx-container

    resources: {}

    terminationMessagePath: /dev/termination-log

    terminationMessagePolicy: File

    volumeMounts:

    - mountPath: /var/www/html

      name: shared-files

    - mountPath: /etc/nginx/nginx.conf

      name: nginx-config-volume

      subPath: nginx.conf

    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount

      name: kube-api-access-s5m82

      readOnly: true

  dnsPolicy: ClusterFirst

  enableServiceLinks: true

  nodeName: kodekloud-control-plane

  preemptionPolicy: PreemptLowerPriority

  priority: 0

  restartPolicy: Always

  schedulerName: default-scheduler

  securityContext: {}

  serviceAccount: default

  serviceAccountName: default

  terminationGracePeriodSeconds: 30

  tolerations:

  - effect: NoExecute

    key: node.kubernetes.io/not-ready

    operator: Exists

    tolerationSeconds: 300

  - effect: NoExecute

    key: node.kubernetes.io/unreachable

    operator: Exists

    tolerationSeconds: 300

  volumes:

  - emptyDir: {}

    name: shared-files

  - configMap:

      defaultMode: 420

      name: nginx-config

    name: nginx-config-volume

  - name: kube-api-access-s5m82

    projected:

      defaultMode: 420

      sources:

      - serviceAccountToken:

          expirationSeconds: 3607

          path: token

      - configMap:

          items:

          - key: ca.crt

            path: ca.crt

          name: kube-root-ca.crt

      - downwardAPI:

          items:

          - fieldRef:

              apiVersion: v1

              fieldPath: metadata.namespace

            path: namespace

status:

  conditions:

  - lastProbeTime: null

    lastTransitionTime: "2025-10-08T02:07:06Z"

    status: "True"

    type: Initialized

  - lastProbeTime: null

    lastTransitionTime: "2025-10-08T02:07:19Z"

    status: "True"

    type: Ready

  - lastProbeTime: null

    lastTransitionTime: "2025-10-08T02:07:19Z"

    status: "True"

    type: ContainersReady

  - lastProbeTime: null

    lastTransitionTime: "2025-10-08T02:07:06Z"

    status: "True"

    type: PodScheduled

  containerStatuses:

  - containerID: containerd://8c9917ce159003d767caeef3f0c165c702a8dccb3cfc14c0f55ee915318a73f6

    image: docker.io/library/nginx:latest

    imageID: docker.io/library/nginx@sha256:8adbdcb969e2676478ee2c7ad333956f0c8e0e4c5a7463f4611d7a2e7a7ff5dc

    lastState: {}

    name: nginx-container

    ready: true

    restartCount: 0

    started: true

    state:

      running:

        startedAt: "2025-10-08T02:07:18Z"

  - containerID: containerd://140e6aae1e89eeea22f8112bc02535514763d73abc166fab83691c03d33aa783

    image: docker.io/library/php:7.2-fpm-alpine

    imageID: docker.io/library/php@sha256:2e2d92415f3fc552e9a62548d1235f852c864fcdc94bcf2905805d92baefc87f

    lastState: {}

    name: php-fpm-container

    ready: true

    restartCount: 0

    started: true

    state:

      running:

        startedAt: "2025-10-08T02:07:10Z"

  hostIP: 172.17.0.2

  phase: Running

  podIP: 10.244.0.5

  podIPs:

  - ip: 10.244.0.5

  qosClass: BestEffort

  startTime: "2025-10-08T02:07:06Z"


raj@jumphost ~$ kubectl edit pod nginx-phpfpm 

raj@jumphost ~$ kubectl cp /home/thor/index.php default/nginx-phpfpm:/var/www/html/index.php -c nginx-container

raj@jumphost ~$ curl http://172.17.0.2:30008


No comments:

Post a Comment