PHP

Errors in NGINX open socket left in connection and tcp 127.0.0.1:9000 TIME_WAIT?

There is a web server running on a bunch of NGINX + PHP-FPM. We switched to https, decided to make support for http2, we had to install a new NGINX. After "nginx restart" in the logs "nginx/error.log" falls:

nginx/error.log

2017/07/23 13:48:30 [notice] 3284#3284: signal process started
2017/07/23 13:48:30 [alert] 2892#2892: *33356 open socket #11 left in connection 4
2017/07 /23 13:48:30 [alert] 2887#2887: *33398 open socket #44 left
in connection 23
2017/07/23 13:48:30 [alert] 2884#2884: *33395 open socket #23 left
in
connection 23 13:48:30 [alert] 2887#2887: aborting
2017/07/23 13:48:30 [alert] 2884#2884: aborting
etc...

netstat -n -t -o | grep timewait gives:

tcp 0 0 127.0.0.1:9000 127.0.0.1:38936 TIME_WAIT timewait (3.17/0/0)
tcp 0 0 127.0.0.1:9000 127.0.0.1:40763 TIME_WAIT timewait (48.73/0/0)
tcp 0 0.12 :9000 127.0.0.1:37674 TIME_WAIT timewait (0.00/0/0)
tcp 0 0 127.0.0.1:9000 127.0.0.1:37464 TIME_WAIT timewait (0.00/0/0)
and there are so many...

Used software versions:

Ubuntu 14.04.5 LTS
nginx/1.12.1
OpenSSL 1.0.2l
PHP 5.5.9

------------------------------
From the NGINX configuration file:
--------------- ---------------

worker_processes 8;

events {
worker_connections 25000;
multi_accept on;
use epoll;
}

http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;

client_max_body_size 30m;
client_header_timeout 15;
client_body_timeout 15;
send_timeout 10;
keepalive_timeout 30 15;
types_hash_max_size 2048;
reset_timedout_connection on;

gzip on;
server_tokens off;

upstream backend {
server 127.0.0.1:9000;
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name sitename.com;

ssl_certificate /path/sitename_com.crt;
ssl_certificate_key /path/sitename_com.key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:100m;
ssl_dhparam /path/dhparam.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers '...';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;

ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /path/sitenamecab.pem;
resolver ip address; #ip address from "resov.conf"

gzip off;

location ~ \.php$ {
fastcgi_index index.php;
fastcgi_pass backend;
fastcgi_buffer_size 128k;
fastcgi_buffers 8 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_param HTTP_SCHEME https;
include fastcgi.conf;
}
}

server {
listen 80;
... here is almost the same as for listen 443 except - no entries for ssl, gzip on and no fastcgi_param HTTP_SCHEME https;
}

}

------------------------------
From the PHP-FPM configuration file:
------------- -----------------

listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
listen.backlog = 3000
pm = static
pm.max_children = 2000
pm.max_requests = 3000

------------------------------

Before installing the new version of NGINX, there were no such errors with the old one (nginx/1.4.6). The server is running, the site is opening, but I think you can't leave it like that. There is information about such problems on the network, but it is not clear how to fix it. If you remove the "server" section from "nginx.conf" with "ssl and http2" and leave only "server" with "listen 80;" nothing changes (of course, restarting after changing NGINX). Also, nothing changes if you reduce "worker_connections", for example from 25000 to 2000, and if you reduce, for example, from 2000 to pm.max_children = 500 and from 3000 to pm.max_requests = 750 (of course, restarting after changing php-fpm) also does not solve this problem. What to do? Where to look?