logo标签列表

只能以root身份运行uwsgi

nginxflaskuwsgi
16
我是一名有用的助手,可以为您翻译文本。

我正在准备使用nginx/uwsgi和flask开发一个网站,但是遇到了问题。请注意,使用flask的调试:5000端口时,网站本身运行良好,但现在我想进入生产环境。为了解释我所做的事情。

这是一个linode ubuntu 12.04LTS服务器,我是这样安装它的:

# install nginx
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:nginx/stable
sudo apt-get update
sudo apt-get upgrade --show-upgraded
sudo apt-get install nginx-full
# installing uwsgi
sudo apt-get install build-essential python-dev libxml2-dev
sudo apt-get install libc6 libexpat1 libgd2-xpm libgeoip1 libpam0g libpcre3 libssl1.0.0 libxml2 libxslt1.1 zlib1g 
sudo pip install uwsgi
# python basics
sudo apt-get install python-pip build-essential python-dev
sudo pip install virtualenv
sudo pip install virtualenvwrapper
sudo mkdir -p /srv/www/li/
cd /srv/www/li/
virtualenv venv
source /srv/www/li/venv/bin/activate
pip install flask

然后我开始配置所有内容,但是我已经在uwsgi方面遇到了麻烦(不用担心NGINX,这将是下一步)。

sudo nano /etc/uwsgi/apps-available/li.xml

    <uwsgi> 
    <plugin>python</plugin> 
    <socket>/run/uwsgi/app/li.socket</socket>
    <chmod-socket>666</chmod-socket>
    <chdir>/srv/www/li</chdir>
    <pythonpath>/srv/www/li</pythonpath>
    <virtualenv>/srv/www/li/venv</virtualenv>
    <module>li</module>
    <wsgi-file>/srv/www/li/li.py</wsgi-file>
    <callable>app</callable> 
    <master/> 
    <processes>4</processes> 
    <harakiri>60</harakiri> 
    <reload-mercy>8</reload-mercy> 
    <cpu-affinity>1</cpu-affinity> 
    <stats>/tmp/stats.socket</stats> 
    <max-requests>2000</max-requests> 
    <limit-as>512</limit-as> 
    <reload-on-as>256</reload-on-as> 
    <reload-on-rss>192</reload-on-rss> 
    <no-orphans/> 
    <vacuum/> 
</uwsgi>

sudo ln -s /etc/uwsgi/apps-available/li.xml /etc/uwsgi/apps-enabled/li.xml

然而,如果我运行它,会得到:
uwsgi --xml /etc/uwsgi/apps-enabled/li.xml

[uWSGI] parsing config file /etc/uwsgi/apps-enabled/li.xml
open("./python_plugin.so"): No such file or directory [core/utils.c line 4755]
!!! UNABLE to load uWSGI plugin: ./python_plugin.so: cannot open shared object file: No such file or directory !!!
*** Starting uWSGI 1.4.6 (64bit) on [Thu Feb 28 16:30:53 2013] ***
compiled with version: 4.6.3 on 28 February 2013 12:38:22
os: Linux-3.7.10-x86_64-linode30 #1 SMP Wed Feb 27 14:29:31 EST 2013
nodename: demo
machine: x86_64
clock source: unix
detected number of CPU cores: 4
current working directory: /run/uwsgi/app
detected binary path: /usr/local/bin/uwsgi
your processes number limit is 63594
limiting address space of processes...
your process address space limit is 536870912 bytes (512 MB)
your memory page size is 4096 bytes
 *** WARNING: you have enabled harakiri without post buffering. Slow upload could be rejected on post-unbuffered webservers *** 
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
uwsgi socket 0 bound to UNIX address /run/uwsgi/app/li.socket fd 3
Python version: 2.7.3 (default, Aug  1 2012, 05:25:23)  [GCC 4.6.3]
Set PythonHome to /srv/www/li/venv
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0xa86e20
your server socket listen backlog is limited to 100 connections
mapped 362120 bytes (353 KB) for 4 cores
*** Operational MODE: preforking ***
added /srv/www/li/ to pythonpath.
/srv/www/li/venv/local/lib/python2.7/site-packages/mongoengine/fields.py:744: FutureWarning: ReferenceFields will default to using ObjectId  strings in 0.8, set DBRef=True if this isn't desired
  warnings.warn(msg, FutureWarning)
WSGI app 0 (mountpoint='') ready in 1 seconds on interpreter 0xa86e20 pid: 14934 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 14934)
spawned uWSGI worker 1 (pid: 14940, cores: 1)
mapping worker 1 to CPUs: 0
spawned uWSGI worker 2 (pid: 14941, cores: 1)
mapping worker 2 to CPUs: 1
spawned uWSGI worker 3 (pid: 14942, cores: 1)
mapping worker 3 to CPUs: 2
spawned uWSGI worker 4 (pid: 14943, cores: 1)
unlink(): Operation not permitted [core/socket.c line 109]
bind(): Address already in use [core/socket.c line 141]
...brutally killing workers...
mapping worker 4 to CPUs: 3
VACUUM: unix socket /run/uwsgi/app/li.socket removed.

所以我遇到了“解除链接操作不允许”和“绑定地址已在使用中”的错误(还有一个python_plugin错误,我也不知道如何解决!)。如果我以sudo身份运行,则似乎可以正常工作 ->

sudo uwsgi --xml /etc/uwsgi/apps-enabled/li.xml

[uWSGI] parsing config file /etc/uwsgi/apps-enabled/li.xml
open("./python_plugin.so"): No such file or directory [core/utils.c line 4755]
!!! UNABLE to load uWSGI plugin: ./python_plugin.so: cannot open shared object file: No such file or directory !!!
*** Starting uWSGI 1.4.6 (64bit) on [Thu Feb 28 15:47:41 2013] ***
compiled with version: 4.6.3 on 28 February 2013 12:38:22
os: Linux-3.7.10-x86_64-linode30 #1 SMP Wed Feb 27 14:29:31 EST 2013
nodename: demo
machine: x86_64
clock source: unix
detected number of CPU cores: 4
current working directory: /run/uwsgi
detected binary path: /usr/local/bin/uwsgi
uWSGI running as root, you can use --uid/--gid/--chroot options
*** WARNING: you are running uWSGI as root !!! (use the --uid flag) *** 
your processes number limit is 63594
limiting address space of processes...
your process address space limit is 536870912 bytes (512 MB)
your memory page size is 4096 bytes
 *** WARNING: you have enabled harakiri without post buffering. Slow upload could be rejected on post-unbuffered webservers *** 
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
uwsgi socket 0 bound to UNIX address /run/uwsgi/app/li.socket fd 3
Python version: 2.7.3 (default, Aug  1 2012, 05:25:23)  [GCC 4.6.3]
Set PythonHome to /srv/www/li/venv
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0x1fc9d00
your server socket listen backlog is limited to 100 connections
mapped 362120 bytes (353 KB) for 4 cores
*** Operational MODE: preforking ***
added /srv/www/li/ to pythonpath.
/srv/www/li/venv/local/lib/python2.7/site-packages/mongoengine/fields.py:744: FutureWarning: ReferenceFields will default to using ObjectId  strings in 0.8, set DBRef=True if this isn't desired
  warnings.warn(msg, FutureWarning)
WSGI app 0 (mountpoint='') ready in 0 seconds on interpreter 0x1fc9d00 pid: 14755 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 14755)
spawned uWSGI worker 1 (pid: 14761, cores: 1)
mapping worker 1 to CPUs: 0
spawned uWSGI worker 2 (pid: 14762, cores: 1)
mapping worker 2 to CPUs: 1
spawned uWSGI worker 3 (pid: 14763, cores: 1)
mapping worker 3 to CPUs: 2
spawned uWSGI worker 4 (pid: 14764, cores: 1)
*** Stats server enabled on /tmp/stats.socket fd: 16 ***
mapping worker 4 to CPUs: 3

请问有人可以帮我吗?由于www-data用户属于www-data组并运行它,我尝试了一些方法:

sudo usermod -a -G www-data $USER
sudo chown -R $USER:www-data /srv/www/li
sudo chmod -R g+r+w+x /srv/www/li
sudo chown -R $USER:www-data /etc/uwsgi/apps-enabled
sudo chmod -R g+r+w+x /etc/uwsgi/apps-enabled
sudo chown -R $USER:www-data /run/uwsgi/app
sudo chmod -R g+r+w+x /run/uwsgi/app

但这并没有帮助。我还尝试使用TCP端口而不是Unix /run/uwsgi/app/端口,但也没有任何区别......这真的让我疯了:(希望有人知道这里发生了什么。

此致敬礼,

卡斯特

编辑:服务器重启后仍然出现错误,但是是另一个错误:

geoadmin@demo:~$ uwsgi --xml /etc/uwsgi/apps-enabled/li.xml
[uWSGI] parsing config file /etc/uwsgi/apps-enabled/li.xml
*** Starting uWSGI 1.4.6 (64bit) on [Thu Feb 28 18:47:36 2013] ***
compiled with version: 4.6.3 on 28 February 2013 12:38:22
os: Linux-3.7.10-x86_64-linode30 #1 SMP Wed Feb 27 14:29:31 EST 2013
nodename: demo
machine: x86_64
clock source: unix
detected number of CPU cores: 4
current working directory: /home/geoadmin
detected binary path: /usr/local/bin/uwsgi
your processes number limit is 63594
limiting address space of processes...
your process address space limit is 536870912 bytes (512 MB)
your memory page size is 4096 bytes
 *** WARNING: you have enabled harakiri without post buffering. Slow upload could be rejected on post-unbuffered webservers *** 
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
bind(): No such file or directory [core/socket.c line 141]
4个回答
20

这是我在谷歌上不断搜索的结果,但这个页面对我并没有太大的帮助,因此我要添加我的答案,即使事后看起来很明显。

我的问题是与我的stats socket权限有关。如果您更改了uWSGI配置中的uid或gid参数,请确保您chmod或rm您所有旧的套接字/ pid,以及它们的父文件夹

嗨,很抱歉听到它没有帮助到你。这就是我在“最后,我将套接字放在tmp目录中以避免权限问题”备注中的意思,但你说得对,它可能有点晦涩。问题也是由于我同时有两个问题引起的,另一个问题是:https://dev59.com/EmUo5IYBdhLWcg3wkQNq - Carst
3
抱歉,我并不是要批评你的回答,只是希望为下一次访问这个页面的人增加一些信息。在我看来,uWSGI的日志消息对于处理这个问题完全没有帮助。 - pnovotnak
2
别担心,我没有那样看待它。我会编辑答案以更好地帮助人们。基本上问题在于你可能同时有两个不同的问题(Python插件问题+权限套接字问题),这也让我头疼,这就是为什么上面的原始答案如此广泛的原因。 - Carst
添加答案意味着其他人的帮助相对不足 :) - mehmet
8
在我的情况下,我试图将 .sock 文件放置在 /vagrant 目录中,这是虚拟机挂载的文件夹,仅适合进行读写操作,不适合做其他用途。
.sock 文件放在虚拟盒子挂载点之外,最好放在 /tmp 目录。根据 FHS 的规定,应该放在 /var/run 目录下。
参考: https://dev59.com/SGsz5IYBdhLWcg3w6MNS#7580524
这对我来说非常有用。 - cjauvin
6

好的,在后来的编辑之后,我检查了目录,发现套接字目录不存在了;我想这可能与最初的apt-get安装和我后来的pip安装有关... 仍然存在Python插件的问题,但我会检查它是否对nginx必要,或者是否可以在没有它的情况下工作... 工作了8个小时,结果还是重置了,唉 ;)

@bearrito: 最终,我把套接字放在tmp目录中,以避免权限问题:

<uwsgi>
        <uid>www-data</uid>
        <gid>www-data</gid> 
    <plugin>python</plugin> 
    <socket>/tmp/li.socket</socket>
    <chmod-socket>666</chmod-socket>
    <chdir>/srv/www/li</chdir>
    <pythonpath>/srv/www/li</pythonpath>
    <virtualenv>/srv/www/li/venv</virtualenv>
    <module>li</module>
    <wsgi-file>/srv/www/li/li.py</wsgi-file>
    <callable>app</callable> 
    <master/> 
    <processes>2</processes> 
    <pidfile>/tmp/li.pid</pidfile> 
    <harakiri>120</harakiri> 
    <reload-mercy>8</reload-mercy> 
    <cpu-affinity>1</cpu-affinity> 
    <stats>/tmp/stats.socket</stats> 
    <max-requests>2000</max-requests> 
    <limit-as>2048</limit-as> 
    <reload-on-as>2048</reload-on-as> 
    <reload-on-rss>1024</reload-on-rss> 
    <no-orphans/> 
    <vacuum/> 
</uwsgi>

我希望这可以帮助你!
1
小小的后续评论:Python插件(在每个谷歌搜索的示例中都有)似乎在较新版本中不再必要。因此,最终它确实比我之前想象的更容易和开箱即用! - Carst
你能否更明确地说明你的修复措施是什么?我遇到了完全相同的情况,但我无法在我的案例中找到可重现的问题。 - bearrito
我编辑了它,加入了我的修改!另外,我的工作内存限制非常低,所以不要复制那个部分 :) (这与一个繁重的分析过程有关) - Carst
当我将套接字放在Fedora 20的tmp目录中时,出现了问题。保存文件上传时会提示权限被拒绝,我认为在/tmp/中执行受到了限制。 - Cherif KAOUA
-1
对我来说,解决方案是删除 /var/run/uwsgi/.sock 和
chmod 775 /var/run/uwsgi
chmod 777 /var/log/uwsgi

或者您的uwsgi文件所在的任何位置。

网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接