0

I am trying to deploy a simple todo application on Alibaba ECS.

Its a Django application and I am trying to deploy it with the help of gunicorn and nginx.

However, after setting up the required files, when I try to access http://149.129.136.180/ , I get the message - "The site can't be reached. 149.129.136.180 took too long to respond."

Here are the required details:

OS: Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-117-generic x86_64)

root@iZa2asghjgdfsdjfsgukZ:~# cat /etc/systemd/system/gunicorn.service 
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=root
Group=www-data
WorkingDirectory=/root/todo
ExecStart=/root/.virtualenvs/todo_venv/bin/gunicorn --workers 3 --bind unix:/root/todo/todo.sock todo.wsgi:application
[Install]
WantedBy=multi-user.target

root@iZa2asghjgdfsdjfsgukZ:~# sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful


root@iZa2asghjgdfsdjfsgukZ:~# cat /etc/nginx/sites-available/todo 
server {
  listen 80;
  server_name 149.129.136.180;
  location = /favicon.ico { access_log off; log_not_found off; }
  location / {
      include proxy_params;
      proxy_pass http://unix:/root/todo/todo.sock;
  }
}

root@iZa2asghjgdfsdjfsgukZ:~# sudo systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
  Drop-In: /etc/systemd/system/nginx.service.d
           └─override.conf
   Active: active (running) since Tue 2018-09-18 17:11:07 CST; 10min ago
  Process: 996 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS)
  Process: 1012 ExecStartPost=/bin/sleep 0.1 (code=exited, status=0/SUCCESS)
  Process: 1005 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
  Process: 1000 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
 Main PID: 1009 (nginx)
   CGroup: /system.slice/nginx.service
           ├─1009 nginx: master process /usr/sbin/nginx -g daemon on; master_process on
           ├─1010 nginx: worker process                           
           └─1011 nginx: worker process                           

Sep 18 17:11:07 iZa2deepdarscg4q4vwgukZ systemd[1]: Starting A high performance web server and a reverse proxy server...
Sep 18 17:11:07 iZa2deepdarscg4q4vwgukZ systemd[1]: Started A high performance web server and a reverse proxy server.


root@iZa2asghjgdfsdjfsgukZ:~# sudo journalctl -u gunicorn
-- Logs begin at Sun 2018-04-08 21:14:21 CST, end at Tue 2018-09-18 17:22:20 CST. --
Sep 18 17:03:21 iZa2deepdarscg4q4vwgukZ systemd[1]: Started gunicorn daemon.
Sep 18 17:03:22 iZa2deepdarscg4q4vwgukZ gunicorn[675]: [2018-09-18 17:03:22 +0800] [675] [INFO] Starting gunicorn 19.9.0
Sep 18 17:03:22 iZa2deepdarscg4q4vwgukZ gunicorn[675]: [2018-09-18 17:03:22 +0800] [675] [INFO] Listening at: unix:/root/todo/todo.sock (675)
Sep 18 17:03:22 iZa2deepdarscg4q4vwgukZ gunicorn[675]: [2018-09-18 17:03:22 +0800] [675] [INFO] Using worker: sync
Sep 18 17:03:22 iZa2deepdarscg4q4vwgukZ gunicorn[675]: [2018-09-18 17:03:22 +0800] [796] [INFO] Booting worker with pid: 796
Sep 18 17:03:22 iZa2deepdarscg4q4vwgukZ gunicorn[675]: [2018-09-18 17:03:22 +0800] [801] [INFO] Booting worker with pid: 801
Sep 18 17:03:22 iZa2deepdarscg4q4vwgukZ gunicorn[675]: [2018-09-18 17:03:22 +0800] [802] [INFO] Booting worker with pid: 802

However, I am able to view my app (by accessing the IP provided) when running the application via:

python manage.py runserver

and 

gunicorn --bind 0.0.0.0:8000 todo.wsgi:application
Alfarhan Zahedi
  • 141
  • 2
  • 13
  • 1
    I think the issue is not with your code or configuration. Check the security group of your instance(thats what they are called in AWS) and allow connection from port 80 or any other port you like. – Satnam Sandhu Sep 18 '18 at 09:36

1 Answers1

1

I'm going to take a guess that your issue is with the nginx config file. I've attached the below config (although untested) so you may wish to edit yours to look more like this:

Spcifically, don't refer to the unix socket with http:// at the start. Move this to a separate server declaration within the upstream app_server block.

You can then use proxy_pass to reference http://app_server 

http {

    upstream app_server {
        # fail_timeout=0 means we always retry an upstream even if it failed
        # to return a good HTTP response

        # for UNIX domain socket setups
        server unix:/root/todo/todo.sock fail_timeout=0;

        # for a TCP configuration
        # server 127.0.0.1:9000 fail_timeout=0;
    }

    server {
        # if no Host match, close the connection to prevent host spoofing
        listen 80 default_server;
        return 444;
    }

    server {
        listen 80;
        server_name 149.129.136.180;

        location / {
            # checks for static file, if not found proxy to app
            try_files $uri @proxy_to_app;
        } 

        location @proxy_to_app {
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $http_host;
            # we don't want nginx trying to do something clever with
            # redirects, we set the Host: header above already.
            proxy_redirect off;
            proxy_pass http://app_server;
        }
    }
}
v25
  • 7,096
  • 2
  • 20
  • 36