操作系统:Linux wiki 2.6.32-131.0.15.el6.x86_64
nginx版本: nginx-1.5.7
uwsgi版本:uwsgi-2.0.8
大致流程参考:http://www.linuxyw.com/353.html
(官方文档:http://uwsgi-docs.readthedocs.org/en/latest/tutorials/Django_and_nginx.html)
下面主要介绍安装过程中出现的几个问题
1. uwsgi安装中,由于openssl 源码升级过导致的问题
ssl.c:(.text+0x4a4): undefined reference to `EC_KEY_new_by_curve_name' ssl.c:(.text+0x4e6): undefined reference to `EC_KEY_free' collect2: error: ld returned 1 exit status *** error linking uWSGI *** make: *** [all] Error 1
常叔说是由于找到了头文件,但是没有找到头文件的函数的定义导致的,google一把,果然如此:
From the error shown it looks like you have new openssl headers but still old libssl.so library in the library path. Make sure to remove old openssl library (and install new library if there are no new libssl.so available). http://trac.nginx.org/nginx/ticket/169
下面问题似乎明朗了,由于我之前给openssl升级过,升级命令如下:
./config --prefix=/usr/ --openssldir=/usr/local/openssl make make test make install
再看下系统现在rpm包的安装情况和调用的动态链接库的情况:
root@192.168.100.252:/data/installs/uwsgi-2.0.8# rpm -qa | grep openssl openssl-1.0.0-10.el6.x86_64 openssl-devel-1.0.0-10.el6.x86_64 openssl098e-0.9.8e-17.el6.x86_64 root@192.168.100.252:/data/installs/uwsgi-2.0.8# ll /usr/lib64/ | grep ssl lrwxrwxrwx. 1 root root 27 Aug 20 01:15 libnss_compat_ossl.so.0 -> libnss_compat_ossl.so.0.0.0 -rwxr-xr-x. 1 root root 84672 Mar 17 2010 libnss_compat_ossl.so.0.0.0 -rwxr-xr-x. 1 root root 215792 Apr 22 2011 libssl3.so -rw-r--r-- 1 root root 676230 Jan 22 12:52 libssl.a lrwxrwxrwx. 1 root root 21 Aug 20 01:17 libsslcommon.so.5 -> libsslcommon.so.5.0.0 -rwxr-xr-x. 1 root root 209904 Apr 6 2011 libsslcommon.so.5.0.0 lrwxrwxrwx. 1 root root 15 Aug 20 01:15 libssl.so -> libssl.so.1.0.0 -rwxr-xr-x. 1 root root 324680 Apr 21 2010 libssl.so.0.9.8e lrwxrwxrwx. 1 root root 15 Aug 20 01:14 libssl.so.10 -> libssl.so.1.0.0 -rwxr-xr-x. 1 root root 374128 Feb 10 2011 libssl.so.1.0.0 lrwxrwxrwx. 1 root root 16 Aug 20 01:19 libssl.so.6 -> libssl.so.0.9.8e drwxr-xr-x. 3 root root 4096 Aug 20 01:14 openssl drwxr-xr-x. 3 root root 4096 Aug 20 01:19 openssl098e
稍等,那个1098e的rpm包应该可以先删掉了。。rpm -e openssl098e-0.9.8e-17.el6.x86_64
不行啊,这样还是找不到问题的根源,先找出我的虚拟机244,在上面装一把看看,内网服务器别搞崩溃了
244的小机器也是一样的openssl升级方法,安装uwsgi完全没报错,这下真迷惑了,继续google
http://www.111cn.net/sys/CentOS/61326.htm 大牛说需要加一个参数 shared zlib-dynamic
再次make clean ; ./config --prefix=/usr/ --openssldir=/usr/local/openssl shared zlib-dynamic ; make 还是报错
root@192.168.100.252:/data/installs/openssl-1.0.0m# ./config --prefix=/usr/ --openssldir=/usr/local/openssl shared zlib-dynamic
root@192.168.100.252:/data/installs/openssl-1.0.0m# make
/usr/bin/ranlib ../../libcrypto.a || echo Never mind. make[2]: Leaving directory `/data/installs/openssl-1.0.0m/crypto/ts' if [ -n "libcrypto.so.1.0.0 libssl.so.1.0.0" ]; then (cd ..; make libcrypto.so.1.0.0); fi make[2]: Entering directory `/data/installs/openssl-1.0.0m' make[3]: Entering directory `/data/installs/openssl-1.0.0m' make[4]: Entering directory `/data/installs/openssl-1.0.0m' /usr/bin/ld: libcrypto.a(e_4758cca.o): relocation R_X86_64_32 against `.data' can not be used when making a shared object; recompile with -fPIC libcrypto.a(e_4758cca.o): could not read symbols: Bad value collect2: error: ld returned 1 exit status make[4]: *** [link_a.gnu] Error 1 make[4]: Leaving directory `/data/installs/openssl-1.0.0m' make[3]: *** [do_linux-shared] Error 2 make[3]: Leaving directory `/data/installs/openssl-1.0.0m' make[2]: *** [libcrypto.so.1.0.0] Error 2 make[2]: Leaving directory `/data/installs/openssl-1.0.0m' make[1]: *** [shared] Error 2 make[1]: Leaving directory `/data/installs/openssl-1.0.0m/crypto' make: *** [build_crypto] Error 1
好熟悉的感觉,可能是源码被污染了,删掉重来。。
################# uWSGI configuration ################# pcre = True kernel = Linux malloc = libc execinfo = False ifaddrs = True ssl = True zlib = True locking = pthread_mutex plugin_dir = . timer = timerfd yaml = embedded json = False filemonitor = inotify routing = True debug = False capabilities = False xml = libxml2 event = epoll ############## end of uWSGI configuration ############# total build time: 6 seconds *** uWSGI is ready, launch it with ./uwsgi ***
done
2. nginx安装,这个比较简单,就不介绍了
cd /data/var/nginx-1.5.7 ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-pcre=/data/var/pcre-8.11 --with-openssl=/data/installs/openssl-1.0.0m/ make make install
3. uwsgi配置
3.1 参照官方文档,先写一个test.py测试一下uwsgi运行情况
root@192.168.100.252:/usr/local/nginx# cat /data/forilen/Kikyou/Kikyou_web/test.py def application(env, start_response): start_response('200 OK', [('Content-Type','text/html')]) #return [b"Hello World"] # python3 return ["Hello World"] # python2
启动uwsgi
root@192.168.100.252:/data/forilen/Kikyou/Kikyou_web# uwsgi --http :8090 --wsgi-file test.py *** Starting uWSGI 2.0.8 (64bit) on [Thu Jan 22 18:07:28 2015] *** compiled with version: 4.8.2 on 22 January 2015 15:33:07 os: Linux-2.6.32-131.0.15.el6.x86_64 #1 SMP Tue May 10 15:42:40 EDT 2011 nodename: wiki machine: x86_64 clock source: unix pcre jit disabled detected number of CPU cores: 4 current working directory: /data/forilen/Kikyou/Kikyou_web detected binary path: /usr/bin/uwsgi uWSGI running as root, you can use --uid/--gid/--chroot options *** WARNING: you are running uWSGI as root !!! (use the --uid flag) *** *** WARNING: you are running uWSGI without its master process manager *** your processes number limit is 1024 your memory page size is 4096 bytes detected max file descriptor number: 1024 lock engine: pthread robust mutexes thunder lock: disabled (you can enable it with --thunder-lock) uWSGI http bound on :8090 fd 4 spawned uWSGI http 1 (pid: 31133) uwsgi socket 0 bound to TCP address 127.0.0.1:56481 (port auto-assigned) fd 3 Python version: 2.6.6 (r266:84292, Apr 11 2011, 15:50:32) [GCC 4.4.4 20100726 (Red Hat 4.4.4-13)] *** Python threads support is disabled. You can enable it with --enable-threads *** Python main interpreter initialized at 0x1aad390 your server socket listen backlog is limited to 100 connections your mercy for graceful operations on workers is 60 seconds mapped 72768 bytes (71 KB) for 1 cores *** Operational MODE: single process *** WSGI app 0 (mountpoint='') ready in 0 seconds on interpreter 0x1aad390 pid: 31132 (default app) *** uWSGI is running in multiple interpreter mode ***
浏览器拉取页面:
spawned uWSGI worker 1 (and the only) (pid: 31132, cores: 1) [pid: 31132|app: 0|req: 1/1] 192.168.100.30 () {36 vars in 847 bytes} [Thu Jan 22 18:08:14 2015] GET / => generated 11 bytes in 0 msecs (HTTP/1.1 200) 1 headers in 44 bytes (1 switches on core 0)
3.2 再用uwsgi重新启动项目Kikyou_web,下面的Kikyou_web.wsgi不用存在
root@192.168.100.252:/data/forilen/Kikyou/Kikyou_web# uwsgi --http :8090 --module Kikyou_web.wsgi *** Starting uWSGI 2.0.8 (64bit) on [Thu Jan 22 18:14:04 2015] *** compiled with version: 4.8.2 on 22 January 2015 15:33:07 os: Linux-2.6.32-131.0.15.el6.x86_64 #1 SMP Tue May 10 15:42:40 EDT 2011 nodename: wiki
浏览器访问
3.3 配置/usr/local/nginx/conf/nginx.conf,添加django资源处理配置部分
server { # the port your site will be served on listen 8090; server_name localhost; charset utf-8; # max upload size client_max_body_size 75M; # adjust to taste # Django media location /media { alias /data/forilen/Kikyou/Kikyou_web/media; # your Django project's media files - amend as required } location /static { alias /usr/lib/python2.6/site-packages/django/contrib/admin/static; # your Django project's static files - amend as required } # Finally, send all non-media requests to the Django server. location / { uwsgi_pass django; include /usr/local/nginx/conf/uwsgi_params; # the uwsgi_params file you installed } }
reload nginx配置,浏览器访问请求资源
3.4 修改nginx.conf
upstream django { server unix:///usr/local/nginx/uwsgi.sock; # for a file socket #server 127.0.0.1:8001; # for a web port socket (we'll use this first) }
启动项目:root@192.168.100.252:/usr/local/nginx# uwsgi --socket /usr/local/nginx/uwsgi.sock --module Kikyou_web.wsgi --chmod-socket=664
此时只有静态页面可以访问 >_<
3.5 添加文件/usr/local/nginx/conf/uwsgi.ini
# uwsgi.ini file [uwsgi] # Django-related settings # the base directory (full path) chdir = /data/forilen/Kikyou/Kikyou_web # Django's wsgi file module = Kikyou_web.wsgi # the virtualenv (full path) # home = /path/to/virtualenv # process-related settings # master master = true # maximum number of worker processes processes = 2 # the socket (use the full path to be safe socket = /usr/local/nginx/uwsgi.sock # ... with appropriate permissions - may be needed # chmod-socket = 664 # clear environment on exit vacuum = true
root@192.168.100.252:/usr/local/nginx# uwsgi --ini /usr/local/nginx/conf/uwsgi.ini
reload nginx,再次访问,此时静态页面和动态页面都能正常访问。。^_^
4. 常见错误积累
4.1 nginx配置错误导致报错
Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/django/core/handlers/wsgi.py", line 231, in __call__ request = self.request_class(environ) File "/usr/lib/python2.6/site-packages/django/core/handlers/wsgi.py", line 147, in __init__ self.method = environ['REQUEST_METHOD'].upper() KeyError: 'REQUEST_METHOD' [pid: 16269|app: 0|req: 1/1] () {16 vars in 627 bytes} [Mon Feb 2 02:43:01 2015] => generated 0 bytes in 44 msecs ( 500) 0 headers in 0 bytes (0 switches on core 0)
后记:最后sshd服务挂了,起不来了,看来给openssl升级还是那么困难。。。。>_<
4.2 django调用系统脚本,由于超时导致504timeout
调整nginx.conf配置,添加超时配置如下,完美解决问题。
#the upstream component nginx needs to connect to upstream django { server unix:///usr/local/nginx/uwsgi.sock; # for a file socket #server 127.0.0.1:8001; # for a web port socket (we'll use this first) } server { # the port your site will be served on listen 8090; server_name localhost; charset utf-8; # max upload size client_max_body_size 75M; # adjust to taste access_log /data/release/Kikyou/Kikyou_web/logs/access.log; error_log /data/release/Kikyou/Kikyou_web/logs/error.log; # Django media location /media { alias /data/release/Kikyou/Kikyou_web/media; # your Django project's media files - amend as required } location /static { alias /usr/lib/python2.6/site-packages/django/contrib/admin/static; # your Django project's static files - amend as required } # Finally, send all non-media requests to the Django server. location / { uwsgi_pass django; uwsgi_read_timeout 1800; uwsgi_send_timeout 300; proxy_read_timeout 300; include /usr/local/nginx/conf/uwsgi_params; # the uwsgi_params file you installed } }