Develop Reference

nginx and uwsgi config issues

when using uwsgi with the uwsgi-file parameter, I can see the correctly rendered page at 127.0.0.1/hello.py:
plugin = python3
master = true
processes = 5
chdir = /var/www/web1/
http = 127.0.0.1:9090
wsgi-file = /var/www/web1/hello.py
stats = 127.0.0.1:9191
chmod-socket = 777
vacuum = true
enable-threads = true
die-on-term = true
but when i reverse proxy from nginx using
location ~ \.py$ {
try_files $uri /index.py =404;
proxy_pass http://127.0.0.1:9090;
include uwsgi_params;
}
and disable the uwsgi-file parameter:
plugin = python3
master = true
processes = 5
chdir = /var/www/web1/
http = 127.0.0.1:9090
#wsgi-file = /var/www/web1/hello.py
stats = 127.0.0.1:9191
chmod-socket = 777
vacuum = true
enable-threads = true
die-on-term = true
then I get these errors:
browser - "Internal Server Error"
nginx console - "GET /hello.py HTTP/1.1" 500 32
uwsgi console - "GET /hello.py => generated 21 bytes in 0 msecs (HTTP/1.0 500) 2 headers in 83 bytes (0 switches on core 0)"
can I have some help troubleshooting this please

Solution requires uWSGI run CGI scripts:
enable the CGI plugin and configure uwsgi ini file as per
Running CGI scripts on uWSGI
configure nginx reverse proxy with the uwsgi_modifier1 9 parameter
location ~ \.py$ {
try_files $uri /index.py =404;
uwsgi_modifier1 9;
proxy_pass http://127.0.0.1:9090;
include uwsgi_params;
}
and this type of 'hello world' test:
#!/usr/bin/env python
print "Content-type: text/html\n\n"
print "<h1>Hello World</h1>"

How to config number of connections on nginx?

limit_conn_zone $binary_remote_addr zone=perip:10m;
server {
listen 80;
server_name wx110.cn;
root /data/www/wx120;
limit_conn perip 10;
location / {
index index.html ;
}
}
ab -n 100 -c 100 http://wx110.cn/test.html
result:Complete requests: 100
Failed requests: 0

Everything seems fine with your config. I guess there is issue with testing process. Try to execute this code: for i in {0..2000}; do (curl -Is http://wx110.cn/ | head -n1 &) 2>/dev/null; done.
And I recommend you enable access logs in your config file: access_log /var/log/nginx/wx110.cn.log;. Then you will be able monitor log file while testing: tail -f /var/log/nginx/wx110.cn.log

Not able to replace NGINX with NGINX Plus as reverse proxy for microservices on Google Cloud using Kubernetes

I am following this nice tutorial of How to create a scalable API with micro-services on Google Cloud using Kubernetes.
I have created 4 micro-services and to expose the services I am using NGINX Plus.
Note : The purpose of NGINX Plus / NGINX here is to work as reverse proxy.
Below is the directory Structure :
-nginx
--Dockerfile
--deployment.yaml
--index.html
--nginx-repo.crt
--nginx-repo.key
--nginx.conf
--svc.yaml
Details of files can be seen here. I am pasting the Docker file & nginx.conf here :
Dockerfile (Original with NGINX Plus):
FROM debian:8.3
RUN apt-get update && apt-get -y install wget
RUN mkdir -p /etc/ssl/nginx && wget -P /etc/ssl/nginx https://cs.nginx.com/static/files/CA.crt
COPY nginx-repo.key /etc/ssl/nginx/nginx-repo.key
COPY nginx-repo.crt /etc/ssl/nginx/nginx-repo.crt
RUN wget http://nginx.org/keys/nginx_signing.key && apt-key add nginx_signing.key
RUN apt-get -y install apt-transport-https libcurl3-gnutls lsb-release
RUN printf "deb https://plus-pkgs.nginx.com/debian `lsb_release -cs` nginx-plus\n" | tee /etc/apt/sources.list.d/nginx-plus.list
RUN wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90nginx
RUN apt-get update && apt-get -y install nginx-plus
RUN mkdir /data
COPY index.html /data/index.html
COPY nginx.conf /etc/nginx/conf.d/backend.conf
RUN rm /etc/nginx/conf.d/default.conf
CMD ["nginx", "-g", "daemon off;"]
nginx.conf (Original with NGINX Plus):
resolver 10.11.240.10 valid=5s;
upstream reverse-backend {
zone reverse-backend 64k;
server reverse.default.svc.cluster.local resolve;
}
upstream arrayify-backend {
zone arrayify-backend 64k;
server arrayify.default.svc.cluster.local resolve;
}
upstream lower-backend {
zone lower-backend 64k;
server lower.default.svc.cluster.local resolve;
}
upstream upper-backend {
zone upper-backend 64k;
server upper.default.svc.cluster.local resolve;
}
server {
listen 80;
root /data;
location / {
index index.html index.htm;
}
status_zone backend-servers;
location /reverse/ {
proxy_pass http://reverse-backend/;
}
location /arrayify/ {
proxy_pass http://arrayify-backend/;
}
location /lower/ {
proxy_pass http://lower-backend/;
}
location /upper/ {
proxy_pass http://upper-backend/;
}
}
server {
listen 8080;
root /usr/share/nginx/html;
location = /status.html { }
location /status {
status;
}
}
Everything seem to be working fine with NGINX Plus and I am able to hit all 4 micro-services with with url eg. http://x.y.z.w/service[1|2|3|4]/?str=testnginx , where http://x.y.z.w is my external ip and NGINX is taking care of routing requests internally. Now I am willing to do the same work without NGINX Plus by using NGINX only.
Below are the updated files for NGINX :
Dockerfile (Updated for NGINX) :
FROM debian:8.3
RUN apt-get update && apt-get -y install wget
RUN mkdir -p /etc/ssl/nginx && wget -P /etc/ssl/nginx https://cs.nginx.com/static/files/CA.crt
#COPY nginx-repo.key /etc/ssl/nginx/nginx-repo.key
#COPY nginx-repo.crt /etc/ssl/nginx/nginx-repo.crt
#RUN wget http://nginx.org/keys/nginx_signing.key && apt-key add nginx_signing.key
RUN apt-get -y install apt-transport-https libcurl3-gnutls lsb-release
#RUN printf "deb https://plus-pkgs.nginx.com/debian `lsb_release -cs` nginx-plus\n" | tee /etc/apt/sources.list.d/nginx-plus.list
RUN wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90nginx
RUN apt-get update && apt-get -y install nginx
RUN mkdir /data
COPY index.html /data/index.html
COPY nginx.conf /etc/nginx/conf.d/backend.conf
#RUN rm /etc/nginx/conf.d/default.conf
CMD ["nginx", "-g", "daemon off;"]
nginx.conf (Updated for NGINX) :
resolver 10.3.240.10 valid=5s;
upstream reverse-backend {
zone reverse-backend 64k;
server reverse.default.svc.cluster.local;
}
upstream arrayify-backend {
zone arrayify-backend 64k;
server arrayify.default.svc.cluster.local;
}
upstream lower-backend {
zone lower-backend 64k;
server lower.default.svc.cluster.local;
}
upstream upper-backend {
zone upper-backend 64k;
server upper.default.svc.cluster.local;
}
server {
listen 80;
root /data;
location / {
index index.html index.htm;
}
# status_zone backend-servers;
location /reverse/ {
proxy_pass http://reverse-backend/;
}
location /arrayify/ {
proxy_pass http://arrayify-backend/;
}
location /lower/ {
proxy_pass http://lower-backend/;
}
location /upper/ {
proxy_pass http://upper-backend/;
}
}
#server {
# listen 8080;
#
# root /usr/share/nginx/html;
#
# location = /status.html { }
#
# location /status {
# status;
# }
#}
Basically, I have removed resolve and server statements, which are the features of NGINX Plus and able to create docker image, uploading it on google container and creating my deployments and service but getting 404 not found.
Am I missing something here or this is the limitation of NGINX ?
Please suggest if anyone has any suggestion or prior experience working with NGINX, Docker and Kubernetes on Google Cloud.

php-fpm error "no input file specified" with Docker

I am trying to setup a docker container for php-fpm. But encountering this error when visiting the web directory configured on localhost. I have been stuck here for over 5 hours.
Here is my Dockerfile:
FROM centos:latest
WORKDIR /tmp
RUN yum -y update
RUN rpm -Uvh https://mirror.webtatic.com/yum/el7/epel-release.rpm; rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
#RUN yum -y groupinstall "Development Tools"
RUN systemctl stop firewalld; systemctl disable firewalld
RUN yum -y install php56w php56w-opcache php56w-cli php56w-common php56w-devel php56w-fpm php56w-gd php56w-mbstring php56w-mcrypt php56w-pdo php56w-mysqlnd php56w-pecl-xdebug php56w-pecl-memcache
RUN sed -i "s/;date.timezone =.*/date.timezone = UTC/" /etc/php.ini && \
sed -i "s/display_errors = Off/display_errors = stderr/" /etc/php.ini && \
sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 30M/" /etc/php.ini && \
sed -i -e "s/;daemonize\s*=\s*yes/daemonize = no/g" /etc/php-fpm.conf && \
sed -i '/^listen = /c listen = 9000' /etc/php-fpm.d/www.conf && \
sed -i '/^listen.allowed_clients/c ;listen.allowed_clients =' /etc/php-fpm.d/www.conf
RUN mkdir -p /home/www
VOLUME ["/home/www"]
EXPOSE 9000
ENTRYPOINT ["/usr/sbin/php-fpm", "-F"]
Check by docker ps
aab4f8ce0fe8 jason/fpm:v1 "/usr/sbin/php-fpm - 6 minutes ago Up 6 minutes 0.0.0.0:9002->9000/tcp fpm
The data volume does exist. check by docker inspect
"Volumes": {
"/home/www": "/home/www"
},
"VolumesRW": {
"/home/www": true
}
"Ports": {
"9000/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "9002"
}
]
}
localhost nginx website config:
listen 80;
server_name admin.local.lumen.com;
index index.php index.html index.htm ;
root /home/www/lumenback/public_admin;
error_log /home/wwwlogs/lumenback_error.log;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .*\.php?$
{
fastcgi_pass 127.0.0.1:9002;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
#include fastcgi.conf;
}
Error logged by php-fpm:
[error] 5322#0: *3798 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 172.16.1.19, server: admin.local.lumen.com, request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://127.0.0.1:9002", host: "admin.local.lumen.com"
Many people online said the error is caused by fastcgi_param SCRIPT_FILENAME. Seems it is not the reason in my case.

You may have got an incorrect file permission -- the process in the container cannot read php files. You can either change the php files readable by the user running php-fpm in the container. Note that the user name in the container differs from the names on the host, so specifying user ID is probably a better way (or simply make them world readable).

my Php-FPM return 500 internal error - nginx

my Php-FPM return 500 internal error - nginx
I try to access a hello.php that i create will echo Hello
But i am new to setup on nginx
I will paste my nginx conf and php-fpm conf file
My /etc/php-fpm.d/www.conf
[www]
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1:9000
; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: -1
;listen.backlog = -1
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
listen.allowed_clients = 127.0.0.1
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0666
;listen.owner = nobody
;listen.group = nobody
listen.mode = 0664
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives:
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes to be created when pm is set to 'dynamic'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to either 'static' or 'dynamic'
; Note: This value is mandatory.
pm.max_children = 500
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 20
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 10
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 50
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 5000
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. By default, the status page shows the following
; information:
; accepted conn - the number of request accepted by the pool;
; pool - the name of the pool;
; process manager - static or dynamic;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes.
; The values of 'idle processes', 'active processes' and 'total processes' are
; updated each second. The value of 'accepted conn' is updated in real time.
; Example output:
; accepted conn: 12073
; pool: www
; process manager: static
; idle processes: 35
; active processes: 65
; total processes: 100
; By default the status page output is formatted as text/plain. Passing either
; 'html' or 'json' as a query string will return the corresponding output
; syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_terminate_timeout = 0
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/php-fpm/www-slow.log
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start. This value must be an absolute path.
; Default Value: current directory or / when chroot
;chdir = /var/www
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Default Value: no
;catch_workers_output = yes
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www#my.domain.com
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
My nginx /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
# Pass PHP scripts to PHP-FPM
location ~* \.php$ {
try_files $uri /index.php;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
#root html;
#fastcgi_pass 127.0.0.1:9000;
#fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
#include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}

Is this version 11.5 of Plesk? If so, I had to add the following code to my last_nginx.conf file.
Path:
/var/www/vhosts/system/domain_name/conf/last_nginx.conf
Add the following:
location ~ /$ {
index index.php index.cgi index.pl index.html index.xhtml index.htm index.shtml;
try_files $uri $uri/ /index.php?$args;
}
Restart NGINX, PHP-FPM and HTTPD when done. If the changes work, you should add the code via your PHP-FPM settings in your Plesk control panel.