什么是 gunicorn.sock?

Posted

技术标签:

【中文标题】什么是 gunicorn.sock?【英文标题】:What is gunicorn.sock? 【发布时间】:2015-04-07 10:22:18 【问题描述】:

我是 Michal Karzynski 的 gunicorn-django 教程的新手。我在 Ubuntu 14 上使用 Django 1.7.4,我的 gunicorn 脚本设置如下

#!/bin/bash

NAME="mytestapp"                                  # Name of the application
DJANGODIR=/var/www/testapp/src             # Django project directory
SOCKFILE=/var/www/testapp/run/gunicorn.sock  # we will communicte using this unix socket
USER=ubuntu                                        # the user to run as
GROUP=ubuntu                                     # the group to run as
NUM_WORKERS=3                                     # how many worker processes should Gunicorn spawn
DJANGO_SETTINGS_MODULE=testapp.settings             # which settings file should Django use
DJANGO_WSGI_MODULE=testapp.wsgi                     # WSGI module name

echo "Starting $NAME as `whoami`"

# Activate the virtual environment
cd $DJANGODIR
export DJANGO_SETTINGS_MODULE=$DJANGO_SETTINGS_MODULE
export PYTHONPATH=$DJANGODIR:$PYTHONPATH

# Create the run directory if it doesn't exist
RUNDIR=$(dirname $SOCKFILE)
test -d $RUNDIR || mkdir -p $RUNDIR

# Start your Django Unicorn
# Programs meant to be run under supervisor should not daemonize themselves (do not use --daemon)
exec gunicorn $DJANGO_WSGI_MODULE:application \
  --name $NAME \
  --workers $NUM_WORKERS \
  --user=$USER --group=$GROUP \
  --bind=0.0.0.0:8000 \
  --log-level=debug \
  --log-file=-

当我将绑定设置更改为 unix:$SOCKFILE 时,我的脚本仍然运行,但我无法连接到我的浏览器。在this question 中,我读到在生产服务器上部署 0.0.0.0:8000 是不明智的。

我对 unix 套接字有所了解,但我不知道如何使用 unix 套接字文件为我的站点提供服务。我试图以超级用户身份编辑套接字文件,但操作系统不允许我打开它。

如何设置套接字文件以允许我提供页面?

PS:这是我的 nginx 配置文件

upstream hello_app_server 
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response (in case the Unicorn master nukes a
# single worker for timing out).

server 127.0.0.1:8000 fail_timeout=0;
 

server 

    listen   80;
    server_name test.com;

    client_max_body_size 4G;

    access_log /var/www/testapp/src/logs/nginx-access.log;
    error_log /var/www/testapp/src/logs/nginx-error.log;

    location /static/ 
        alias   /var/www/testapp/src/static/static_dirs/;
    

    location /media/ 
        alias   /var/www/testapp/src/static/media/;
    

    location / 
        # an HTTP header important enough to have its own Wikipedia entry:
        #   http://en.wikipedia.org/wiki/X-Forwarded-For
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        # enable this if and only if you use HTTPS, this helps Rack
        # set the proper protocol for doing redirects:
        # proxy_set_header X-Forwarded-Proto https;

        # pass the Host: header from the client right along so redirects
        # can be set properly within the Rack application
        proxy_set_header Host $http_host;

        # we don't want nginx trying to do something clever with
        # redirects, we set the Host: header above already.
        proxy_redirect off;

        # set "proxy_buffering off" *only* for Rainbows! when doing
        # Comet/long-poll stuff.  It's also safe to set if you're
        # using only serving fast clients with Unicorn + nginx.
        # Otherwise you _want_ nginx to buffer responses to slow
        # clients, really.
        # proxy_buffering off;

        # Try to serve static files from nginx, no point in making an
        # *application* server like Unicorn/Rainbows! serve static files.

        if (!-f $request_filename) 
            proxy_pass http://hello_app_server;
            break;
        

    

    # Error pages
    error_page 500 502 503 504 /500.html;
    location = /500.html 
        root /var/www/testapp/src/static/;
    

【问题讨论】:

【参考方案1】:

如果您在服务器上本地工作,套接字是比网络端口更快、更有效的替代方案。但是,如果您的 nginx 服务器和 django 应用程序位于不同的服务器上,那么您需要打开特定的 ip 连接。

对于您的示例,如果您想使用套接字,您只需将上游服务器地址指向您的套接字文件。 修改nginx配置为

upstream hello_app_server 
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response (in case the Unicorn master nukes a
# single worker for timing out).
    server unix:/var/www/testapp/run/gunicorn.sock fail_timeout=0;
 

server 
    .
    .
    .
    # Rest of your file...

【讨论】:

【参考方案2】:

您应该使用像 nginx 这样的反向代理来坐在 gunicorn 前面,而这实际上是为您的网站服务的。它们通过套接字进行通信。

gunicorn 文档有一个 sample nginx configuration 可以做到这一点,但显然您应该使 sockfile 与您在 gunicorn 配置中放入的内容相匹配。

【讨论】:

以上是关于什么是 gunicorn.sock?的主要内容,如果未能解决你的问题,请参考以下文章

Django 错误:无效的 HTTP_HOST 标头:u'/run/myprojectname/gunicorn.sock:'

django gunicorn sock 文件不是由 wsgi 创建的

502 Bad Gateway - django + nginx + gunicorn - sock failed (13: Permission denied)

Django Nginx 和 Gunicorn .sock 在连接到上游时失败(2:没有这样的文件或目录)

flask&nginx&gunicore??????

Flask + Nginx + Gunicorn + Gevent部署