Dear Graham, so i changed it to the following bringing them under one
single VirtualHost and added application-group=%{GLOBAL} to WSGIScriptAlias
but the same situation persists. I can access only the first app not the
second one. Here is the .conf setting.
<VirtualHost *:8999>
WSGIDaemonProcess app_qa processes=1 display-name=%{GROUP}
python-path=/opt/app/app_qa/app
WSGIProcessGroup app_qa
WSGIScriptAlias /app_qa /opt/app/app_qa/app/wsgi.py process-group=app_qa
application-group=%{GLOBAL}
Alias /static_app_qa /opt/app/app_qa/staticfiles
<Directory /opt/app/app_qa/app/>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
<Directory /opt/app/app_qa/staticfiles/>
Require all granted
</Directory>
WSGIDaemonProcess app_prod processes=1 display-name=%{GROUP}
python-path=/opt/app/app_prod/app
WSGIProcessGroup app_prod
WSGIScriptAlias /app_prod /opt/app/app_prod/app/wsgi.py
process-group=app_prod application-group=%{GLOBAL}
Alias /static_app_prod /opt/app/app_prod/staticfiles
<Directory /opt/app/app_prod/app/>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
<Directory /opt/app/app_prod/staticfiles/>
Require all granted
</Directory>
</VirtualHost>
Kindly guide.
On Wednesday, 18 March 2020 21:46:35 UTC-3, Graham Dumpleton wrote:
>
> You can't have two VirtualHost definitions for the same port number unless
> they have ServerName set for each to a different hostname. Even then, you
> can't access them by IP and have them distinguished, you would need to use
> the respective hostnames.
>
> So if you are going to use an IP address only, have one VirtualHost only
> and use inside of that for mod_wsgi:
>
> WSGIDaemonProcess app_qa
> processes=1 display-name=%{GROUP} python-path=/opt/app/app_qa/app
> WSGIScriptAlias /app_qa /opt/app/app_qa/app/wsgi.py process-group=app_qa
> application-group=%{GLOBAL}
>
> WSGIDaemonProcess app_prod
> processes=1 display-name=%{GROUP} python-path=/opt/app/app_prod/app
> WSGIScriptAlias /app_prod /opt/app/app_prod/app/wsgi.py
> process-group=app_prod application-group=%{GLOBAL}
>
> Add your other stuff for Alias etc as well for each.
>
> On 19 Mar 2020, at 11:42 am, Guddu <[email protected] <javascript:>>
> wrote:
>
> Dear Graham, Thanks for your response.
>
> I removed socket-user=app_user and now I see a different behaviour. One of
> the app work while the other does not. Both are exactly identical one is
> meant for QA and other for PROD and the QA URL works while for the PROD URL
> it shows an error
>
> *Not Found The requested URL /app_prod was not found on this server.*
>
> The QA URL is http://<ip>:8999/app_qa
> The PROD URL is http://<ip>:8999/app_prod
>
> The initial reason why I had to move to daemon mode is to be able to set a
> python-path for both of them separately as WSGIPythonPath cannot be used
> inside <VirtualHost>
>
> This is my httpd.conf setting.
>
> WSGISocketPrefix /run/httpd/wsgi/
> <VirtualHost *:8999>
> WSGIDaemonProcess app_qa processes=1 display-name=%{GROUP} python-path=
> /opt/app/app_qa/app
> WSGIProcessGroup app_qa
> WSGIScriptAlias /app_qa /opt/app/app_qa/app/wsgi.py process-group=app_qa
> Alias /static_app_qa /opt/app/app_qa/staticfiles
>
> <Directory /opt/app/app_qa/app/>
> <Files wsgi.py>
> Require all granted
> </Files>
> </Directory>
>
> <Directory /opt/app/app_qa/staticfiles/>
> Require all granted
> </Directory>
> </VirtualHost>
>
> <VirtualHost *:8999>
> WSGIDaemonProcess app_prod processes=1 display-name=%{GROUP} python-path=
> /opt/app/app_prod/app
> WSGIProcessGroup app_prod
> WSGIScriptAlias /app_prod /opt/app/app_prod/app/wsgi.py process-group=
> app_prod
> Alias /static_app_prod /opt/app/app_prod/staticfiles
>
> <Directory /opt/app/app_prod/app/>
> <Files wsgi.py>
> Require all granted
> </Files>
> </Directory>
>
> <Directory /opt/app/app_prod/staticfiles/>
> Require all granted
> </Directory>
> </VirtualHost>
>
> The netstat output is as follows indicating that the socket files were
> created in the desired folder. The permission on files and directories also
> follows
>
> [root@server app]# netstat -an | grep http
> unix 2 [ ACC ] STREAM LISTENING 1107556 /run/httpd/wsgi
> /.13750.0.1.sock
> unix 2 [ ACC ] STREAM LISTENING 1107558 /run/httpd/wsgi
> /.13750.0.2.sock
>
> [root@server app]# ls -ltr /run/httpd/wsgi/.13750.0.1.sock
> /run/httpd/wsgi/.13750.0.2.sock
> srwx------ 1 app_user root 0 Mar 18 19:29 /run/httpd/wsgi/.13750.0.2.sock
> srwx------ 1 app_user root 0 Mar 18 19:29 /run/httpd/wsgi/.13750.0.1.sock
>
> [root@server app]# ls -ltr /run/httpd/
> total 8
> drwx------ 2 apache apache 40 Mar 10 13:50 htcacheclean
> -rw-r--r-- 1 root root 8 Mar 18 19:29 authdigest_shm.13750
> -rw-r--r-- 1 root root 6 Mar 18 19:29 httpd.pid
> drwxr-xr-x 2 app_user app_user 80 Mar 18 19:29 wsgi
>
> [root@server app]# ls -ltr /run | tail -2
> -rw-rw-r-- 1 root utmp 3072 Mar 18 19:11 utmp
> drwx--x--- 4 root apache 120 Mar 18 19:29 httpd
>
>
>
> Also the ps -ef | grep httpd output is
>
>
> root 13750 1 0 19:29 ? 00:00:00 /usr/sbin/httpd -
> DFOREGROUND
> app_user 13753 13750 0 19:29 ? 00:00:00 /usr/sbin/httpd -
> DFOREGROUND
> app_user 13754 13750 0 19:29 ? 00:00:00 /usr/sbin/httpd -
> DFOREGROUND
> app_user 13755 13750 0 19:29 ? 00:00:00 /usr/sbin/httpd -
> DFOREGROUND
> app_user 13756 13750 0 19:29 ? 00:00:00 /usr/sbin/httpd -
> DFOREGROUND
> app_user 13757 13750 0 19:29 ? 00:00:00 /usr/sbin/httpd -
> DFOREGROUND
>
>
> I am a bit confused as everything seems alright.
>
> Appreciate your help
>
>
> On Wednesday, 18 March 2020 18:57:26 UTC-3, Graham Dumpleton wrote:
>>
>> Why are you setting 'socket-user'?
>>
>> That is only required when using Apache PrivilegesMode as SECURE, or
>> using certain Apache MPMs.
>>
>> What happens when you don't use that?
>>
>> I want to see the original error messages and permissions on both the
>> socket files, *and* the directory the sockets are in, before changing
>> any configuration from what one would normally use.
>>
>> Graham
>>
>> On 19 Mar 2020, at 2:10 am, Guddu <[email protected]> wrote:
>>
>> After configuring daemon mode, I started getting a 503 Server Unavailable
>> error.
>>
>> There are lot of posts on stackoverflow and a dedicate section in the
>> troubleshooting page at
>> https://modwsgi.readthedocs.io/en/develop/user-guides/frequently-asked-questions.html
>> and
>> https://modwsgi.readthedocs.io/en/develop/user-guides/configuration-issues.html
>> but none of the suggestions seem to be helping me at the moment.
>> Appreciate your guidance.
>>
>> The error logs have the following
>>
>> [Wed Mar 18 09:30:17.649428 2020] [wsgi:error] [pid 14044] (13)Permission
>> denied: [client 10.52.7.18:2505] mod_wsgi (pid=14044): Unable to
>> connect to WSGI daemon process 'app_qa' on
>> '/run/httpd/wsgi/.14039.0.1.sock' as user with uid=1001.
>>
>>
>>
>>
>> The directory in question has read and write permission to *app_user*
>>
>> The httpd processes start fine. Below is the ps output
>>
>> root 14197 1 0 09:30 ? 00:00:00 /usr/sbin/httpd -
>> DFOREGROUND
>> app_user 14202 14197 0 09:30 ? 00:00:00 /usr/sbin/httpd -
>> DFOREGROUND
>> app_user 14203 14197 0 09:30 ? 00:00:00 /usr/sbin/httpd -
>> DFOREGROUND
>> app_user 14204 14197 0 09:30 ? 00:00:00 /usr/sbin/httpd -
>> DFOREGROUND
>> app_user 14205 14197 0 09:30 ? 00:00:00 /usr/sbin/httpd -
>> DFOREGROUND
>> app_user 14206 14197 0 09:30 ? 00:00:00 /usr/sbin/httpd -
>> DFOREGROUND
>>
>>
>>
>> The socket flies get written
>>
>> [root@server wsgi]# ls -ltra
>> total 0
>> srwx------ 1 app_user root 0 Mar 18 09:30 .14197.0.1.sock
>> srwx------ 1 app_user root 0 Mar 18 09:30 .14197.0.2.sock
>>
>>
>>
>>
>> My apache build info is as follows
>>
>> [app_user@server app_qa]$ httpd -V
>> AH00558: httpd: Could not reliably determine the server's fully
>> qualified domain name, using 10.21.2.136. Set the 'ServerName' directive
>> globally to suppress this message
>> Server version: Apache/2.4.6 (Red Hat Enterprise Linux)
>> Server built: Jun 9 2019 13:01:04
>> Server's Module Magic Number: 20120211:24
>> Server loaded: APR 1.4.8, APR-UTIL 1.5.2
>> Compiled using: APR 1.4.8, APR-UTIL 1.5.2
>> Architecture: 64-bit
>> Server MPM: prefork
>> threaded: no
>> forked: yes (variable process count)
>> Server compiled with....
>> -D APR_HAS_SENDFILE
>> -D APR_HAS_MMAP
>> -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
>> -D APR_USE_SYSVSEM_SERIALIZE
>> -D APR_USE_PTHREAD_SERIALIZE
>> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>> -D APR_HAS_OTHER_CHILD
>> -D AP_HAVE_RELIABLE_PIPED_LOGS
>> -D DYNAMIC_MODULE_LIMIT=256
>> -D HTTPD_ROOT="/etc/httpd"
>> -D SUEXEC_BIN="/usr/sbin/suexec"
>> -D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
>> -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
>> -D DEFAULT_ERRORLOG="logs/error_log"
>> -D AP_TYPES_CONFIG_FILE="conf/mime.types"
>> -D SERVER_CONFIG_FILE="conf/httpd.conf"
>>
>> [app_user@server app_qa]$ httpd -l
>> Compiled in modules:
>> core.c
>> mod_so.c
>> http_core.c
>>
>>
>>
>>
>> My httpd conf is as follows
>>
>> WSGISocketPrefix /run/httpd/wsgi/
>> <VirtualHost *:8999>
>> WSGIDaemonProcess app_qa processes=2 display-name=%{GROUP} python-path=
>> /opt/app/app_qa socket-user=app_user
>> WSGIProcessGroup app_qa
>> WSGIScriptAlias /app_qa /opt/app/app_qa/app/wsgi.py process-group=app_qa
>> Alias /static_app_qa /opt/app/app_qa/staticfiles
>>
>> <Directory /opt/app/app_qa/app/>
>> <Files wsgi.py>
>> Require all granted
>> </Files>
>> </Directory>
>>
>> <Directory /opt/app/app_qa/staticfiles/>
>> Require all granted
>> </Directory>
>> </VirtualHost>
>>
>>
>> Appreciate your help on this matter.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "modwsgi" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/modwsgi/82ab46fe-adc1-42fd-90ad-abaf05f58613%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/modwsgi/82ab46fe-adc1-42fd-90ad-abaf05f58613%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>>
>>
> --
> You received this message because you are subscribed to the Google Groups
> "modwsgi" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected] <javascript:>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/modwsgi/21647165-18ba-4f06-92d0-b224f06e8311%40googlegroups.com
>
> <https://groups.google.com/d/msgid/modwsgi/21647165-18ba-4f06-92d0-b224f06e8311%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
>
>
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/modwsgi/d79bd082-9468-4a1c-bf86-8e377718ef48%40googlegroups.com.
