aws v2.2.exe_如何使用Python 3.6在AWS EC2上创建运行uWSGI，NGINX和PostgreSQLDjango服务器...

aws v2.2.exe

by Sumeet Kumar

通过Sumeet Kumar

如何使用Python 3.6在AWS EC2上创建运行uWSGI，NGINX和PostgreSQLDjango服务器 (How to create a Django server running uWSGI, NGINX and PostgreSQL on AWS EC2 with Python 3.6)

Getting a server up and running for a new project every time might be time-consuming or difficult for new developers. So I thought I’d write a step-by-step guide that will ease the deployment process.

对于新开发人员而言，每次都为新项目启动服务器并运行可能会非常耗时或困难。 因此，我想写一个循序渐进的指南，以简化部署过程。

If you’re in no mood to read, you can copy paste each step as described (replace values) and get your server up and running ?

如果您不想阅读，则可以按说明复制粘贴每个步骤(替换值)，并使服务器启动并运行？

先决条件： (Prerequisites:)

1. Amazon Linux EC2 instance up and running with the associated key pair (ssh access to it).

   使用关联的密钥对(通过ssh访问 )启动并运行Amazon Linux EC2实例。

2. Port 22, 80 must be open for this instance.

   此实例必须打开端口 22、80。

3. Django application that you want to deploy.
   您要部署的Django应用程序。
4. Database settings are configured to use PostgreSQL.
   数据库设置配置为使用PostgreSQL。

5. requirements.txt is present in your app, having dependencies list to install.

   Requirements.txt存在于您的应用中，具有要安装的依赖项列表。

6. Git repository for your Django app.
   Django应用程序的Git存储库。

SSH和更新ubuntu实例 (SSH & update ubuntu instance)

You need to ssh into your EC2 instance, so make sure you have port 22 open for your instance and then do a update/upgrade.

您需要使用SSH进入EC2实例，因此请确保为实例打开了端口22 ，然后进行更新/升级。

ssh -i path-to-your-key.pem ubuntu@your-aws-instance-public-ip

sudo apt-get update && sudo apt-get upgrade -y

在AWS EC2上安装Python3.6.x(ubuntu 16.04) (Installing Python3.6.x on AWS EC2 (ubuntu 16.04))

We will download the tar.xz file from official site and than manually install it. Before that we need to install some required dependencies.

我们将从官方网站下载tar.xz文件，然后手动安装。 在此之前，我们需要安装一些必需的依赖项。

建立和安装依赖项 (Building and installing dependencies)

sudo apt install build-essential checkinstall

sudo apt install libreadline-gplv2-dev libncursesw5-dev libssl-dev libsqlite3-dev tk-dev libgdbm-dev libc6-dev libbz2-dev libffi-dev

下载并手动安装所需的Python版本 (Downloading & manually installing required Python version)

cd /opt && sudo wget https://www.python.org/ftp/python/3.6.6/Python-3.6.6.tar.xz

sudo tar -xvf Python-3.6.6.tar.xz

cd Python-3.6.6/

sudo ./configure

sudo make && sudo make install

删除下载的文件 (Removing downloaded file)

sudo rm -rf Python-3.6.6.tar.xz

检查Python版本 (Check Python version)

python3 -V
> Python 3.6.6

为我们的应用程序设置Ubuntu用户 (Setting up Ubuntu user for our application)

Django itself is very secure framework, I agree. But web applications are still vulnerable. It is good practice to run your application as system users with limited privileges which has limited access to resources on your server. So in this section, we will be adding a new user & permission group to our EC2 instance.

我同意，Django本身是非常安全的框架。 但是Web应用程序仍然容易受到攻击。 优良作法是以特权有限的系统用户身份运行应用程序，这对服务器上的资源具有有限的访问权限。 因此，在本节中，我们将向我们的EC2实例添加一个新的用户和权限组。

添加ubuntu系统组'groupname'[在我的情况下为webapps]并将用户'username'[在我的情况下为Bunny]分配给该组 (Adding ubuntu system group ‘groupname’ [webapps in my case] and assign a user ‘username’ [bunny in my case] to this group)

sudo groupadd --system webapps
sudo useradd --system --gid webapps --shell /bin/bash --home /webapps/project_name bunny

Note: I am assuming “project_name” is the name that you might have used during “django-admin startproject <name>”

注意：我假设“ project_name ”是您在“ django-admin startproject <na me>”期间使用的名称。

创建一个目录来存储您的应用程序 (Create a directory to store your application)

Create a directory to store your application in /webapps/project_name/. Change the owner of that directory to your application user bunny:

创建目录以将您的应用程序存储在/ webapps / project_name /中。 将该目录的所有者更改为您的应用程序用户兔子：

sudo mkdir -p /webapps/project_name/

sudo chown bunny /webapps/project_name/

允许对其他组用户的访问仅限于应用程序目录 (Allow limited access to other group users to application directory)

sudo chown -R bunny:users /webapps/project_name

sudo chmod -R g+w /webapps/project_name

现在您可以切换到您的用户 (Now you can switch to your user)

sudo su - bunny

// your console will switch to something like this
bunny@ip-172-31-5-231:~$

To switch back to sudo user, just do ctrl+d and it’ll kill the user terminal.

要切换回sudo用户，只需执行ctrl+d ，它将杀死用户终端。

安装和配置PostgresSQL (Installing and configuring PostgresSQL)

安装PostgreSQL并创建数据库 (Installing PostgreSQL & creating database)

sudo apt install postgresql postgresql-contrib

sudo su - postgres

postgres@ip-172-31-5-231:~$ psql

postgres=# CREATE DATABASE database_name;

在psql终端中更改Postgres的默认密码 (Changing default password for postgres while in psql terminal)

postgres=# \password

在虚拟环境中通过Git在EC2实例上部署Django应用 (Deploy Django app on EC2 instance via Git in virtual environment)

Deploying your app using a virtual environment allows your app and its requirements to be handled separately. It is good practice to keep your app isolated.

使用虚拟环境部署应用程序可以单独处理您的应用程序及其要求。 保持应用隔离是一个很好的做法。

Using the environment concept is handy when you are deploying more than one Django app on a single instance to keep them and their dependencies isolated from each other.

当您在单个实例上部署多个Django应用程序以使它们及其依赖项相互隔离时，使用环境概念非常方便。

We will be creating a virtual environment in our system user (bunny) directory. Before that we will be installing git as a sudo user.

我们将在系统用户( bunny )目录中创建虚拟环境 。 在此之前，我们将以sudo用户身份安装git。

安装Git并从git repo中提取代码 (Installing Git and pulling your code from git repo)

sudo apt-get install git

sudo su - bunny

// change to your repo https or ssh link
bunny@ip-172-31-5-231:~$ git remote add origin 

git@github.com:<user>/<user-repo>.git

bunny@ip-172-31-5-231:~$ git pull origin <branch_name>

Note that we haven’t cloned our complete repo here. Instead we manually set our git link and only pulled the branch that we want to deploy to this instance. You may have a different instance for your development, beta, or production ready web app corresponding to each branch on git.

请注意，我们尚未在此处克隆完整的存储库。 取而代之的是，我们手动设置git链接，并仅拉出要部署到该实例的分支。 您可能有与git上每个分支相对应的开发，测试版或生产就绪型Web应用程序的不同实例。

在当前目录中使用Python3.6创建虚拟环境 (Creating virtual environment using Python3.6 in current directory)

bunny@ip-172-31-5-231:~$ python3.6 -m venv .
bunny@ip-172-31-5-231:~$ source bin/activate
(project_name)bunny@ip-172-31-5-231:~$ pip install -r requirements.txt

At this point, we have successfully set up our project. Now we need to run some manage.py command. This will require that we are in the directory where our manage.py is present, or every time we need to give a path to it:

至此，我们已经成功建立了我们的项目。 现在我们需要运行一些manage.p y命令。 这将要求我们位于manage.py所在的目录中，或者每次我们需要提供路径时：

(project_name)bunny@ip-172-31-5-231:~$ python <path-to->manage.py migrate

(project_name)bunny@ip-172-31-5-231:~$ python <path-to->manage.py createsuperuser

(project_name)bunny@ip-172-31-5-231:~$ python <path-to->manage.py collectstatic

Note: collectstatic command requires that the STATIC configuration is setup properly. We are not discussing that here, though, as it is not in the scope of this tutorial.

注意： collectstatic命令要求正确配置STATIC配置。 但是，我们不在这里讨论，因为它不在本教程的范围内。

(project_name)bunny@ip-172-31-5-231:~$ python <path-to->manage.py runserver 0.0.0.0:8000

This will start up the development server on port 8000. Assuming port 8000 is also open for your instance, you can visit your server's domain name or IP address followed by 8000 in your browser.

这将在端口8000上启动开发服务器。 假设您的实例也打开了端口8000，则可以在浏览器中访问服务器的域名或IP地址，后跟8000 。

http://your_server_domain_or_public_IP:8000

http://your_server_domain_or_public_IP:8000/admin

Note: Don’t forget to add your domain or IP to ALLOWED_HOST in your settings.py

注意：不要忘记在您的settings.py中将您的域或IP添加到ALLOWED_HOST中

设置uWSGI Application Server (Setting up the uWSGI Application Server)

Now that we’ve got our project set up and ready to go, we can configure uWSGI to serve our app to the web instead of the lightweight development server provided by Django.

现在我们已经完成了项目的准备并可以开始使用，我们可以配置uWSGI以将我们的应用程序提供给网络，而不是Django提供的轻量级开发服务器。

If you’re thinking of running the runserver command on a screen, drop it. The dev server with Django is terribly lightweight, highly insecure, and not scalable.

如果您想在屏幕上运行runserver命令，请将其删除。 使用Django的开发服务器非常轻巧，高度不安全且不可扩展。

You can install uWSGI either in virtualenv or globally and configure it accordingly.

您可以在virtualenv或全局中安装uWSGI并进行相应的配置。

In this tutorial, we’ll be installing uWSGI in virtualenv. Before we can install uWSGI, we need the Python development files that the software relies on.

在本教程中，我们将在virtualenv中安装uWSGI。 在安装uWSGI之前，我们需要该软件所依赖的Python开发文件。

安装uWSGI及其依赖项 (Installing uWSGI along with its dependencies)

sudo apt-get install python3-dev

sudo su - bunny

bunny@ip-172-31-5-231:~$ source bin/activate

(project_name)bunny@ip-172-31-5-231:~$ pip install uwsgi

Let’s run the server using uWSGI. This command does the same thing a manage.py runserver would do. You need to replace values accordingly to successfully test with this command.

让我们使用uWSGI运行服务器。 此命令执行manage.py runserver将执行的相同操作。 您需要相应地替换值，才能使用此命令成功进行测试。

(project_name)bunny@ip-172-31-5-231:~$ uwsgi --http :8000 --home <path-to-virtualenv> --chdir <path-to-manage.py-dir> -w <project-name>.wsgi

创建uWSGI配置文件 (Creating uWSGI configuration file)

Running uWSGI from the command line is only useful for testing. For actual deployment, we will create a .ini file somewhere in our system user directory. This file will contain all the configuration for handling a heavy request load, and can be tweaked accordingly.

从命令行运行uWSGI仅对测试有用。 对于实际部署，我们将创建一个。 伊尼 文件在我们系统用户目录中的某个位置。 该文件将包含用于处理繁重的请求负载的所有配置，并且可以相应地进行调整。

Later in this tutorial, we will run uWSGI behind NGINX. NGINX is highly compatible with uWSGI and has built-in support for interacting with uWSGI.

在本教程的后面，我们将在NGINX之后运行uWSGI。 NGINX与uWSGI高度兼容，并内置了与uWSGI交互的支持。

在系统用户目录中创建目录conf ，将在其中存储uwsgi.ini (Create a directory conf in your system user directory where you will store uwsgi.ini)

(project_name)bunny@ip-172-31-5-231:~$ mkdir conf

(project_name)bunny@ip-172-31-5-231:~$ cd conf

(project_name)bunny@ip-172-31-5-231:~$ nano uwsgi.ini

Copy the below code from the gist and save it I think the comments are explanatory enough for each option.

从主旨中复制以下代码并将其保存，我认为注释对于每个选项都足以解释。

NOTE: updateMe is supposed to be you project name. It is the same name you gave above while creating the system user directory, so update accordingly.

注意： updateMe应该是您的项目名称。 它与您在创建系统用户目录时在上面输入的名称相同，因此请进行相应更新。

[uwsgi]

# telling user to execute file
uid = bunny

# telling group to execute file
gid = webapps

# name of project you during "django-admin startproject <name>"
project_name = updateMe

# building base path to where project directory is present [In my case this dir is also where my virtual env is]
base_dir = /webapps/%(project_name)

# set PYTHONHOME/virtualenv or setting where my virtual enviroment is
virtualenv = %(base_dir)

# changig current directory to project directory where manage.py is present
chdir = %(base_dir)/src/

# loading wsgi module
module =  %(project_name).wsgi:application

# enabling master process with n numer of child process
master = true
processes = 4

# enabling multithreading and assigning threads per process
# enable-threads  = true
# threads = 2

# Enable post buffering past N bytes. save to disk all HTTP bodies larger than the limit $
post-buffering = 204800

# Serialize accept() usage (if possibie).
thunder-lock = True


# Bind to the specified socket using default uwsgi protocol.
uwsgi-socket = %(base_dir)/run/uwsgi.sock

# set the UNIX sockets’ permissions to access
chmod-socket = 666

# Set internal sockets timeout in seconds.
socket-timeout = 300

# Set the maximum time (in seconds) a worker can take to reload/shutdown.
reload-mercy = 8

# Reload a worker if its address space usage is higher than the specified value (in megabytes).
reload-on-as = 512

# respawn processes taking more than 50 seconds
harakiri = 50

# respawn processes after serving 5000 requests
max-requests = 5000

# clear environment on exit
vacuum = true

# When enabled (set to True), only uWSGI internal messages and errors are logged.
disable-logging = True

# path to where uwsgi logs will be saved
logto = %(base_dir)/log/uwsgi.log

# maximum size of log file 20MB
log-maxsize = 20971520

# Set logfile name after rotation.
log-backupname = %(base_dir)/log/old-uwsgi.log

# Reload uWSGI if the specified file or directory is modified/touched.
touch-reload = %(base_dir)/src/

# Set the number of cores (CPUs) to allocate to each worker process.
# cpu-affinity = 1

# Reload workers after this many seconds. Disabled by default.
max-worker-lifetime = 300

I am trying to make everything easy with clear explanations. Cross check paths, directory name, and other inputs that you are required to replace.

我试图通过清楚的解释使一切变得容易。 交叉检查路径，目录名称和您需要替换的其他输入。

We need to create the log file and run directory where our socket file will be created, that we just mentioned in our uwsgi.ini:

我们需要创建日志文件并运行目录，该目录将在我们的uwsgi.ini中提到：

(project_name)bunny@ip-172-31-5-231:~$ mkdir log

(project_name)bunny@ip-172-31-5-231:~$ mkdir run

(project_name)bunny@ip-172-31-5-231:~$ touch log/uwsgi.log

Make sure to change permissions for these two so that every group or user can write or execute files in these directories:

确保更改这两个权限，以便每个组或用户都可以在以下目录中写入或执行文件：

$ sudo chmod 777 /webapps/updateMe/run

$ sudo chmod 777 /webapps/updateMe/log

Now let’s try running the server using uwsgi.ini that we just created.

现在，让我们尝试使用刚刚创建的uwsgi.ini运行服务器。

(project_name)bunny@ip-172-31-5-231:~$ uwsgi --ini /webapps/updateMe/conf/uwsgi.ini

If everything up until now is setup correctly, then it should be running. If not, then you need to go back to check for anything you missed (like the path/project name, etc).

如果到目前为止的所有设置都正确设置，则它应该正在运行。 如果不是，那么您需要返回以检查是否缺少任何内容(例如路径/项目名称等)。

To check any uswgi log you can cat or tail uwsgi.log:

要查看任何uswgi日志，您可以猫或尾巴 uwsgi.log：

(project_name)bunny@ip-172-31-5-231:~$ tail log/uwsgi.log

为uWSGI创建系统单位文件 (Create a systemd Unit File for uWSGI)

At this point if everything is cool, you can even run this command in screen and detach it — but again, this is not a good practice at all. Instead we will create a system service and let systemd (Ubuntu’s service manager) take care of it.

此时，如果一切正常，您甚至可以在屏幕上运行此命令并将其分离-再次重申，这根本不是一个好习惯。 相反，我们将创建一个系统服务，并让systemd (Ubuntu的服务管理器)负责该服务。

切换回sudo用户 (Switch back to sudo user)

$ sudo nano /etc/systemd/system/uwsgi.service

and copy paste code from the below gist. Don’t forget to update and crosscheck names/path that suit your app:

并从下面的要点复制粘贴代码。 不要忘记更新和交叉检查适合您应用程序的名称/路径：

[Unit]
Description=uWSGI instance to serve updateMe project
After=network.target

[Service]
User=bunny
Group=webapps
WorkingDirectory=/webapps/project_name/src
Environment="PATH=/webapps/project_name/bin"
ExecStart=/webapps/project_name/bin/uwsgi --ini /webapps/project_name/conf/uwsgi.ini
Restart=always
KillSignal=SIGQUIT
Type=notify
NotifyAccess=all

[Install]
WantedBy=multi-user.target

After you save the above file and close it, you can run following commands:

保存上面的文件并关闭它后，可以运行以下命令：

Reload systemctl daemon to reload systemd manager configuration and recreate the entire dependency tree

重新加载systemctl守护程序以重新加载systemd管理器配置并重新创建整个依赖关系树

$ sudo systemctl daemon-reload

Enable uwsgi service to start on system reboot

启用uwsgi服务以在系统重新启动时启动

$ sudo systemctl enable uwsgi

Start uwsgi service

启动uwsgi服务

$ sudo service uwsgi start

Restart uwsgi service

重新启动uwsgi服务

$ sudo service uwsgi restart

Check uwsgi service status

检查uwsgi服务状态

$ sudo service uwsgi status

Take a deep breath here if everything ran smoothly. We just finished setting up most hectic part of this tutorial, so you should be proud.

如果一切顺利，请在这里深呼吸。 我们刚刚完成了本教程中最忙碌的部分的设置，因此您应该为此感到自豪。

Next we will setup NGINX, and then we’ll be done! I know this is taking a bit of time, but believe me — once done, you will be as happy as I will be after publishing this tutorial.

接下来，我们将设置NGINX，然后就可以完成！ 我知道这会花费一些时间，但是请相信我-完成后，您将和发布本教程后一样快乐。

在EC2上为uWSGI设置NGINX (Setting Up NGINX on EC2 for uWSGI)

NGINX is a lightweight server, and we’ll use it as a reverse proxy.

NGINX是一个轻量级的服务器，我们将其用作反向代理。

We could let uWSGI run directly on port 80, but NGINX has a lot more benefits which makes it desirable. Also NGINX natively includes support for uWSGI.

我们可以让uWSGI直接在端口80上运行，但是NGINX有很多好处 ，因此很可取。 NGINX本身也包含对uWSGI的支持 。

聊够了，让我们在实例上安装NGINX (Enough talk, let’s install NGINX on our instance)

$ sudo apt-get install nginx

Now when you go to http://your-public-ip-or-address, you will see a Nginx welcome page. This is because NGINX is listening to port 80 according to its default configuration.

现在，当您转到http：// your-public-ip-or-address时 ，您将看到一个Nginx欢迎页面。 这是因为NGINX正在根据其默认配置监听端口80。

NGINX has two directories, sites-available and sites-enabled, that need our attention. sites-available stores all conf files for all available sites on that particular instance. sites-enabled stores the symbolic link for each enabled site to the sites-available directory.

NGINX有两个目录， 可用 站点和启用站点， 需要我们的注意。 sites-available存储该特定实例上所有可用站点的所有conf文件。 网站启用 将每个启用站点的符号链接存储到sites-available目录。

By default, there is only one conf file named default that has basic setup for NGINX. You can either modify it or create a new one. In our case, I am going to delete it:

默认情况下，只有一个名为default的conf文件，它具有NGINX的基本设置。 您可以修改它或创建一个新的。 在我们的情况下，我将其删除：

$ sudo rm -rf /etc/nginx/sites-available/default

$ sudo rm -rf /etc/nginx/sites-enabled/default

Let’s create our nginx-uwsgi.conf file to connect the browser request to the uwsgi server we are running in site-available:

让我们创建nginx-uwsgi.conf文件，以将浏览器请求连接到我们在站点可用中运行的uwsgi服务器：

$ sudo nano /etc/nginx/sites-available/nginx-uwsgi.conf

and copy the following code from the gist below:

并从下面的要点复制以下代码：

upstream updateMe_dev {
    server unix:/webapps/updateMe/run/uwsgi.sock;
}

server {
    listen 80;
    server_name your-IP-or-address-here;
    charset utf-8;

    client_max_body_size 128M;

    location /static {
    # exact path to where your static files are located on server 
    # [mostly you won't need this, as you will be using some storage service for same]
        alias /webapps/updateMe/static_local;
    }

    location /media {
    # exact path to where your media files are located on server 
    # [mostly you won't need this, as you will be using some storage service for same]
        alias /webapps/updateMe/media_local;
    }

    location / {
        include uwsgi_params;
        uwsgi_pass updateMe_dev;
        uwsgi_read_timeout 300s;
        uwsgi_send_timeout 300s;
    }

    access_log /webapps/updateMe/log/dev-nginx-access.log;
    error_log /webapps/updateMe/log/dev-nginx-error.log;
}

创建符号链接到启用站点的目录中 (Create symbolic link into sites-enabled directory for same)

$ sudo ln -s /etc/nginx/sites-available/nginx-uwsgi.conf /etc/nginx/sites-enabled/nginx-uwsgi.conf

That’s all, we’re almost there, about to finish up…

仅此而已，我们快要完成了，…

重新加载systemctl守护程序 (Reload systemctl daemon)

$ sudo systemctl daemon-reload

在系统重启时启用Nginx服务 (Enable nginx service on system reboot)

$ sudo systemctl enable nginx

启动Nginx服务 (Start Nginx service)

$ sudo service nginx start

Test Nginx. It should return OK, Successful as a part of the result.

测试Nginx。 它应该返回OK，成功作为结果的一部分。

$ sudo nginx -t

If NGINX fails, you can check its last error-log or access-log on the path specified by us in its conf.

如果NGINX失败，您可以在我们在其conf中指定的路径上检查其最后的错误日志或访问日志。

$ tail -f /webapps/updateMe/log/nginx-error.log

$ tail -f /webapps/updateMe/log/nginx-access.log

重新启动Nginx服务 (Restart Nginx Service)

$ sudo service nginx restart

检查Nginx服务状态 (Check Nginx Service status)

$ sudo service nginx status

You should now be able to reach your app at http://your-public-ip-or-address

现在，您应该可以通过http：// your-public-ip-or-address访问您的应用

Well this is the end of this lengthy tutorial. I hope you got what you expected from it. Thanks for bearing with me.

好了，这是本篇冗长的教程的结尾。 希望您能从中得到期望。 感谢您的支持。

PS: uWSGI + NGINX + Django is highly customizable to meet any large scale requirements. That being said, core optimization still lies at application level. How you code and make use of Django ORM or Raw SQL query, etc. will help you further.

PS：uWSGI + NGINX + Django是高度可定制的，可以满足任何大规模的需求。 话虽如此，核心优化仍位于应用程序级别。 您如何编码和利用Django ORM或Raw SQL查询等将进一步帮助您。

翻译自: https://www.freecodecamp.org/news/django-uwsgi-nginx-postgresql-setup-on-aws-ec2-ubuntu16-04-with-python-3-6-6c58698ae9d3/

aws v2.2.exe