Flask 应用程序在开发服务器上工作,但在使用 mod_wsgi 部署在 httpd 上时遇到问题

Flask app working on dev server but facing issues when deployed on httpd with mod_wsgi

我得到了一项我参加的 Python 培训的作业。我使用 flask 1.0/python3.6 为我的一个项目构建了一个简单的应用程序。我的应用程序需要实现以下目标:

  1. 通过大学内部应用程序调用 API。
  2. 运行在Oracle db上查询数据库并在网页上显示数据。

我在后端编写了一堆函数 (python) 来实现这一点,并且我正在使用 ajax 来调用这些函数。 Flask 开发服务器中的一切 运行 都很好。现在我需要将它移动到生产服务器,我正在使用 mod_wsgi 和 httpd 来实现这一点。经过一番努力,我在生产服务器上获得了我的应用程序 运行,但是我的 python 代码失败并出现 500 错误,而 运行 两个功能。

jquery.min.js:4 POST http://server.com/flaskprod/requestbots 500 (INTERNAL SERVER ERROR)

POST http://server.com/flaskprod/home 500 (INTERNAL SERVER ERROR)

我检查了 apache httpd error_log,我看到以下错误。

调用时出错 API:

  [Mon Jul 02 13:48:41.302510 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]   File "/var/www/flask-prod/flaskprod.py", line 230, in createCM
[Mon Jul 02 13:48:41.302513 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]     r = requests.post(URL, auth=creds, data=json.dumps(DATAS), proxies=proxies, headers=headers)
[Mon Jul 02 13:48:41.302515 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]   File "/usr/local/lib/python3.6/site-packages/requests/api.py", line 112, in post
[Mon Jul 02 13:48:41.302517 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]     return request('post', url, data=data, json=json, **kwargs)
[Mon Jul 02 13:48:41.302519 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]   File "/usr/local/lib/python3.6/site-packages/requests/api.py", line 58, in request
[Mon Jul 02 13:48:41.302522 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]     return session.request(method=method, url=url, **kwargs)
[Mon Jul 02 13:48:41.302524 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]   File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 508, in request
[Mon Jul 02 13:48:41.302526 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]     resp = self.send(prep, **send_kwargs)
[Mon Jul 02 13:48:41.302528 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]   File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 618, in send
[Mon Jul 02 13:48:41.302530 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]     r = adapter.send(request, **kwargs)
[Mon Jul 02 13:48:41.302532 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]   File "/usr/local/lib/python3.6/site-packages/requests/adapters.py", line 502, in send
[Mon Jul 02 13:48:41.302539 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212]     raise ProxyError(e, request=request)
[Mon Jul 02 13:48:41.302546 2018] [wsgi:error] [pid 18202] [remote 1.1.1.1:1212] requests.exceptions.ProxyError: HTTPSConnectionPool(host='exampleee.com', port=443): Max retries exceeded with url: /api/now/change/change_req (Caused by ProxyError('Cannot connect to proxy.', NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fac76d37eb8>: Failed to establish a new connection: [Errno 13] Permission denied',)))

查询数据库时出错:

    [Mon Jul 02 13:51:23.148685 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]   File "/usr/local/lib/python3.6/site-packages/flask/app.py", line 2292, in wsgi_app
[Mon Jul 02 13:51:23.148687 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]     response = self.full_dispatch_request()
[Mon Jul 02 13:51:23.148690 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]   File "/usr/local/lib/python3.6/site-packages/flask/app.py", line 1815, in full_dispatch_request
[Mon Jul 02 13:51:23.148693 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]     rv = self.handle_user_exception(e)
[Mon Jul 02 13:51:23.148695 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]   File "/usr/local/lib/python3.6/site-packages/flask/app.py", line 1718, in handle_user_exception
[Mon Jul 02 13:51:23.148698 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]     reraise(exc_type, exc_value, tb)
[Mon Jul 02 13:51:23.148700 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]   File "/usr/local/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
[Mon Jul 02 13:51:23.148702 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]     raise value
[Mon Jul 02 13:51:23.148705 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]   File "/usr/local/lib/python3.6/site-packages/flask/app.py", line 1813, in full_dispatch_request
[Mon Jul 02 13:51:23.148707 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]     rv = self.dispatch_request()
[Mon Jul 02 13:51:23.148709 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]   File "/usr/local/lib/python3.6/site-packages/flask/app.py", line 1799, in dispatch_request
[Mon Jul 02 13:51:23.148711 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]     return self.view_functions[rule.endpoint](**req.view_args)
[Mon Jul 02 13:51:23.148714 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]   File "/var/www/flask-prod/flaskprod.py", line 97, in get_cms_requested_for_approval
[Mon Jul 02 13:51:23.148716 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]     CMREQ = connect_bcc(queryCMREQ)
[Mon Jul 02 13:51:23.148718 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]   File "/var/www/flask-prod/flaskprod.py", line 86, in connect_bcc
[Mon Jul 02 13:51:23.148721 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]     connection = cx_Oracle.connect(bccConnectionString)
[Mon Jul 02 13:51:23.148725 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212] cx_Oracle.DatabaseError: DPI-1047: 64-bit Oracle Client library cannot be loaded: "libclntsh.so: cannot open shared object file: No such file or directory". See https://oracle.github.io/odpi/doc/installation.html#linux for help
[Mon Jul 02 13:51:23.148750 2018] [wsgi:error] [pid 18200] [remote 1.1.1.1: 1212]

P.S flask 开发服务器中的一切 运行 都很好。那里没有问题。我在下面添加了更多信息。

这是我的配置文件:

WSGIPassAuthorization On

WSGIScriptAlias /flaskprod /var/www/flask-prod/flaskprod.wsgi

WSGIDaemonProcess flaskprod user=cld group=users processes=5 threads=5 maximum-requests=1000 umask=0007
WSGIProcessGroup flaskprod
WSGISocketPrefix /var/run/wsgi

<Directory /var/www/flask-prod/>
Order allow,deny
Allow from all
</Directory>

我的 python 代码片段:

def connect_bcc(query):
    connectionString = 'bla bla'
    connection = cx_Oracle.connect(connectionString)
    cursor = connection.cursor()
    cursor.execute(query)
    return cursor.fetchall()
    cursor.close()
    connection.close()

 @app.route('/requestbots', methods=['GET','POST'])
 def get_cms_requested_for_approval():
    if request.method == "POST":
        queryCMREQFORAPPRVL = "SELECT * FROM....."
        CMREQ = connect_bcc(queryCMREQ)

        print (CM)
        return json.dumps({'CM': CM})

js代码片段:

function getResult() {
        $.ajax({
                type: "POST",
                url: $SCRIPT_ROOT + "/requestbots".....bla bla
         })
}

所以,我想通了。耶互联网!我花了一段时间寻找这个问题的答案,所以在下面提到了所有细节。

这两个问题都与 SELinux 有关。如果您想知道那是什么 - Security-Enhanced Linux 是一个 Linux 内核安全模块,它提供了一种支持访问控制安全策略的机制。

如果您 运行 遇到类似问题,请检查与您的网络服务器相关的各种布尔值的 SELinux 布尔值:

getsebool -a | grep httpd

对我来说,下面两个参数是关闭的。

httpd_can_network_connect --> off
httpd_can_network_connect_db --> off

我使用以下命令打开了它们。

setsebool httpd_can_network_connect on -P

setsebool httpd_can_network_connect_db on -P

 (-P is used to make the change persisting)

就是这样。现在一切都很顺利。