nginxunix-socketselinuxuvicornrhel8

Uvicorn behind Nginx


I'm starting with starlette and uvicorn. A RHEL8 EC2 server runs Nginx and then uvicorn. The (minimal) App is (note the two alternatives lines uvicorn.run(...)):

import uvicorn
from starlette.applications import Starlette
from starlette.responses import JSONResponse
from starlette.routing import Route

async def homepage(request):
    return JSONResponse({'hello': 'world'})


app = Starlette(debug=True, routes=[
    Route('/', homepage),
])
if __name__ == '__main__':
    #uvicorn.run(app, port=8000, host='127.0.0.1',uds='/tmp/uvicorn.sock')
    uvicorn.run(app, port=8000, host='127.0.0.1')

The /etc/nginx/nginx.conf looks like this:

events{}
http {
  server {
    listen 80;
    client_max_body_size 4G;

    server_name myserver.com;

    location / {
      proxy_set_header Host $http_host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection $connection_upgrade;
      proxy_redirect off;
      proxy_buffering off;
      proxy_pass http://uvicorn;
    }

#    location /static {
#      # path for static files
#      root /path/to/app/static;
#    }
  }

  map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
  }

  upstream uvicorn {
    server unix:/tmp/uvicorn.sock;
  }
}

The App starts:

INFO:     Started server process [126715]
INFO:     Waiting for application startup.
INFO:     Application startup complete.
INFO:     Uvicorn running on http://127.0.0.1:8000 (Press CTRL+C to quit)
INFO:     127.0.0.1:42584 - "GET / HTTP/1.1" 200 OK

And curl yields:

[root@ip-xxx ~]# curl 127.0.0.1:8000
{"hello":"world"}[root@ip-xxx ~]# 

Alternatively, running with the unix socket also starts:

[root@ip-xxx tstApp]# python3.7 example.py
INFO:     Started server process [126768]
INFO:     Waiting for application startup.
INFO:     Application startup complete.
INFO:     Uvicorn running on unix socket /tmp/uvicorn.sock (Press CTRL+C to quit)

But, if I connect to my server via Nginx... no way:

502 Bad Gateway

So the App, uvicorn and Nginx are running, but everything is not communicating together. What am I missing ? Any help would be welcome. In advance thank you.

EDITED:

nginx.service file:

[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=mixed
#PrivateTmp=true
PrivateTmp=false

[Install]
WantedBy=multi-user.target

Solution

  • During tests, disabling SElinux solves the problem.

    SELINUX=disabled