Во-первых, я использую серверную среду:
- разорвать: django + nginx + uwsgi
- облако: докер + AWS ECS
- ведение журнала: сервис журналов AWS CloudWatch + стороннее приложение Watchtower
это код проекта
https://github.com/byunghyunpark/django-log-test
Вопрос
Я использую стороннее приложение django watchtower для использования службы журнала AWS Cloudwatch. Если я настрою обработчик ведения журнала на сторожевую башню, загружу образ докера в службу ECS и запущу задачу, она все равно вернет ошибку 500.
500 ошибка Если вы проверите журнал
/tmp/uwsgi.log
*** Operational MODE: single process ***
DEBUG = False
DEV = False
TEST = False
LMS_MESSAGE = False
STATIC_S3 = True
DJANGO_LOG_LEVEL = INFO
Traceback (most recent call last):
File "/usr/lib/python3.5/logging/config.py", line 558, in configure
handler = self.configure_handler(handlers[name])
File "/usr/lib/python3.5/logging/config.py", line 731, in configure_handler
result = factory(**kwargs)
File "/usr/local/lib/python3.5/dist-packages/watchtower/__init__.py", line 78, in __init__
self.cwl_client = (boto3_session or boto3).client("logs")
File "/usr/local/lib/python3.5/dist-packages/boto3/__init__.py", line 83, in client
return _get_default_session().client(*args, **kwargs)
File "/usr/local/lib/python3.5/dist-packages/boto3/session.py", line 263, in client
aws_session_token=aws_session_token, config=config)
File "/usr/local/lib/python3.5/dist-packages/botocore/session.py", line 836, in create_client
client_config=config, api_version=api_version)
File "/usr/local/lib/python3.5/dist-packages/botocore/client.py", line 70, in create_client
verify, credentials, scoped_config, client_config, endpoint_bridge)
File "/usr/local/lib/python3.5/dist-packages/botocore/client.py", line 224, in _get_client_args
verify, credentials, scoped_config, client_config, endpoint_bridge)
File "/usr/local/lib/python3.5/dist-packages/botocore/args.py", line 45, in get_client_args
endpoint_url, is_secure, scoped_config)
File "/usr/local/lib/python3.5/dist-packages/botocore/args.py", line 103, in compute_client_args
service_name, region_name, endpoint_url, is_secure)
File "/usr/local/lib/python3.5/dist-packages/botocore/client.py", line 297, in resolve
service_name, region_name)
File "/usr/local/lib/python3.5/dist-packages/botocore/regions.py", line 122, in construct_endpoint
partition, service_name, region_name)
File "/usr/local/lib/python3.5/dist-packages/botocore/regions.py", line 135, in _endpoint_for_partition
raise NoRegionError()
botocore.exceptions.NoRegionError: You must specify a region.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "./mysite/wsgi.py", line 16, in <module>
application = get_wsgi_application()
File "/usr/local/lib/python3.5/dist-packages/django/core/wsgi.py", line 13, in get_wsgi_application
django.setup(set_prefix=False)
File "/usr/local/lib/python3.5/dist-packages/django/__init__.py", line 22, in setup
configure_logging(settings.LOGGING_CONFIG, settings.LOGGING)
File "/usr/local/lib/python3.5/dist-packages/django/utils/log.py", line 75, in configure_logging
logging_config_func(logging_settings)
File "/usr/lib/python3.5/logging/config.py", line 795, in dictConfig
dictConfigClass(config).configure()
File "/usr/lib/python3.5/logging/config.py", line 566, in configure
'%r: %s' % (name, e))
ValueError: Unable to configure handler 'watchtower': You must specify a region.
unable to load app 0 (mountpoint='') (callable not found or import error)
*** no app loaded. going in full dynamic mode ***
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 22)
spawned uWSGI worker 1 (pid: 33, cores: 1)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/1] 123.212.195.148 () {40 vars in 738 bytes} [Mon Jun 5 10:43:13 2017] GET / => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/2] 123.212.195.148 () {40 vars in 756 bytes} [Mon Jun 5 10:43:13 2017] GET /favicon.ico => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/3] 54.167.97.82 () {36 vars in 515 bytes} [Mon Jun 5 11:22:42 2017] GET / => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/4] 91.196.50.33 () {38 vars in 613 bytes} [Mon Jun 5 12:03:20 2017] GET /testproxy.php => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/5] 123.212.195.148 () {40 vars in 738 bytes} [Mon Jun 5 14:01:04 2017] GET / => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/6] 123.212.195.148 () {40 vars in 756 bytes} [Mon Jun 5 14:01:04 2017] GET /favicon.ico => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/7] 123.212.195.148 () {42 vars in 769 bytes} [Mon Jun 5 14:06:48 2017] GET / => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/8] 123.212.195.148 () {44 vars in 809 bytes} [Mon Jun 5 14:06:48 2017] GET /favicon.ico => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/9] 123.212.195.148 () {42 vars in 769 bytes} [Mon Jun 5 14:06:49 2017] GET / => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/10] 123.212.195.148 () {44 vars in 809 bytes} [Mon Jun 5 14:06:49 2017] GET /favicon.ico => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
[pid: 33|app: -1|req: -1/11] 123.212.195.148 () {42 vars in 769 bytes} [Mon Jun 5 14:06:49 2017] GET / => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
Роль задачи IAM была назначена администратору при создании определения задачи.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
]
}
Однако контейнер по-прежнему не взаимодействует с учетными данными.
Если я изменю обработчик ведения журнала на значение по умолчанию (консоль), сервер nginx будет работать нормально. Если я запускаю контейнер докеров с docker run -v $ HOME / .aws: /root/.aws --rm -it -p 9090: 80 image_name
в локальном режиме, nginx будет работать нормально, а ведение журнала будет нормально работать в службе журналов Cloudwatch.
Только в среде ECS происходит сбой аутентификации.
Нужно ли мне выполнять другие настройки помимо ролей IAM?