-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow nginx to access to the unicorn socket #10
Conversation
Thank you for the pull request. I'm not sure we will implement it like this as it gives everybody access to the socket. |
Thanks! I'll go ahead and close this. |
Any ETA on a fix on this? (Just realized via the forum post that adding |
a fix for this problem was published today with the new agent (version 106). You can check the installed agent version with |
I'm assuming running an update dependencies command will update the agent. Trying that now :) |
Your agent will update itself automatically within 24h, update dependencies will not do it. |
I just stopped and restarted the instance, all is well (other than OpsWorks still showing a spinner next to "shutdown", but I figure it'll eventually decide to put an X there or something) :) Thanks! |
I am still seeing this issue 😦 |
I'll check this and get back to you |
I just tested it and could not reproduce it. Did you app worked at some point? Can you post a gist with the chef log showing the failure? |
@awsrequena It worked the week before last, but only after following some of the information on the aws discussion group. I killed the original instances and had OpsWorks make new instances and since then they have these With my fork of this repository: https://gist.github.com/tjhanley/9e9c83a235d2063ab107 Gist with the stock opsworks-cookbooks repository: https://gist.github.com/tjhanley/054f959d8b1d64599e41 |
I'm on version 206 and seem to be getting the same issue. Is there a way of forcing a rebuild of the instance? |
If you are instance store, stop and start the instance. If you are not instance store, start a new instance in the same layer, boot it, and check if the problem is resolved. If so, terminate the old one from the OpsWorks console (stop -> delete). I haven't had this problem in some time, and I ditched the "group": "nginx" part. |
I actually only started using OpsWorks yesterday, so was quite surprised that I had the issue. Also, I'm using Ubuntu 12.04, so I think the group has to be set to "www-data". I was finding that Unicorn was in the to "www-data" group whereas nginx was in the "nginx" group. Killing the instances and remaking them seems to have sorted the problem, although I have no idea if the group has had any impact. Thanks for the help. |
Nginx and Unicorn both need to be the same group, which is probably "nginx" in your case. Is is possible you picked Apache then switched to Nginx without a relaunch? |
No, actually. I picked Unicorn/Nginx right from the start. I believe this line is causing the difference for Ubuntu/Debian: https://github.com/aws/opsworks-cookbooks/blob/master-chef-11.4/deploy/attributes/deploy.rb#L8 Probably just a convention thing - most Deb/Ubuntu stuff uses www-data. |
Note, the default value of the `mlockall` attribute is `false` [elastic/elasticsearch#567]. However, in production environment, it is _highly_ recommended to run with a `mlockall:true` setting -- thus the cookbook sets it to `true`. If you encounter problems, try running with `mlockall:false`. Closes #10.
I have exactly the issue described here:
https://forums.aws.amazon.com/thread.jspa?threadID=118236
Nginx can't write to the unicorn socket because of the shared/sockets directory's permissions.
Example error message:
...connect() to unix:/srv/www/myapp/shared/sockets/unicorn.sock failed (13: Permission denied) while connecting to upstream, client: 10.158.40.157, server: myapp.com, request: "OPTIONS / HTTP/1.0", upstream: "http://unix:/srv/www/myapp/shared/sockets/unicorn.sock:/"
This proposed change expands the permissions on the sockets directory. Thanks for considering it!