Develop Reference

How to create an x server with Singularity

Overall, I am trying to render images using Unity on a remote cluster.
The cluster does not have an X server; I don't have sudo permissions, or can start a Docker container, but I can start a Singularity container.
My plan is to create a container that would simulate the X Server. I created the following Singularity definition file:
Bootstrap: docker
From: nvidia/cuda:10.1-cudnn7-devel-ubuntu18.04
%post
# xvfb for rendering in headless mode
apt-get update
apt-get install -y xvfb mesa-utils xorg
echo "allowed_users = anybody" > /etc/X11/Xwrapper.config
I started the container with the option --containall. From the container, I launched the command /usr/bin/X :0, but it failed with the following error:
Singularity xvfb.sif:~> /usr/bin/X :0
_XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root
X.Org X Server 1.19.6
Release Date: 2017-12-20
X Protocol Version 11, Revision 0
Build Operating System: Linux 4.15.0-140-generic x86_64 Ubuntu
Current Operating System: Linux cooper 5.8.0-50-generic #56~20.04.1-Ubuntu SMP Mon Apr 12 21:46:35 UTC 2021 x86_64
Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.8.0-50-generic root=/dev/mapper/vgubuntu-root ro quiet splash vt.handoff=7
Build Date: 08 April 2021 01:57:21PM
xorg-server 2:1.19.6-1ubuntu4.9 (For technical support please see http://www.ubuntu.com/support)
Current version of pixman: 0.34.0
Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/home/pierre-louis/.local/share/xorg/Xorg.0.log", Time: Wed May 26 09:17:05 2021
(==) Using system config directory "/usr/share/X11/xorg.conf.d"
(EE)
Fatal server error:
(EE) parse_vt_settings: Cannot open /dev/tty0 (No such file or directory)
(EE)
(EE)
Please consult the The X.Org Foundation support
at http://wiki.x.org
for help.
(EE) Please also check the log file at "/home/pierre-louis/.local/share/xorg/Xorg.0.log" for additional information.
(EE)
(EE) Server terminated with error (1). Closing log file.
Not any /dev/tty* exist. Then I tried to launch startx, but only to get the same message error.
How can I launch an X Server using a Singularity image?

As mentioned in a separate discussion, Xvfb is not supposed to be start through startx or /usr/bin/X but rather with the supplied run script.

uWSGI + Gevent not receiving requests from Nginx

I'm new to uWSGI/gevent and I have a Python Flask Server with Flask-SocketIo sitting behind Nginx, and the server appears to freeze whenever gevent's loop engine runs. A sample output is shown below:
compiled with version: 7.5.0 on 15 April 2020 12:57:22
os: Linux-4.15.0-96-generic #97-Ubuntu SMP Wed Apr 1 03:25:46 UTC 2020
nodename: xxxxxxxxxx
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 1
current working directory: /home/admin/myapplication
detected binary path: /home/admin/myapplication/venv/bin/uwsgi
your processes number limit is 3838
your memory page size is 4096 bytes
detected max file descriptor number: 1024
- async cores set to 1000 - fd table size: 1024
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address connect.sock fd 3
Python version: 3.6.9 (default, Nov 7 2019, 10:44:02) [GCC 8.3.0]
Python main interpreter initialized at 0x55701b9d6e40
python threads support enabled
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 21036928 bytes (20543 KB) for 1000 cores
*** Operational MODE: async ***
WSGI app 0 (mountpoint='') ready in 1 seconds on interpreter 0x55701b9d6e40 pid: 2692 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 2692)
spawned uWSGI worker 1 (pid: 2710, cores: 1000)
*** running gevent loop engine [addr:0x557019f92410] ***
At this point, the program produces no further output, despite me attempting to access the page (where I get an Error 502 Bad Gateway).
The app is run via a service file, and it appears to work fine when I run the app directly from the command line. Can anyone identify the issue in my code? (Thanks in advance)
Here is a copy of my service files:
connect.service
[Unit]
Description= xxxxxxxxxxxx
After=network.target
[Service]
User=admin
Group=www-data
WorkingDirectory=/home/admin/myapplication
Environment="PATH=/home/admin/myapplication/venv/bin"
ExecStart=/home/admin/myapplication/venv/bin/uwsgi --ini service_files/connect.ini
[Install]
WantedBy=multi-user.target
connect.ini
[uwsgi]
module = wsgi:app
master = true
gevent = 1000
http-websockets = true
socket = connect.sock
chmod-socket = 660
vacuum = true
logto = /home/admin/myapplication/service_files/logs/uwsgi/%n.log
die-on-term = true
Nginx site
server {
listen 80;
server_name subdomain.domain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /home/admin/myapplication/service_files/connect.crt;
ssl_certificate_key /home/admin/myapplication/service_files/connect.key;
server_name subdomain.domain.com;
location / {
include uwsgi_params;
uwsgi_pass unix:///home/admin/myapplication/connect.sock;
}
location /socket.io/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
include uwsgi_params;
uwsgi_pass unix:///home/admin/myapplication/connect.sock;
}
}

The issue was due to a permission error (after more digging using the command sudo tail -30 /var/log/nginx/error.log)
Going to the connect.ini file and changing chmod-socket = 660 to chmod-socket = 666 solved the problem.

uWSGI +nginx setup - Dash (Plotly) Deployment

I’m new to flask and the deployment procedure
I have my dash.py setup as so
server = flask.Flask(__name__)
app = dash.Dash(__name__, server=server)
and my nginx file as such
server {
listen 80;
server_name localhost;
charset utf-8;
client_max_body_size 75M;
location / {try_files $uri #yourapplication; }
location #yourapplication {
include uwsgi_params;
uwsgi_pass unix:/var/www/School-Dashboard/dash_clean.sock;
}
}
…but i’m not sure what i have to set the module parameter to in my wsgi ini file.
[uwsgi]
#application's base folder
base = /var/www/School-Dahboard
#python module to import
module = dash_clean:app #?????? WHAT DO I DO HERE
#home = %(base)/venv
pythonpath = %(base)
#socket file's location
socket = /var/www/School-Dashboard/dash_clean.sock
#permissions for the socket file
chmod-socket = 660
#location of log files
logto = /var/log/uwsgi/%n.log
I keep getting a bad gateway error because of my uwsgi file.
This is the log from uwsgi.
Starting uWSGI 2.0.17.1 (64bit) on [Mon Nov 5 12:47:42 2018] ***
compiled with version: 5.4.0 20160609 on 03 November 2018 06:53:29
os: Linux-4.15.0-36-generic #39~16.04.1-Ubuntu SMP Tue Sep 25 08:59:23 UTC 2018
nodename: xxxxxxxx
machine: x86_64
clock source: unix
detected number of CPU cores: 4
current working directory: /var/www/School-Dashboard
detected binary path: /home/concent/.local/bin/uwsgi
!!! no internal routing support, rebuild with pcre support !!!
*** WARNING: you are running uWSGI without its master process manager ***
your processes number limit is 31145
your memory page size is 4096 bytes
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address /var/www/School-Dashboard/dash_clean.sock fd 3
Python version: 3.5.2 (default, Nov 23 2017, 16:37:01) [GCC 5.4.0 20160609]
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0x22b9330
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 72920 bytes (71 KB) for 1 cores
*** Operational MODE: single process ***
added /var/www/School-Dahboard to pythonpath.
WSGI app 0 (mountpoint='') ready in 1 seconds on interpreter 0x22b9330 pid: 20070 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI worker 1 (and the only) (pid: 20070, cores: 1)

So i've set up nginx as so...
server {
server_name 0.0.0.0;
listen 80;
root /home/ubuntu/school_dashboard;
client_max_body_size 200M;
include /etc/nginx/default.d/*.conf;
location /dependencies {
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_pass http://0.0.0.0:5005;
#index wsgi.py
include uwsgi_params;
uwsgi_pass unix:/home/ubuntu/school_dashboard/dependencies/urlgen.sock;
}
}
and my uwsgi file as....
[uwsgi]
module = dash_clean:server
master = true
processes = 5
socket = dashboard.sock
chmod-socket = 660
vacuum = true
die-on-term = true
I just had to change the module parameter

The module parameter should be
module = dash:server
This is because the module is actually the name of your python file that instantiates the flask application instance. In this case it's in your dash.py. Although, in your subsequent comments you seem to reference dash_clean.py, in that case it should be:
module = dash_clean:server
The part after the module name is the name of the "callable", or the name of the variable that is the flask application.
You define it in your code example as:
server = flask.Flask(__name__)
Alternatively, you could define them seperately in the ini
module = dash
callable = server

Unable to load app 0 (mountpoint='') (callable not found or import error)

I have the below error with nginx uWSGI Flask application on CentOS 7 Linux:
unable to load app 0 (mountpoint='') (callable not found or import error)
I have followed Digital Ocean tut as my first time with Linux, after original Udemy tut using earlier Centos version didnt seem to work. I was able to get 'Hello world' type basic Python file to run on uwsgi and nginx following the tut, then I see several people have this error but seem different solutions. I changed permissions recursively on a parent folder above the app as I thought permissions might be source of error:
sudo chmod -R 771 www
and also giving nginx access to ?my user group? as Dig Ocean tutorial advised:
sudo usermod -a -G will nginx
chmod 710 /home/will
uwsgi.ini file is following, where /var/www/html/CON29Application1/Source/app.py is the app I want to run, not sure if module line is correct syntax:
[uwsgi]
module = Source.app
master = true
socket = /var/www/html/CON29Application1/socket.sock
chmod-socket = 777
vacuum = true
processes = 8
threads = 8
harakiri = 15
logto = /var/www/html/CON29Application1/log/%n.log
die-on-term = true
Systemd file is this at /etc/systemd/system/CON29Application1.service:
[Unit]
Description=uWSGI instance to serve CON29Application1
After=network.target
[Service]
User=will
Group=nginx
WorkingDirectory=/var/www/html/CON29Application1
Environment="PATH=/var/www/html/CON29Application1/venv/bin"
ExecStart=/var/www/html/CON29Application1/venv/bin/uwsgi --ini uwsgi.ini
[Install]
WantedBy=multi-user.target
This is default.conf file at /etc/nginx/conf.d/default.conf (server IP I blanked in this post for security reasons):
server {
listen 80;
server_name 188.xxx.xxx.xxx;
location / {
include uwsgi_params;
uwsgi_pass unix:/var/www/html/CON29Application1/socket.sock;
uwsgi_modifier1 30;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
and this is app.py file:
from flask import Flask, render_template
...
app = Flask(__name__)
app.config.from_object('Source.config')
app.secret_key = "---------------------------------"
...
And sorry as I am not that sure which files are relevant to include, so here is also the full uwsgi.log file! Thanks for any ideas:
*** Starting uWSGI 2.0.15 (64bit) on [Wed Oct 4 13:26:19 2017] ***
compiled with version: 4.8.5 20150623 (Red Hat 4.8.5-16) on 02 October 2017 21:47:33
os: Linux-3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017
nodename: CON29Application1
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 1
current working directory: /var/www/html/CON29Application1
detected binary path: /var/www/html/CON29Application1/venv/bin/uwsgi
your processes number limit is 1792
your memory page size is 4096 bytes
*** WARNING: you have enabled harakiri without post buffering. Slow upload could be rejected on post-unbuffered webservers ***
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address /var/www/html/CON29Application1/socket.sock fd 3
Python version: 3.6.2 (default, Sep 27 2017, 16:30:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]
Python main interpreter initialized at 0x9acbd0
python threads support enabled
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 1304064 bytes (1273 KB) for 64 cores
*** Operational MODE: preforking+threaded ***
unable to load app 0 (mountpoint='') (callable not found or import error)
*** no app loaded. going in full dynamic mode ***
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 24254)
spawned uWSGI worker 1 (pid: 24259, cores: 8)
spawned uWSGI worker 2 (pid: 24260, cores: 8)
spawned uWSGI worker 3 (pid: 24261, cores: 8)
spawned uWSGI worker 4 (pid: 24262, cores: 8)
spawned uWSGI worker 5 (pid: 24263, cores: 8)
spawned uWSGI worker 6 (pid: 24264, cores: 8)
spawned uWSGI worker 7 (pid: 24265, cores: 8)
spawned uWSGI worker 8 (pid: 24266, cores: 8) 

Missing "kernel: Firewall" messages

Where are my iptables logging Blocked messages? I wonder if this is an OpenVZ issue or something from the scripted install. Note, I'm highly technical, but not a server admin. Could the OpenVZ host be blocking and logging outside of my VSP?
I have two newly installed machines running running text-mode CentOS 7 x64, yum up to date packages, and with iptables/CSF.
Also, I ensured machine #2 has all the packages that are on machine #1, though #2 has some extras.
OpenVZ VPS (installed with their image of CentOS 7 x64)
VMware VM (installed with official CentOS 7 x64 minimal mode)
I performed my extra installs/configs exactly the same on both machines, and I have these lines in /etc/csf/csf.conf
TESTING = "0"
TCP_IN = "22,80,443"
UDP_IN = ""
On the VM, I'm getting these /var/log/messages when I nmap scan it:
Apr 12 17:25:23 mach kernel: Firewall: *UDP_IN Blocked* IN=ens192 OUT= ...
Apr 12 17:25:55 mach kernel: Firewall: *TCP_IN Blocked* IN=ens192 OUT= ...
On the VPS, I'm NOT getting any Firewall /var/log/messages when I nmap scan it... but I think it is properly blocking traffic.
How do I even proceed/diagnose this?