This question already has answers here:
Are a WSGI server and HTTP server required to serve a Flask app?
(3 answers)
Closed 1 year ago.
This post was edited and submitted for review 1 year ago and failed to reopen the post:
Original close reason(s) were not resolved
I am trying to run a python flask app in https mode in openshift 4.7. I have my python flask app listening at port 8080 and this port is exposed through dockerFile configuration as shown below. I have redirected the https requests through the configuration in Openshift console by doing Service Port Mapping for https port 443 to pod port 8080. You can configure this by going to Openshift Console > Project > Services > Service Details and select your app. But still I can't access the service in https mode. When I try to access in https mode I get the error The application is currently not serving requests at this endpoint. It may not have been started or is still starting.
When I do normal deployment through oc cli and do not do any ssl configuration through openshift console, the app works fine in http mode. Please advise on how to run this in https mode
my app.py code is below
from flask import Flask, jsonify, request, redirect
app = Flask(__name__)
#app.route('/<string:name>/')
def helloName(name):
print(request)
return "Hello " + name
if __name__ == "__main__":
app.run(host='0.0.0.0', port=8080, debug = True)
my Dockerfile content is as below and I am exposing port 8080 from it
# set base image
FROM registry.redhat.io/rhel8/python-38
# copy the dependencies file to the working directory
COPY requirements.txt .
# Configure PIP with local Nexus
ENV PIP_TRUSTED-HOST=nexus.company.com:8443
ENV PIP_INDEX=https://nexus.company.com:8443/repository/pypi-group/pypi
ENV PIP_INDEX-URL=https://nexus.company.com:8443/repository/pypi-group/simple
ENV PIP_NO-CACHE-DIR=false
ENV PIP_TIMEOUT=600
RUN touch ~/.netrc && \
echo "machine nexus.company.com" >> ~/.netrc && \
echo "login ${NEXUS_USER}" >> ~/.netrc && \
echo "password ${NEXUS_TOKEN}" >> ~/.netrc
# install dependencies
RUN pip install -U pip \
pip install -r requirements.txt
# copy the content of the local src directory to the working directory
COPY src/ .
EXPOSE 8080
# command to run on container start
CMD [ "python3", "./app.py" ]
Requirements.txt has only Flask
Two things here:
With host="0.0.0.0" Flask listens to the IP of the machine it is running on. I think changing this to 127.0.0.1 should be good.
app.run(host='127.0.0.1', port=8080, debug = True)
Probably even more important, the .run() method from Flask is only for development, for production you should use something like gunicorn or something.
link: https://gunicorn.org/
Cheers, T
I'm not sure if this is Flask specific, but when I run an app in dev mode (http://localhost:5000), I cannot access it from other machines on the network (with http://[dev-host-ip]:5000). With Rails in dev mode, for example, it works fine. I couldn't find any docs regarding the Flask dev server configuration. Any idea what should be configured to enable this?
While this is possible, you should not use the Flask dev server in production. The Flask dev server is not designed to be particularly secure, stable, or efficient. See the docs on deploying for correct solutions.
The --host option to flask run, or the host parameter to app.run(), controls what address the development server listens to. By default it runs on localhost, change it to flask run --host=0.0.0.0 (or app.run(host="0.0.0.0")) to run on all your machine's IP addresses.
0.0.0.0 is a special value that you can't use in the browser directly, you'll need to navigate to the actual IP address of the machine on the network. You may also need to adjust your firewall to allow external access to the port.
The Flask quickstart docs explain this in the "Externally Visible Server" section:
If you run the server you will notice that the server is only
accessible from your own computer, not from any other in the network.
This is the default because in debugging mode a user of the
application can execute arbitrary Python code on your computer.
If you have the debugger disabled or trust the users on your network,
you can make the server publicly available simply by adding
--host=0.0.0.0 to the command line:
$ flask run --host=0.0.0.0
This tells your operating system to listen on all public IPs.
If you use the flask executable to start your server, use flask run --host=0.0.0.0 to change the default from 127.0.0.1 and open it up to non-local connections.
If you run the server you will notice that the server is only
accessible from your own computer, not from any other in the network.
This is the default because in debugging mode a user of the
application can execute arbitrary Python code on your computer.
If you have the debugger disabled or trust the users on your network,
you can make the server publicly available simply by adding
--host=0.0.0.0 to the command line:
$ flask run --host=0.0.0.0
This tells your operating system to listen on all public IPs.
Reference: https://flask.palletsprojects.com/quickstart/
Try this if the 0.0.0.0 method doesn't work
Boring Stuff
I personally battled a lot to get my app accessible to other devices(laptops and mobile phones) through a local-server. I tried the 0.0.0.0 method, but no luck. Then I tried changing the port, but it just didn't work. So, after trying a bunch of different combinations, I arrived to this one, and it solved my problem of deploying my app on a local server.
Steps
Get the local IPv4 address of your computer.
This can be done by typing ipconfig on Windows and ifconfig on Linux
and Mac.
Please note: The above step is to be performed on the machine you are serving the app on, and on not the machine on which you are accessing it. Also note, that the IPv4 address might change if you disconnect and reconnect to the network.
Now, simply run the flask app with the acquired IPv4 address.
flask run -h 192.168.X.X
E.g. In my case (see the image), I ran it as:
flask run -h 192.168.1.100
On my mobile device
Optional Stuff
If you are performing this procedure on Windows and using Power Shell as the CLI, and you still aren't able to access the website, try a CTRL + C command in the shell that's running the app. Power Shell gets frozen up sometimes and it needs a pinch to revive. Doing this might even terminate the server, but it sometimes does the trick.
That's it. Give a thumbs up if you found this helpful.😉
Some more optional stuff
I have created a short Powershell script that will get you your IP address whenever you need one:
$env:getIp = ipconfig
if ($env:getIp -match '(IPv4[\sa-zA-Z.]+:\s[0-9.]+)') {
if ($matches[1] -match '([^a-z\s][\d]+[.\d]+)'){
$ipv4 = $matches[1]
}
}
echo $ipv4
Save it to a file with .ps1 extension (for PowerShell), and run it on before starting your app. You can save it in your project folder and run it as:
.\getIP.ps1; flask run -h $ipv4
Note: I saved the above shellcode in getIP.ps1.
Cool.👌
Add host='0.0.0.0' to app.run`.
if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000)
If you get OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions on Windows, you either don't have permission to use the port, or something else is using it which you can find with netstat -na|findstr 5000.
Check whether the particular port is open on the server to serve the client or not?
in Ubuntu or Linux distro
sudo ufw enable
sudo ufw allow 5000/tcp //allow the server to handle the request on port 5000
Configure the application to handle remote requests
app.run(host='0.0.0.0' , port=5000)
python3 app.py & #run application in background
If your cool app has it's configuration loaded from an external file, like in the following example, then don't forget to update the corresponding config file with HOST="0.0.0.0"
cool.app.run(
host=cool.app.config.get("HOST", "localhost"),
port=cool.app.config.get("PORT", 9000)
)
If you're having troubles accessing your Flask server, deployed using PyCharm, take the following into account:
PyCharm doesn't run your main .py file directly, so any code in if __name__ == '__main__': won't be executed, and any changes (like app.run(host='0.0.0.0', port=5000)) won't take effect.
Instead, you should configure the Flask server using Run Configurations, in particular, placing --host 0.0.0.0 --port 5000 into Additional options field.
More about configuring Flask server in PyCharm
You can also set the host (to expose it on a network facing IP address) and port via environment variables.
$ export FLASK_APP=app.py
$ export FLASK_ENV=development
$ export FLASK_RUN_PORT=8000
$ export FLASK_RUN_HOST=0.0.0.0
$ flask run
* Serving Flask app "app.py" (lazy loading)
* Environment: development
* Debug mode: on
* Running on https://0.0.0.0:8000/ (Press CTRL+C to quit)
* Restarting with stat
* Debugger is active!
* Debugger PIN: 329-665-000
See How to get all available Command Options to set environment variables?
Go to your project path on CMD(command Prompt) and execute the following command:-
set FLASK_APP=ABC.py
SET FLASK_ENV=development
flask run -h [yourIP] -p 8080
you will get following o/p on CMD:-
Serving Flask app "expirement.py" (lazy loading)
Environment: development
Debug mode: on
Restarting with stat
Debugger is active!
Debugger PIN: 199-519-700
Running on http://[yourIP]:8080/ (Press CTRL+C to quit)
Now you can access your flask app on another machine using http://[yourIP]:8080/ url
For me i followed the above answer and modified it a bit:
Just grab your ipv4 address using ipconfig on command prompt
Go to the file in which flask code is present
In main function write app.run(host= 'your ipv4 address')
Eg:
Create file .flaskenv in the project root directory.
The parameters in this file are typically:
FLASK_APP=app.py
FLASK_ENV=development
FLASK_RUN_HOST=[dev-host-ip]
FLASK_RUN_PORT=5000
If you have a virtual environment, activate it and do a pip install python-dotenv .
This package is going to use the .flaskenv file, and declarations inside it will be automatically imported across terminal sessions.
Then you can do flask run
This answer is not solely related with flask, but should be applicable for all cannot connect service from another host issue.
use netstat -ano | grep <port> to see if the address is 0.0.0.0 or ::. If it is 127.0.0.1 then it is only for the local requests.
use tcpdump to see if any packet is missing. If it shows obvious imbalance, check routing rules by iptables.
Today I run my flask app as usual, but I noticed it cannot connect from other server. Then I run netstat -ano | grep <port>, and the local address is :: or 0.0.0.0 (I tried both, and I know 127.0.0.1 only allows connection from the local host). Then I used telnet host port, the result is like connect to .... This is very odd. Then I thought I would better check it with tcpdump -i any port <port> -w w.pcap. And I noticed it is all like this:
Then by checking iptables --list OUTPUT section, I could see several rules:
these rules forbid output tcp vital packets in handshaking. By deleting them, the problem is gone.
I had the same problem, I use PyCharm as an editor and when I created the project, PyCharm created a Flask Server. What I did was create a server with Python in the following way;
basically what I did was create a new server but flask if not python
I hope it helps you
This finally worked for me.
import os
Then place this at the end of your python app.py or main file.
if __name__ == "__main__":
port = int(os.environ.get("PORT", 5000))
app.run(host='0.0.0.0', port=port)
go to project path
set FLASK_APP=ABC.py
SET FLASK_ENV=development
flask run -h [yourIP] -p 8080
you will following o/p on CMD:-
* Serving Flask app "expirement.py" (lazy loading)
* Environment: development
* Debug mode: on
* Restarting with stat
* Debugger is active!
* Debugger PIN: 199-519-700
* Running on http://[yourIP]:8080/ (Press CTRL+C to quit)
If none of the above solutions are working, try manually adding "http://" to the beginning of the url.
Chrome can distinguish "[ip-address]:5000" from a search query. But sometimes that works for a while, and then stops connecting, seemingly without me changing anything. My hypothesis is that the browser might sometimes automatically prepend https:// (which it shouldn't, but this fixed it in my case).
In case you need to test your app from an external network.
Simply serve it to the whole Internet with ngrok.com
which will deploy it like a dev server but in no time and locally, saved me a lot of time, and no, I'm not related to that company :)
Just make sure to change the port in your flask app:
app.run(host='0.0.0.0', port=80)
We are trying to set up NGINX as a reverse proxy to our Gunicorn Python application. We have been following this Guide from Digital Ocean (https://www.digitalocean.com/community/tutorials/how-to-serve-flask-applications-with-gunicorn-and-nginx-on-ubuntu-16-04#create-a-systemd-unit-file). Both Gunicorn and NGINX are running on the same Ubuntu 16.04 32-bit virtual machine.
All of the posts we've seen online dealing with this type of permissions issue seem to point to the wrong "Group" setting in the service file, or to wrong permissions on the socket file. But as you can see below, we have the group set to "www-data". The socket file appears to have the necessary permissions and www-data is the owner.
What we currently have set (I've replaced our app name with "app"):
run.py
from flask import current_app
import os
from os import path
from application import app
from instance.config import Config
if __name__ == '__main__':
conf = Config()
app.run(host='0.0.0.0', debug=False, threaded=True)
/etc/systemd/system/app.service
[Unit]
Description=Application
After=network.target
[Service]
User=<root>
Group=www-data
WorkingDirectory=/home/<root>/app
Environment="PATH=/home/<root>/venv/bin"
ExecStart=/home/<root>/venv/bin/gunicorn --workers 3 --bind unix:app.sock -m 007 run:app
[Install]
WantedBy=multi-user.target
/etc/nginx/sites-available/app
server {
listen 80;
server_name app.com;
location / {
include proxy_params;
proxy_pass http://unix:/home/<root>/app/app.sock;
}
}
/var/log/nginx/error.log
2020/06/05 16:49:22 [crit] 2176#2176: *1 connect() to unix:/home/<root>/app/app.sock failed (13: Permission denied) while connecting to upstream, client: 10.0.2.2, server: app.com, request: "GET / HTTP/1.1", upstream: "http://unix:/home/<root>/app/app.sock:/", host: "app.com"
Here are the permissions on the socket file:
gsi#ubuntu:~/app$ ls -l app.sock
srwxrwx--- 1 <root> www-data 0 Jun 5 16:10 app.sock
We're new to NGINX so we're not quite sure what the issue is or how to troubleshoot this. Can anyone see where we're going wrong here? Please let us know if there's additional info we can provide.
I just ran into this problem. I was able to create the gunicorn socket file, but nginx complained about permission denied. The issue was that my socket file was in a sub-folder and the root folder did not have read or execute permissions. So even though the sub-folder had the correct permissions, the root folder prevented nginx from entering the sub-folder.
The solution was to add read and execute permissions to the root folder:
chmod o+rx /example_root_folder
We were able to resolve this by giving the www-data group access to the full application folder: sudo chgrp www-data ~/app. It already had access to the socket file specifically, but not the application folder.
I didn't think this was necessary since we specified the root user as the owner of the service. The root user already had access to the app folder and the instructions we were following didn't have steps for setting up the group access.
I don't have a lot of experience with Linux permissions/ownership though so this might be obvious to most experienced users.
Instead of entering app.com in the server name, try entering the IP address of the host machine and see if that works on the machine itself by running:
$curl <IP address of the host machine>
If still it doesn't work, I have written an article on the same, try to implement it using that and let me know if it works!
Hope it helps! :)
I am new to Python . I hosted the Flask app which will be accepting a POST request with Gunicorn on Nginx Server on EC2 instance.
When I post on the route I am getting error as :
1578#0: *14 upstream prematurely closed connection while reading response header from upstream, client: myip, server: serverip, request: "POST /train HTTP/1.1", upstream: "http://unix:/home/ec2-user/myproject/myproject.sock:/save_data", host: "serverip"
The POST request is not from the same domain and will always be from some other domain. Do I need to add something on my nginx.conf file?
Everything works fine when I run app using the command python app.py
I was able to solve this issue. This wasn't related to my NGINX configuration (which I initially thought was the cause).
The problem resided in my Gunicorn configuration file.
In my Gunicorn config file (/etc/systemd/system/myproject.service), I added the following to my ExecStart line:
--timeout 600
The file now looks like this:
[Unit]
Description=Gunicorn instance to serve myproject
After=network.target
[Service]
User=harrison
Group=www-data
WorkingDirectory=/home/harrison/myproject
Environment="PATH=/home/harrison/myproject/myprojectenv/bin"
ExecStart=/home/harrison/myproject/myprojectenv/bin/gunicorn --workers 3 --timeout 600 --bind unix:myproject.sock -m 007 wsgi:application
[Install]
WantedBy=multi-user.target
Furthermore, the reason why you do not experience the issue when launching your app using python app.py is because it is not being served by Gunicorn that way... it's using the Flask test development server. The development server does not have the same timeout duration as Gunicorn. By default, I believe the Gunicorn timeout defaults to 30 seconds. In the case of my application, this was far too low.