API Overview:

Create a POST request to the /generate_images endpoint, that has prompt, output_folder and file_name_prefix.
• prompt is the description of the image you want generated.
• output_folder is the folder path to the image files, part of the S3 key.
• file_name_prefix is the name of the image file which will end up with a Unix epoch timestamp appended to it, part of the S3 key.
Example POST request BODY:

{"prompt": "red porsche", "output_folder": "000/111", "file_name_prefix": "porsche_image"}

Four unique images will be generated based on your prompt and uploaded to the S3 bucket you specify in image_generation.py under AI_S3_BUCKET_NAME

You will get a JSON manifest of file names after the images are generated.

Example POST request Response:

{"images": ["000/111/porsche_image-1728409676.376359.png", "000/111/porsche_image-1728409676.376369.png", "000/111/porsche_image-1728409676.376371.png", "000/111/porsche_image-1728409676.3763719.png"]}

Code:

GitHub repo with files referenced in this blog ai-image-generator

Prerequisites:

• Amazon Web Services Account
• Enable Amazon Bedrock Access (Specifically Amazon Titan Image Generator v2) see: Manage access to Amazon Bedrock foundation models.
• EC2 Instance Role with AmazonBedrockFullAccess and AmazonS3FullAccess applied to your EC2 instance (note you can make this more secure by making a custom policy).
• Verified on EC2 Instance Ubuntu 22.04 and Ubuntu 24.04
• Verified on Python 3.10, 3.11, 3.12
• Virtualenv
• AWS Default Region is set to us-east-1 you can change the region in the image_generation.py file under region_name='us-east-1'
• AWS S3 bucket

AWS Resource Costs
As with most AWS services you will incur costs for usage.

• https://aws.amazon.com/bedrock/pricing/
• https://aws.amazon.com/ec2/pricing/on-demand/

Step 0
Install some dependencies

sudo apt -y update

sudo apt -y install build-essential openssl

sudo apt -y install libpq-dev libssl-dev libffi-dev zlib1g-dev

sudo apt -y install python3-pip python3-dev

sudo apt -y install nginx

sudo apt -y install virtualenvwrapper

Step 1
Setup the Python environment

cd /home/ubuntu

virtualenv ai-image-generator_env

source ai-image-generator_env/bin/activate

Step 2
Create a directory for your project.

mkdir /home/ubuntu/ai-image-generator

cd /home/ubuntu/ai-image-generator

Step 3
Create a file requirements.txt for your Python dependencies.

vim requirements.txt

boto3
botocore
Pillow
watchdog
requests
flask
flask-json
gunicorn
setproctitle

pip install -r requirements.txt

Step 4
Create a file image_generation.py which has image generation code.

cd /home/ubuntu/ai-image-generator

vim image_generation.py

import io
import os
import base64
import json
import random
import boto3
from PIL import Image

AI_S3_BUCKET_NAME = "YOUR_S3_BUCKET_NAME_HERE"
AI_IMAGE_GENERATOR_TMP_PATH = "/tmp/ai_image_generator/"
NEGATIVE_PROMPTS = "poorly rendered, poor background details"

# Set Titan generative AI image generation settings.
def ai_image_settings(prompt):

    # Unique AI image random seed generation.
    random_seed = random.randint(0,2147833647)

    body = {
                "taskType": "TEXT_IMAGE",
                "textToImageParams": {
                "text": prompt,                    # Required
                "negativeText": NEGATIVE_PROMPTS   # Optional
             },
            "imageGenerationConfig": {
            "seed": (random_seed), # Range: 0 to 214783647
            "numberOfImages": 1,   # Range: 1 to 5
            "quality": "premium",  # Options: standard or premium
            "height": 1024,        # Supported height list in the docs
            "width": 1024,         # Supported width list in the docs
            "cfgScale": 9          # Range: 1.0 to 10.0
            }
    }

    json_string = json.dumps(body, indent=4)
    return json_string

# AI Image generation and storage.
def ai_image_generation(prompt, local_file_name, output_folder):

    # Invoke Amazon Titan image generator v2.
    boto3_bedrock = boto3.client('bedrock-runtime', region_name='us-east-1')
    ai_model = boto3_bedrock.invoke_model(
        body=ai_image_settings(prompt),
        modelId="amazon.titan-image-generator-v2:0",
        accept="application/json",
        contentType="application/json"
    )

    # Process the AI image Base64.
    response_body = json.loads(ai_model.get("body").read())
    image_base64 = response_body["images"][0]

    # Decode Base64 bytes and save image.
    ai_image = Image.open(
        io.BytesIO(
            base64.decodebytes(
                bytes(image_base64, "utf-8")
            )
        )
    )

    ai_image.save(f"{AI_IMAGE_GENERATOR_TMP_PATH}/{output_folder}/{local_file_name}")

    # Store images in S3.
    s3 = boto3.client('s3')
    bucket = AI_S3_BUCKET_NAME
    file_name = (f"{AI_IMAGE_GENERATOR_TMP_PATH}/{output_folder}/{local_file_name}")
    key_name = os.path.join(output_folder, local_file_name)
    s3.upload_file(file_name, bucket, key_name, ExtraArgs={'ContentType': "image/png"})

    # Delete temporary local copy.
    os.remove(f"{AI_IMAGE_GENERATOR_TMP_PATH}/{output_folder}/{local_file_name}")

# Local cleanup function.
def delete_files_in_directory(directory_path, rm_dir=False):
    try:
        files = os.listdir(directory_path)
        for file in files:
            file_path = os.path.join(directory_path, file)
            if os.path.isfile(file_path):
                os.remove(file_path)

        if (rm_dir):
            os.rmdir(directory_path)

        print("All image files deleted successfully.")
    except OSError:
        print("Error occurred while deleting image files.")

Step 5
Create a file ai_image_generator.py which has the Flask routing code and logic.

cd /home/ubuntu/ai-image-generator

vim ai_image_generator.py

import os
import json
import time
import concurrent.futures
from flask import Flask, request
from flask_json import FlaskJSON, JsonError, json_response
from image_generation import ai_image_generation, delete_files_in_directory

AI_IMAGE_GENERATOR_TMP_PATH = "/tmp/ai_image_generator/"

ai_image_generator = Flask(__name__)
FlaskJSON(ai_image_generator)

# 500MB Upload File Size Limit
ai_image_generator.config['MAX_CONTENT_PATH'] = 500 * 1024 * 1024

# Data validations.
def ai_image_generator_data_validation(request_data):
    try:
        prompt = str(request_data['prompt'])
    except (KeyError, TypeError, ValueError) as e:
        raise JsonError(description='Invalid prompt.') from e
    try:
        output_folder = str(request_data['output_folder'])
    except (KeyError, TypeError, ValueError) as e:
        raise JsonError(description='Invalid output_folder.') from e

    try:
        file_name_prefix = str(request_data['file_name_prefix'])
    except (KeyError, TypeError, ValueError) as e:
        raise JsonError(description='Invalid file_name_prefix.') from e

    return prompt, output_folder, file_name_prefix

# Health check route.
@ai_image_generator.route("/")
def health():
    return json_response(health="true")

# Generate images route.
@ai_image_generator.route('/generate_images', methods=['POST'])
def generate_images():
    request_data = request.get_json(force=True)
    prompt, output_folder, file_name_prefix = ai_image_generator_data_validation(request_data)

    output_path = os.path.join(AI_IMAGE_GENERATOR_TMP_PATH, output_folder.strip())

    # Checks if output folder exists, makes one if not. Delete files in folder if it does exist.
    if not os.path.exists(output_path):
        os.makedirs(output_path)
    else:
        delete_files_in_directory(output_path)

    #  Use a pool of threads to execute generation of 4 images asynchronously.
    with concurrent.futures.ThreadPoolExecutor() as executor:
        futures = []

        file_name = [(f"{file_name_prefix}") + "-" + str(time.time()) + ".png", (f"{file_name_prefix}") + "-" + str(time.time()) + ".png", (f"{file_name_prefix}") + "-" + str(time.time()) + ".png", (f"{file_name_prefix}") + "-" + str(time.time()) + ".png"]
        for file in file_name:
            futures.append(executor.submit(ai_image_generation, prompt=prompt, local_file_name=file, output_folder=output_folder))
        for future in concurrent.futures.as_completed(futures):
            print(future.result())

    # Return JSON output of location/files generated.
    keys = []
    for file in file_name:
        keys.append((os.path.join(output_folder, file)))

    manifest = {"images": keys}

    return json.dumps(manifest)

if __name__ == "__main__":
    ai_image_generator.run(host='0.0.0.0')

Step 6
Create your wsgi.py webserver gateway interface for the Flask microframework

vim /home/ubuntu/ai-image-generator/wsgi.py

from ai_image_generator import ai_image_generator
 
if __name__ == "__main__":
    ai_image_generator.run()

Step 7
Create a file gunicorn_ai-image-generator.conf which will be the configurations Gunicorn will utilize. Gunicorn is a Python WSGI HTTP Server for UNIX. For more information about Gunicorn read here.

cd /home/ubuntu/ai-image-generator

mkdir gunicorn

cd gunicorn

vim gunicorn_ai-image-generator.conf

Add the following to gunicorn_ai-image-generator.conf

pidfile = 'ai_image_generator.pid'
worker_class = 'gthread'
workers = 5
worker_connections = 1000
timeout = 30
keepalive = 2
threads = 2
proc_name = 'ai_image_generator'
bind = '0.0.0.0:8080'
backlog = 2048
accesslog = 'access.log'
errorlog = 'error.log'
user = 'ubuntu'
group = 'ubuntu'

Step 8
Create a Systemd service file. Systemd is a service manager and in this use case it will manage Gunicorn.

sudo vim /etc/systemd/system/ai-image-generator.service

Add the following to ai-image-generator.service

[Unit]
Description=AI Image Generator API
After=network.target
 
[Service]
User=ubuntu
Group=ubuntu
WorkingDirectory=/home/ubuntu/ai-image-generator
Environment="PATH=/home/ubuntu/ai-image-generator_env/bin"
ExecStart=/home/ubuntu/ai-image-generator_env/bin/gunicorn --config=gunicorn/gunicorn_ai-image-generator.conf wsgi:ai_image_generator
 
[Install]
WantedBy=multi-user.target

Step 9
Start your application via Systemd and enable it to auto start after reboot

sudo systemctl start ai-image-generator

sudo systemctl enable ai-image-generator.service

Step 10
Create your applications NGINX config nginx_ai-image-generator.conf that makes NGINX listen on port 80 and proxies requests to Gunicorn on port 8080. NGINX will help with connection handling increasing performance.

sudo vim /etc/nginx/sites-available/nginx_ai-image-generator.conf

Add the following to nginx_ai-image-generator.conf

server {
    listen 80 default_server;

    location / {
        include proxy_params;
      	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP	$remote_addr;
      	proxy_set_header Host $http_host;
      	proxy_redirect off;
        proxy_buffers 8 24k;
        proxy_buffer_size 4k;
        proxy_pass http://127.0.0.1:8080;
    }
}

Step 11
Delete your default NGINX conf file, enable your new NGINX conf and restart NGINX

sudo rm /etc/nginx/sites-enabled/default

sudo ln -s /etc/nginx/sites-available/nginx_ai-image-generator.conf /etc/nginx/sites-enabled

sudo systemctl restart nginx

Step 12
Time to test your API! From a command line you can test the API out by running:

curl -X POST --data '{"prompt": "red porsche", "output_folder": "000/111", "file_name_prefix": "porsche_image"}' http://{yourhost}:80/generate_images

Notes:

Summary:

Hopefully this blog article helps you create a robust scalable AI driven image generation API. The idea is that a UI/UX of your design will leverage this API to display four images for the end user to choose from. Images will be generated at the same time so all four images will take the same amount of time as one image. The parameters allow for storage in some form of hierarchy with a folder path, and each image will have a unix epoch timestamp. An example structure could be account-number/project-number/file-name. The API will generated a JSON response with where the images are located in S3 for your UI/UX to handle.

If you like this blog article you may want to read my other article on Building a GenAI PDF Query App with a RAG Architecture.

The post Building an Asynchronous GenAI Image Generator API first appeared on Phil Chen.

The PDF query web application will leverage Facebook AI Similarity Search (FAISS) and Amazon Titan Embeddings to create vector representations of unstructured text and the storage/search of those embeddings. LangChain is utilized for the prompt template guiding the models response, RetrievalQA for pertinent data, and various PDF processing tools. We will use Amazon Bedrock to access Claude 3.5 Sonnet and Amazon Titan Embeddings.

Code:

GitHub repo with files referenced in this blog pdf-query-rag-llm-app

Prerequisites:

• Amazon Web Services Account
• Enable Amazon Bedrock Access (Specifically Amazon Titan Embeddings and Claude 3.5 Sonnet) see: Manage access to Amazon Bedrock foundation models
• EC2 Instance Role with AmazonBedrockFullAccess Policy Attached (note you can make this more secure by making a custom policy)
• Verified on EC2 Instance Ubuntu 22.04 and Ubuntu 24.04
• Verified with Python 3.10, 3.11, 3.12
• Virtualenv
• AWS Default Region is set to us-east-1 you can change the region in the pdf_query_rag_llm_app.py file under region_name='us-east-1'

AWS Resource Cost:

As with most AWS services you will incur costs for usage.

• https://aws.amazon.com/bedrock/pricing/
• https://aws.amazon.com/ec2/pricing/on-demand/

EC2 Ubuntu Instance Setup:
(This article assumes you have a ubuntu user with /home/ubuntu)

Step 0
Install some dependencies.

sudo apt -y update

sudo apt -y install build-essential openssl

sudo apt -y install libpq-dev libssl-dev libffi-dev zlib1g-dev

sudo apt -y install python3-pip python3-dev

sudo apt -y install nginx

sudo apt -y install virtualenvwrapper

Step 1
Setup the Python environment.

cd /home/ubuntu

virtualenv pdf-query-rag-llm-app_env

source pdf-query-rag-llm-app_env/bin/activate

Step 2
Create a directory for your project.

mkdir /home/ubuntu/pdf-query-rag-llm-app

cd /home/ubuntu/pdf-query-rag-llm-app

Step 3
Create a file requirements.txt for your Python dependencies.

vim requirements.txt

awscli
pypdf
streamlit
boto3
faiss-cpu
langchain-aws
langchain_community

Install your Python dependencies.

pip install -r requirements.txt

Step 4
Create a file pdf_query_rag_llm_app.py which has the PDF query application code.

cd /home/ubuntu/pdf-query-rag-llm-app

vim pdf_query_rag_llm_app.py

import os
import boto3
import streamlit as st
from langchain_aws import BedrockEmbeddings
from langchain_aws.chat_models import ChatBedrock
from langchain_community.vectorstores.faiss import FAISS
from langchain_community.document_loaders.pdf import PyPDFDirectoryLoader
from langchain.chains.retrieval_qa.base import RetrievalQA
from langchain.prompts import PromptTemplate
from langchain.text_splitter import RecursiveCharacterTextSplitter
from langchain.globals import set_verbose
set_verbose(False)

bedrock = boto3.client(service_name='bedrock-runtime', region_name='us-east-1')
titan_embeddings = BedrockEmbeddings(model_id="amazon.titan-embed-text-v1", client=bedrock)

# Data Preparation
def data_ingestion():
    loader = PyPDFDirectoryLoader("data")
    documents = loader.load()
    text_splitter = RecursiveCharacterTextSplitter(chunk_size=2000, chunk_overlap=500)
    docs = text_splitter.split_documents(documents)
    return docs

# Vector Store Setup
def setup_vector_store(documents):
    vector_store = FAISS.from_documents(
        documents,
        titan_embeddings,
    )
    vector_store.save_local("faiss_index")

# LLM Setup
def load_llm():
    llm = ChatBedrock(model_id="anthropic.claude-3-5-sonnet-20240620-v1:0", client=bedrock, model_kwargs={"max_tokens": 2048})
    return llm

# LLM Guidelines
prompt_template = """Use the following pieces of context to answer the question at the end. Follow these rules:
1. If the answer is not within the context knowledge, state that you do not know, and do not fabricate an answer.
2. If you find the answer, create a detailed, and concise response to the question. Aim for a summary of max 200 words.
3. Do not add extra information not within the context.

{context}

Question: {question}
Helpful Answer:"""

# Prompt Template
prompt = PromptTemplate(template=prompt_template, input_variables=["context", "question"])

# Create QA Chain 
def get_result(llm, vector_store, query):
    qa_chain = RetrievalQA.from_chain_type(
        llm=llm,
        chain_type="stuff",
        retriever=vector_store.as_retriever(
            search_type="similarity", search_kwargs={"k": 3}
        ),
        chain_type_kwargs={"prompt": prompt},
        return_source_documents=True,
    )
    # Apply LLM
    result = qa_chain.invoke(query)
    return result['result']

# Streamlit Frontend UI Section
def streamlit_ui():
    st.set_page_config("PDF Query RAG LLM Application")
    st.markdown("""
        
    """, unsafe_allow_html=True)
    st.header("PDF Query with Generative AI")

    user_question = st.text_input(r":gray[$\textsf{\normalsize Ask me anything about your PDF collection.}$]")

    left_column, middleleft_column, middleright_column, right_column = st.columns(4, gap="small")
    if left_column.button("Generate Response", key="submit_question") or user_question:
        # first check if the vector store exists
        if not os.path.exists("faiss_index"):
            st.error("Please create the vector store first from the sidebar.")
            return
        if not user_question:
            st.error("Please enter a question.")
            return
        with st.spinner("Generating... this may take a minute..."):
            faiss_index = FAISS.load_local("faiss_index", embeddings=titan_embeddings,
                                           allow_dangerous_deserialization=True)
            llm = load_llm()
            st.write(get_result(llm, faiss_index, user_question))
            st.success("Generated")
    if middleleft_column:
        st.empty()
    if middleright_column:
        st.empty()
    if right_column.button("New Data Update", key="update_vector_store"):
        with st.spinner("Updating... this may take a few minutes as we go through your PDF collection..."):
            docs = data_ingestion()
            setup_vector_store(docs)
            st.success("Updated")

if __name__ == "__main__":
    streamlit_ui()

Step 5
Create a data directory to hold your PDF’s. *note you will want to put your PDF’s in this directory that you want to query..

cd /home/ubuntu/pdf-query-rag-llm-app

mkdir data

Step 6
Create a Systemd service file. Systemd is a service manager and in this use case it will manage streamlit.

sudo vim /etc/systemd/system/pdf-query-rag-llm-app.service

Add the following to pdf-query-rag-llm-app.service

[Unit]
Description=PDF query with Generative AI Service
After=network.target
 
[Service]
User=root
Group=root
WorkingDirectory=/home/ubuntu/pdf-query-rag-llm-app
Environment="PATH=/home/ubuntu/pdf-query-rag-llm-app_env/bin"
ExecStart=/home/ubuntu/pdf-query-rag-llm-app_env/bin/streamlit run /home/ubuntu/pdf-query-rag-llm-app/pdf_query_rag_llm_app.py --server.port 8080 --server.headless true
 
[Install]
WantedBy=multi-user.target

Step 7
Start your application via Systemd and enable it to auto start after reboot

sudo systemctl start pdf-query-rag-llm-app.service

sudo systemctl enable pdf-query-rag-llm-app.service

Step 8
Create your applications NGINX config nginx_ai-image-generator.conf that makes NGINX listen on port 80 and proxies requests to Streamlit on port 8080. NGINX will help with connection handling increasing performance.

sudo vim /etc/nginx/sites-available/nginx_pdf-query-rag-llm-app.conf

Add the following to nginx_pdf-query-rag-llm-app.conf

server {
    listen 80 default_server;

    location / {
        include proxy_params;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP      $remote_addr;
        proxy_set_header Host $http_host;
        proxy_redirect off;
        proxy_buffers 8 24k;
        proxy_buffer_size 4k;
        proxy_pass http://127.0.0.1:8080;
    }
    location /_stcore/stream {
        proxy_pass http://127.0.0.1:8080/_stcore/stream;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 86400;
    }
}

Step 9
Delete your default NGINX conf file, enable your new NGINX conf and restart NGINX (Port 80)

sudo rm /etc/nginx/sites-enabled/default

sudo ln -s /etc/nginx/sites-available/nginx_pdf-query-rag-llm-app.conf /etc/nginx/sites-enabled

sudo systemctl restart nginx

Step 10
Test your application, remember to put your PDF’s that you want to query in the data directory on the instance and click New Data Update before querying.

http://{yourhost}

Notes:

• Make sure to open up port 80 in your EC2 Security Group associated to the instance.
• For HTTPS (TLS) you can use AWS ALB or AWS CloudFront.
• Depending on how many PDF’s you have, how big the PDF’s are, and your CPU specifications using the New Data Update button can take awhile as it builds your vector embeddings.
• Any time you add PDF’s or change them make sure to click “New Data Update” to update/build your vector embeddings.
• This application does not take into consideration security controls, that is your responsibility.
• Please read Amazon Bedrock FAQ’s for general questions about AWS LLM resources used.

Summary:
Hopefully this blog article helps you create a generative AI PDF query web application which is scoped to your specific data and context leveraging a RAG architecture. Retrieval-augmented generation (RAG) is a powerful architecture choice to both leverage a trained model in this case Claude 3.5 Sonnet, and your organizations specific data (vectorized) without re-training the LLM model, but rather augmenting its knowledge base.

If you like this blog article you may want to read my other article on Building an Asynchronous GenAI Image Generator API.

The post Building a GenAI PDF Query App with a RAG Architecture first appeared on Phil Chen.

Assumptions:

• You have Docker installed
• These instructions are were done on a Mac
• You are leveraging multiple containers on one host (docker engine), if not read the bottom of this post about “docker stack deploy”.

Quick Links:

GitHub repo with files referenced in this blog ubuntu-flask-gunicorn-nginx-docker-compose

Docker Hub repo with some of the images used in the blog here.

File Structure:

ubuntu-flask-gunicorn-nginx-docker-compose/

    |

    docker-compose.yml

    |

    app/

    |   –> Dockerfile

    |   –> src

    |          –> app01.py

    |          –> gunicorn_config.py

    |          –> wsgi.py

    |          –> requirements.txt

    |

    nginx/

          –> Dockerfile

          –> nginx.conf

mkdir ubuntu-flask-gunicorn-nginx-docker-compose

cd ubuntu-flask-gunicorn-nginx-docker-compose

mkdir -p app/src

mkdir nginx

cd app/src

vim requirements.txt

Add the following to the requirements.txt

Click==7.0
Flask==1.0.3
gunicorn==19.9.0
itsdangerous==1.1.0
Jinja2==2.10.1
MarkupSafe==1.1.1
Werkzeug==0.15.4

Step 2
Create a file app01.py which will be a simple Flask web app. Flask is a microframework for Python based on Werkzeug and Jinja2. For more information about Flask read here.

vim app01.py

Add the following to app01.py

from flask import Flask
hello = Flask(__name__)

@hello.route("/")
def greeting():
    return "
Hello World!
"

if __name__ == "__main__":
    hello.run(host='0.0.0.0')

Step 3
Create a file wsgi.py which will be the gateway from the webserver to your app. For more information about WSGI read here.

vim wsgi.py

Add the following to wsgi.py

from app01 import hello

if __name__ == "__main__":
    hello.run()

Step 4
Create a file gunicorn_config.py which will be the configurations Gunicorn will utilize. Gunicorn is a Python WSGI HTTP Server for UNIX. For more information about Gunicorn read here.

vim gunicorn_config.py

Add the following to gunicorn_config.py
*Note we set workers to 2 because if you only have one worker, and it’s handling a slow query, the heartbeat query will timeout which could remove it from a load balancer. Also container schedulers expect logs to come out on stdout and stderr so we have it set in the config as such. We also leverage /dev/shm vs default /tmp to avoid timeouts accessing ram vs disk.

pidfile = 'app01.pid'
worker_tmp_dir = '/dev/shm'
worker_class = 'gthread'
workers = 2
worker_connections = 1000
timeout = 30
keepalive = 2
threads = 4
proc_name = 'app01'
bind = '0.0.0.0:8080'
backlog = 2048
accesslog = '-'
errorlog = '-'
user = 'ubuntu'
group = 'ubuntu'

Step 5
Create a Dockerfile which contains the commands to build your Python Flask App Docker image. For more information on Dockerfile read here.

cd ../

vim Dockerfile

Add the following to Dockerfile
*Note we pull a base ubuntu 18.04 image with python 3.7.3 from my Docker Hub repo you could point this to the official Ubuntu repo and add a Python image or install line. All the files are copied into the /home/ubuntu container directory and referenced from there.

FROM nethacker/ubuntu-18-04-python-3:python-3.7.3
COPY src/requirements.txt /root/
RUN pip install -r /root/requirements.txt && useradd -m ubuntu
ENV HOME=/home/ubuntu
USER ubuntu
COPY src/app01.py src/wsgi.py src/gunicorn_config.py /home/ubuntu/
WORKDIR /home/ubuntu/
EXPOSE 8080
CMD ["gunicorn", "-c", "gunicorn_config.py", "wsgi:hello"]

Step 6
Create a NGINX configuration file to make a reverse proxy load balancer to your Python Flask application

cd ../nginx/

vim nginx.conf

Add the following to your nginx.conf file for NGINX to act as a reverse proxy load balancer.

events { worker_connections 1024; }

http {

 proxy_headers_hash_max_size 1024;
 proxy_headers_hash_bucket_size 64;

 upstream localhost {
    # References to our app containers, via docker compose
    server app01:8080;
    server app02:8080;
 }
 server {
    listen 80;
    server_name localhost;
    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP      $remote_addr;
        proxy_redirect off;
        proxy_buffers 8 24k;
        proxy_buffer_size 4k;
        proxy_pass http://localhost;
        proxy_set_header Host $host;
    }
  }
}

Step 7
Create a file Dockerfile which contains the commands to build your NGINX Docker image.

vim Dockerfile

Add the following to Dockerfile

FROM nethacker/ubuntu-18-04-nginx:1.17.1
RUN apt-get update && apt-get install -y \
    build-essential \
    curl \
  && rm -rf /var/lib/apt/lists/*
COPY nginx.conf /etc/nginx/nginx.conf
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

Step 8
Create your Docker Compose YAML file outlining one NGINX container with two backend Python Flask application containers to which to direct traffic too. Also specify the NGINX port as well increasing shm size for Gunicorn to use.

cd ../

vim docker-compose.yml

Add the following to docker-compose.yml file.

version: '3.7'
services:
    app01:
        shm_size: '1000000000'
        build:
            context: ./app
        tty: true
        volumes:
            - './app/src:/home/ubuntu'
    app02:
        shm_size: '1000000000'
        build:
            context: ./app
        tty: true
        volumes:
            - './app/src:/home/ubuntu'
    nginx:
        build: ./nginx
        tty: true
        links:
            - app01
            - app02
        ports:
            - '80:80'

Step 9
Build and Start your Docker images using Docker Compose, you will end up with one NGINX container with two backend Python Flask application containers. The NGINX container will listen on port 80 and forward traffic to the backend apps on 8080.

docker-compose up --build --detach

Step 10
Test your Docker container

If you didn’t modify the example you should be able to go to localhost port 80 in a browser and get a red “Hello World” message.

http://localhost

You can also do the following to access your containers with a bash shell to poke around.

Find the running Docker container id you wish to examine.

docker ps

Get and interactive shell on the container.

docker exec -it {id here} /bin/bash

Hopefully this basic overview of Docker Compose and multi-containers on a single host/docker engine helps you scale your application.

On a side note,

docker-compose

command appears to be transitioning to:

docker stack deploy

with the difference “docker-compose” can do builds in the docker-compose.yml and 2.0/3.0 spec with caveats, but “docker stack deploy” cannot do build commands in the docker-compose.yml and needs prebuilt images as well as 3.0 spec making docker compose nicer for development purposes but “docker stack deploy” a more production oriented method with multiple containers over multiple hosts leveraging swarm. In both cases docker-compose.yml is used and Docker will ignore commands not support by the respective compose vs stack call (silently). I will do a post on Docker Swarm next.

The post Scaling a Python Flask App with NGINX using Multiple Containers with Docker Compose first appeared on Phil Chen.

Quick Links:

GitHub repo with files referenced in this blog ubuntu-flask-gunicorn-docker

Docker Hub repo for the example app referenced in this blog nethacker/ubuntu-18-04-flask-gunicorn-example

Docker Hub repo for Ubuntu with Flask and Gunicorn with no app nethacker/ubuntu-18-04-flask-gunicorn

Assumptions:

Step 0
Create a directory for your project.

mkdir ubuntu-flask-gunicorn-docker

cd ubuntu-flask-gunicorn-docker

Step 1
Create a file requirements.txt for your Python dependencies, such as Flask or Gunicorn. For more information about PIP requirements.txt read here.

vim requirements.txt

Add the following to the requirements.txt

Click==7.0
Flask==1.0.3
gunicorn==19.9.0
itsdangerous==1.1.0
Jinja2==2.10.1
MarkupSafe==1.1.1
Werkzeug==0.15.4

Step 2
Create a file app01.py which will be a simple Flask web app. Flask is a microframework for Python based on Werkzeug and Jinja2. For more information about Flask read here.

vim app01.py

Add the following to app01.py

from flask import Flask
hello = Flask(__name__)

@hello.route("/")
def greeting():
    return "
Hello World!
"

if __name__ == "__main__":
    hello.run(host='0.0.0.0')

Step 3
Create a file wsgi.py which will be the gateway from the webserver to your app. For more information about WSGI read here.

vim wsgi.py

Add the following to wsgi.py

from app01 import hello

if __name__ == "__main__":
    hello.run()

Step 4
Create a file gunicorn_config.py which will be the configurations Gunicorn will utilize. Gunicorn is a Python WSGI HTTP Server for UNIX. For more information about Gunicorn read here.

vim gunicorn_config.py

Add the following to gunicorn_config.py
*Note we set workers to 2 because if you only have one worker, and it’s handling a slow query, the heartbeat query will timeout which could remove it from a load balancer. Also container schedulers expect logs to come out on stdout and stderr so we have it set in the config as such. We also leverage /dev/shm vs default /tmp to avoid timeouts accessing ram vs disk.

pidfile = 'app01.pid'
worker_tmp_dir = '/dev/shm'
worker_class = 'gthread'
workers = 2
worker_connections = 1000
timeout = 30
keepalive = 2
threads = 4
proc_name = 'app01'
bind = '0.0.0.0:8080'
backlog = 2048
accesslog = '-'
errorlog = '-'
user = 'ubuntu'
group = 'ubuntu'

Step 5
Create a file Dockerfile which contains the commands to build your Docker image. For more information on Dockerfile read here.

vim Dockerfile

Add the following to Dockerfile
*Note we pull a base ubuntu 18.04 image with python 3.7.3 from my Docker Hub repo you could point this to the official Ubuntu repo and add a Python image or install line. All the files are copied into the /home/ubuntu container directory and referenced from there.

FROM nethacker/ubuntu-18-04-python-3:python-3.7.3
COPY requirements.txt /root/
RUN pip install -r /root/requirements.txt && useradd -m ubuntu
ENV HOME=/home/ubuntu
USER ubuntu
COPY app01.py wsgi.py gunicorn_config.py /home/ubuntu/
WORKDIR /home/ubuntu/
EXPOSE 8080
CMD ["gunicorn", "-c", "gunicorn_config.py", "wsgi:hello"]

Step 6
Build your Docker image
*Note you can -t tag this with your own naming convention

docker build -t example/ubuntu-flask-gunicorn-docker:latest .

Step 7
Start your Docker container from the Docker image you built. Docker container environments are different then VM’s because of this we set –shm-size to a bigger shared memory size. Gunicorn has a config entry to use shared memory (/dev/shm) vs disk (/tmp) for Gunicorn health checks to avoid timeouts accessing ram vs disk. The setting 80:8080 sets the Docker container to map localhost 80 to container port 8080.

docker run --shm-size=256m --detach -p 80:8080 example/ubuntu-flask-gunicorn-docker:latest

Step 8
Test your Docker container

If you didn’t modify the Dockerfile you should be able to go to localhost port 80 in a browser and get a red “Hello World” message.

http://localhost

You can also do the following to access the container with a bash shell to poke around.

Find the running Docker container id.

docker ps

Get and interactive shell on the container.

docker exec -it {id here} /bin/bash

Hopefully this basic overview helps you build your own containers!

The post A scalable Flask application using Gunicorn on Ubuntu 18.04 in Docker first appeared on Phil Chen.

*This is an updated approach to an older blog post of mine How to make a Scalable Python Web App using Flask, Gunicorn, NGINX on Ubuntu 14.04 from 2015.

I have created a GitHub repo scalable-ubuntu-flask-gunicorn-nginx available for you to get started quickly with a setup.sh file that does all the steps below via one bash script.

If you would like to do this step by step please continue reading below:

Assumptions:

Step 0
Update your Ubuntu packages

sudo apt update

Step 1
Time Matters! Sync’ing time is important all servers drift which can effect applications negatively.

sudo apt -y install ntpdate

sudo ntpdate pool.ntp.org

sudo apt -y install ntp

Step 2
Install Python Dependencies and Virtualenv, you will be installing Python 3 and leveraging Virtualenv to have an isolated environment for your Python dependencies specific to your application.

sudo apt -y install build-essential openssl

sudo apt -y install libpq-dev libssl-dev libffi-dev zlib1g-dev

sudo apt -y install python3-pip python3-dev

sudo pip3 install virtualenvwrapper

Step 3
Install NGINX, it will act as a reverse proxy for scaling purposes.

sudo apt -y install nginx

Step 4
Configure your .bashrc file so that your ubuntu user can use Virtualenv

vim ~/.bashrc

Add the following to the bottom of your .bashrc file

# default location of virtual environment directories
export WORKON_HOME=$HOME/.virtualenvs
# default python version to use with virtualenv
export VIRTUALENVWRAPPER_PYTHON=/usr/bin/python3
export VIRTUALENVWRAPPER_VIRTUALENV_ARGS=' -p /usr/bin/python3 '
source `which virtualenvwrapper.sh`

Step 5
Source your .bashrc file to activate your changes

source ~/.bashrc

Step 6
Create a directory to keep applications in

mkdir /home/ubuntu/flask_apps

cd /home/ubuntu/flask_apps

Step 7
Create your Virtualenv project environment named app01_env

virtualenv app01_env

Step 8
Activate your Virtualenv and install Python packages for your application specific to the new project environment. The three packages listed are gunicorn (webserver), flask (Python microframework), and setproctitle (to view your processes friendly name when using ps). After use deactivate to remove yourself from this environment.

source app01_env/bin/activate

pip install gunicorn

pip install flask

pip install setproctitle

deactivate

Step 9
Create your Python Flask application that says Hello World

vim /home/ubuntu/flask_apps/app01_env/app01.py

app01.py

from flask import Flask
hello = Flask(__name__)

@hello.route("/")
def greeting():
    return "
Hello World!
"

if __name__ == "__main__":
    hello.run(host='0.0.0.0')

Step 10
Create your webserver gateway interface for the Flask microframework

vim /home/ubuntu/flask_apps/app01_env/wsgi.py

wsgi.py

from app01 import hello

if __name__ == "__main__":
    hello.run()

Step 11
Create your Gunicorn config file which holds your Gunicorn settings. Gunicorn is essentially your webserver for your application. The below settings are optimized for a dual core server.

vim /home/ubuntu/flask_apps/app01_env/gunicorn_config.py

gunicorn.py

pidfile = 'app01.pid'
worker_class = 'gthread'
workers = 5
worker_connections = 1000
timeout = 30
keepalive = 2
threads = 2
proc_name = 'app01'
bind = '0.0.0.0:8080'
backlog = 2048
accesslog = 'access.log'
errorlog = 'error.log'
user = 'ubuntu'
group = 'ubuntu'

Step 12
Create a Systemd service file. Systemd is a service manager and in this use case it will manage Gunicorn.

sudo vim /etc/systemd/system/app01.service 

app01.service

[Unit]
Description=Gunicorn for Flask app01
After=network.target

[Service]
User=ubuntu
Group=ubuntu
WorkingDirectory=/home/ubuntu/flask_apps/app01_env
Environment="PATH=/home/ubuntu/flask_apps/app01_env/bin"
ExecStart=/home/ubuntu/flask_apps/app01_env/bin/gunicorn --config=gunicorn_config.py wsgi:hello

[Install]
WantedBy=multi-user.target

Step 13
Start your application via Systemd and enable it to auto start after reboot

sudo systemctl start app01

sudo systemctl enable app01.service

Step 14
Create your applications NGINX config that makes NGINX listen on port 80 and proxies requests to Gunicorn on port 8080. NGINX will help with connection handling increasing performance.

sudo vim /etc/nginx/sites-available/nginx_app01.conf

nginx_app01.conf

server {
    listen 80 default_server;

    location / {
        include proxy_params;
      	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP	$remote_addr;
      	proxy_set_header Host $http_host;
      	proxy_redirect off;
        proxy_buffers 8 24k;
        proxy_buffer_size 4k;
        proxy_pass http://127.0.0.1:8080;
    }
}

Step 15
Delete your default NGINX conf file, enable your new NGINX conf and restart NGINX

sudo rm /etc/nginx/sites-enabled/default

sudo ln -s /etc/nginx/sites-available/nginx_app01.conf /etc/nginx/sites-enabled

sudo systemctl restart nginx

Step 16
If the server or instance you installed this on has port 80 available for you to reach. Enter the server IP or hostname into your browser and you should see “Hello World!” in red, which tells you your Python Flask application is working.

Performance Settings

The post How to make a Python Web App in Virtualenv using Flask, Gunicorn, NGINX on Ubuntu 18.04 first appeared on Phil Chen.

Here is a standalone example of converting the IP Range into an array.

#!/usr/bin/env ruby

require 'ipaddr'

def ip_range(first, last)
  first = IPAddr.new(first)
  last  = IPAddr.new(last)
  (first..last).map(&:to_s)
end

range_calc = ip_range("172.30.20.0", "172.30.20.255")

puts range_calc.to_a

require 'ipaddr'

get '/blah/blah/blah' do

def ip_range(first, last)
  first = IPAddr.new(first)
  last  = IPAddr.new(last)
  (first..last).map(&:to_s)
end

range_calc = ip_range("172.30.20.0", "172.30.20.255")

$WHITE_LIST_HOSTS = ["127.0.0.1","173.255.251.204","54.223.213.220"] + range_calc.to_a

request_ip = @env['HTTP_X_REAL_IP']
  if
    !$WHITE_LIST_HOSTS.include? request_ip

  return "Not Authorized"

  else
    Do work here...
  end
end

#!/usr/bin/env ruby

require 'ipaddr'

first = IPAddr.new("172.30.20.0/24")

requesting_ip = IPAddr.new("172.30.20.200")

puts first.include?(requesting_ip)

The post Working with IP address information using Ruby first appeared on Phil Chen.

Step 0
Create your AWS Environment

Create a AWS Security Group for your Docker Registry Instance allowing port 80. Launch an AWS EC2 Instance running Ubuntu 14.04 in the designated region and VPC of your choice through the AWS Console applying the Security Group you created. Create and size an AWS EBS Volume to your needs and attach it to the instance you started via the AWS Console.

Step 1
Time Matters!

ubuntu$ sudo apt-get update

ubuntu$ sudo ntpdate pool.ntp.org
 
ubuntu$ sudo apt-get install ntp

Step 2
Install Build Tools *just because

ubuntu$ sudo apt-get install build-essential

Step 3
Create a file system for the EBS Volume you created and mount it.

ubuntu$ sudo cat /proc/partitions

major minor  #blocks  name

   7        0  104857600 loop0
   7        1    2097152 loop1
 202        0  104857600 xvda
 202        1  104848222 xvda1
 252        0  104857600 dm-0
 202       80  104857600 xvdf
 252        1   10485760 dm-1

ubuntu$ sudo mkfs -t ext4 /dev/xvdf

ubuntu$ sudo mkdir /data

ubuntu$ sudo mount /dev/xvdf /data

ubuntu$ sudo vim /etc/fstab

*ADD BELOW
/dev/xvdf    /data   ext4    defaults    1 1

Step 4
Install Docker

ubuntu$ sudo apt-get update

ubuntu$ sudo apt-get -y install docker.io

ubuntu$ sudo ln -sf /usr/bin/docker.io /usr/local/bin/docker

Step 5
Install Docker Registry Container

ubuntu$ sudo docker run -d -p 80:5000 --restart=always -v /data:/var/lib/registry registry:2

Step 6
Create a Security Group for your AWS ELB opening port 443 via the AWS Console

Step 7
Create an Internal AWS ELB that has a Load Balancer Port 443 and Server Port 80 and apply the Security Group you created in the previous step, then put your AWS EC2 instance in it. Create friendly DNS CNAME to that load balancer. This is needed since Docker Registry needs to leverage SSL.

Step 8
From a SEPARATE Development Docker Server Test Your New Registry

ubuntu$ sudo docker pull ubuntu

ubuntu$ sudo docker tag ubuntu the-dns-name-to-elb/mytestimage:1

ubuntu$ sudo docker push the-dns-name-to-your-elb/mytestimage

ubuntu$ sudo docker pull the-dns-name-to-your-elb/mytestimage

*NOTES

• When creating the ELB you will want to apply your SSL Certificate for port 443
• This setup is only securing things via the network layer in theory you should apply authentication
• Snapshot your EBS Volume you created at whatever interval you like

The post How to Create a Private Docker Registry Using AWS and Docker first appeared on Phil Chen.

]]> https://philchen.com/2015/10/28/how-to-performance-tune-ubuntu-14-04-lts-trusty-in-aws-ec2/ Wed, 28 Oct 2015 21:53:45 +0000 http://3.84.23.23/?p=1868 This article will explain how to performance tune Ubuntu 14.04 LTS Trusty in Amazon Web Services EC2. Building a good base AWS AMI is important and if your using Ubuntu 14.04 this will hopefully be of some help. Step 0 Time Matters! Make sure you have NTP installed otherwise do the following: Step 1 Increase […]

The post How to Performance Tune Ubuntu 14.04 LTS Trusty in AWS EC2 first appeared on Phil Chen.

]]> This article will explain how to performance tune Ubuntu 14.04 LTS Trusty in Amazon Web Services EC2. Building a good base AWS AMI is important and if your using Ubuntu 14.04 this will hopefully be of some help.

Step 0
Time Matters! Make sure you have NTP installed otherwise do the following:


Copy Code Copied! Use a different Browser

sudo apt-get update

sudo ntpdate pool.ntp.org
 
sudo apt-get install ntp

Step 1
Increase the default file descriptor limit of 1024. TCP/IP sockets are considered open files so increasing this will help you handle more connections.

Append the below to your limits.conf file


Copy Code Copied! Use a different Browser

sudo vim /etc/security/limits.conf

Copy Code Copied! Use a different Browser

root		soft	nofile		65535
root		hard	nofile		65535
*		soft	nofile		65535
*		hard	nofile		65535

Append the below to your sshd_config file *Note this might already exist


Copy Code Copied! Use a different Browser

sudo vim /etc/ssh/sshd_config

Copy Code Copied! Use a different Browser

UsePAM yes

Append the below to your PAM sshd file *Note this might already exist


Copy Code Copied! Use a different Browser

sudo vim /etc/pam.d/sshd

Copy Code Copied! Use a different Browser

session required pam_limits.so

Append the below to your PAM common-session file


Copy Code Copied! Use a different Browser

sudo vim /etc/pam.d/common-session

Copy Code Copied! Use a different Browser

session required pam_limits.so

Append the below to your sysctl.conf file


Copy Code Copied! Use a different Browser

sudo vim /etc/sysctl.conf

Copy Code Copied! Use a different Browser

fs.file-max = 762427

Run


Copy Code Copied! Use a different Browser

sudo sysctl -p

Step 2
Save your SSD drives and leverage RAM by avoiding the use of swap. With this setting the kernel will swap only to avoid an out of memory condition.

Append the below to your sysctl.conf file


Copy Code Copied! Use a different Browser

sudo vim /etc/sysctl.conf

Copy Code Copied! Use a different Browser

vm.swappiness = 0

Run


Copy Code Copied! Use a different Browser

sudo sysctl -p

Step 3
Configure Kernel Network Performance Settings

Append the below to your sysctl.conf file


Copy Code Copied! Use a different Browser

sudo vim /etc/sysctl.conf

Copy Code Copied! Use a different Browser

# Increase the number of connections
net.core.somaxconn = 1000

# Increase number of incoming connections backlog
net.core.netdev_max_backlog = 5000

# Maximum Socket Receive Buffer
net.core.rmem_max = 16777216

# Default Socket Send Buffer
net.core.wmem_max = 16777216

# Increase the maximum total buffer-space allocatable
net.ipv4.tcp_wmem = 4096 12582912 16777216
net.ipv4.tcp_rmem = 4096 12582912 16777216

# Increase the number of outstanding syn requests allowed
net.ipv4.tcp_max_syn_backlog = 8096

# For persistent HTTP connections
net.ipv4.tcp_slow_start_after_idle = 0

# Increase the tcp-time-wait buckets pool size to prevent simple DOS attacks
net.ipv4.tcp_tw_reuse = 1

# Allowed local port range
net.ipv4.ip_local_port_range = 10240 65535

Run


Copy Code Copied! Use a different Browser

sudo sysctl -p

Step 4
Disable file access time logging. Setting the noatime effects removing a write for every read. Typically when a file is read the system updates the inode for the file with an access time so that the last access time is recorded, which basically entails a write to the file system. Unless you are running some sort of mirror you probably do not need the access time written.

Add the noatime attribute to your mount in fstab


Copy Code Copied! Use a different Browser

sudo vim /etc/fstab

Copy Code Copied! Use a different Browser

LABEL=cloudimg-rootfs	/	 ext4	defaults,noatime,discard	0 0

Step 5
Increase history and make your command prompt more informative, nothing more sad then typing history and not seeing some old commands you forgot to take not of. Also these changes will help you know where your at from a path standpoint.

Append the below to your profile file


Copy Code Copied! Use a different Browser

sudo vim /etc/profile

Copy Code Copied! Use a different Browser

# HISTORY SETTINGS
export HISTTIMEFORMAT='%F %R '
export HISTSIZE=2000
export HISTFILESIZE=2000
export HISTCONTROL=ignoredups

# Command Prompt Settings

export PS1='\[\033[1;34m\][\u@\h:\w]\$\[\033[0m\]'


*You will have to log out and back in for these changes to take effect.

After your done make a new AMI image and you should have a decently strong foundation for your application specific AMI’s. If your not making an image you may want to reboot the instance to ensure your changes took, specifically in the case of the fstab noatime.

The post How to Performance Tune Ubuntu 14.04 LTS Trusty in AWS EC2 first appeared on Phil Chen.

]]> https://philchen.com/2015/09/28/how-to-configure-a-postfix-stunnel-and-amazon-simple-email-service-ses-on-ubuntu-14-04/ Mon, 28 Sep 2015 17:35:30 +0000 http://3.84.23.23/?p=1814 This article will cover leveraging Amazon Simple Email Service (SES) in concert with Postfix and Stunnel as a solution for sending email at scale. Postfix is a open source mail transfer agent (MTA) that is widely used. Stunnel is an open-source multi-platform computer program, used to provide universal TLS/SSL tunneling service. Amazon SES is a […]

The post How to configure a Postfix, Stunnel, and Amazon Simple Email Service (SES) on Ubuntu 14.04 first appeared on Phil Chen.

]]> This article will cover leveraging Amazon Simple Email Service (SES) in concert with Postfix and Stunnel as a solution for sending email at scale.

Postfix is a open source mail transfer agent (MTA) that is widely used. Stunnel is an open-source multi-platform computer program, used to provide universal TLS/SSL tunneling service. Amazon SES is a cost-effective outbound-only email-sending service built on the reliable and scalable infrastructure that Amazon.com has developed to serve its own customer base.

Combining these solutions together creates a flexible and powerful outbound email solution.

Step 0
Time Matters! Make sure you have NTP installed otherwise do the following:


Copy Code Copied! Use a different Browser

sudo apt-get update

sudo ntpdate pool.ntp.org
 
sudo apt-get install ntp

Step 1
Setup AWS SES by doing these steps:

• Sign up for SES
• Verify your Domain with SES
• Obtaining Your Amazon SES SMTP Credentials

Step 2
Install Stunnel


Copy Code Copied! Use a different Browser

sudo apt-get update

sudo apt-get install stunnel

Configure stunnel.conf (In this case we are using us-west-2 (Oregon)


Copy Code Copied! Use a different Browser

cd /etc/stunnel/

sudo vim stunnel.conf

Copy Code Copied! Use a different Browser

[smtp-tls-wrapper]
accept = 127.0.0.1:1125
client = yes
connect = email-smtp.us-west-2.amazonaws.com:465

Enable Stunnel


Copy Code Copied! Use a different Browser

cd /etc/default

sudo vim stunnel4

Copy Code Copied! Use a different Browser

# /etc/default/stunnel
# Julien LEMOINE 
# September 2003

# Change to one to enable stunnel automatic startup
ENABLED=1
FILES="/etc/stunnel/*.conf"
OPTIONS=""

# Change to one to enable ppp restart scripts
PPP_RESTART=0

Start Stunnel


Copy Code Copied! Use a different Browser

sudo service stunnel4 restart

Step 3
Install Postfix if it isn’t already
*NOTE Select “Internet Site” and Enter “yourdomain.com” when prompted.


Copy Code Copied! Use a different Browser

sudo apt-get update

sudo apt-get install postfix

cd /etc/postfix

Configure sender_dependent_relayhost with the sender email address
*Make sure your email addressed being relayed matches what application is sending it.


Copy Code Copied! Use a different Browser

sudo vim sender_dependent_relayhost

Copy Code Copied! Use a different Browser

user@yourdomain.com	127.0.0.1:1125

Make your sender_dependent_relayhost.db file


Copy Code Copied! Use a different Browser

sudo postmap /etc/postfix/sender_dependent_relayhost

Configure /etc/postfix/password with your SES SMTP credentials


Copy Code Copied! Use a different Browser

sudo vim /etc/postfix/password

Copy Code Copied! Use a different Browser

127.0.0.1:1125 [SMTP Username]:[SMTP Password]

Set Permissions of /etc/postfix/password


Copy Code Copied! Use a different Browser

sudo chown root:root /etc/postfix/password

sudo chmod 600 /etc/postfix/password

Make your password.db file


Copy Code Copied! Use a different Browser

sudo postmap /etc/postfix/password

Copy Code Copied! Use a different Browser

sudo vim /etc/postfix/main.cf

Configure with these lines /etc/postfix/main.cf:
*You can clear out the default configurations in this file and add the below
*Make sure you put your domain in the myhostname field


Copy Code Copied! Use a different Browser

myhostname = yourhostnamehere
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_dependent_relayhost
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/password
smtp_sasl_security_options =
mydestination = localhost 
inet_protocols = ipv4
inet_interfaces = all

Reload PostFix:


Copy Code Copied! Use a different Browser

sudo postfix reload

Test your new outbound mail system:


Copy Code Copied! Use a different Browser

sudo apt-get install mailutils

echo "TEST" | mail -s subject whateveremail@gmail.com


The email should be received to whateveremail@gmail.com from youremail@yourdomain.com via amazonses.com

Things to note when configuring this outbound email system.

• Make sure the relay address matches the email your app is sending from
• Make sure you don’t have any firewall rules blocking port 1125
• Make sure you use the correct SMTP credentials from AWS SES

Happy email sending!

The post How to configure a Postfix, Stunnel, and Amazon Simple Email Service (SES) on Ubuntu 14.04 first appeared on Phil Chen.

]]> https://philchen.com/2015/08/08/how-to-make-a-scalable-python-web-app-using-flask-and-gunicorn-nginx-on-ubuntu-14-04/ Sat, 08 Aug 2015 23:30:48 +0000 http://3.84.23.23/?p=1778 This article will cover creating a Scalable Python Web Application using Flask (microframework for Python) Gunicorn (Python WSGI HTTP Server for UNIX) and NGINX on Ubuntu 14.04. There are other more full featured Python web frameworks such as Django but if you need a light weight web app or API server this stack can be […]

The post How to make a Scalable Python Web App using Flask, Gunicorn, NGINX on Ubuntu 14.04 first appeared on Phil Chen.

]]> This article will cover creating a Scalable Python Web Application using Flask (microframework for Python) Gunicorn (Python WSGI HTTP Server for UNIX) and NGINX on Ubuntu 14.04. There are other more full featured Python web frameworks such as Django but if you need a light weight web app or API server this stack can be a nice solution.

ATTENTION! THERE IS AN UPDATED VERSION OF THIS BLOG AT THE LINK BELOW:

How to make a Python Web App in Virtualenv using Flask, Gunicorn, NGINX on Ubuntu 18.04

Step 0
Time Matters!


Copy Code Copied! Use a different Browser

sudo apt-get update

sudo ntpdate pool.ntp.org
 
sudo apt-get install ntp

Step 1
Install PIP


Copy Code Copied! Use a different Browser

sudo apt-get install python-pip

Step 2
Install Python Development


Copy Code Copied! Use a different Browser

sudo apt-get install python-dev

Step 3
Install Flask


Copy Code Copied! Use a different Browser

sudo pip install Flask

Step 4
Install Gunicorn


Copy Code Copied! Use a different Browser

sudo pip install gunicorn

Step 5
Create a Python Flask Application


Copy Code Copied! Use a different Browser

cd ~

mkdir /home/ubuntu/FLASK

cd /home/ubuntu/FLASK

vim hello.py

hello.py


Copy Code Copied! Use a different Browser

from flask import Flask
app = Flask(__name__)

@app.route("/")
def hello():
    return "Hello World!"

if __name__ == "__main__":
    app.run()

Step 6
Create a pre-fork Gunicorn startup script to run your Flask Application

Copy Code Copied! Use a different Browser

cd /home/ubuntu/FLASK

vim gunicorn.sh

gunicorn.sh


Copy Code Copied! Use a different Browser

#!/bin/bash

NAME="hello"
FLASKDIR=/home/ubuntu/FLASK
SOCKFILE=/home/ubuntu/FLASK/sock
USER=root
GROUP=root
NUM_WORKERS=3

echo "Starting $NAME"

# Create the run directory if it doesn't exist
RUNDIR=$(dirname $SOCKFILE)
test -d $RUNDIR || mkdir -p $RUNDIR

# Start your gunicorn
exec gunicorn hello:app -b 0.0.0.0:8080 \
  --name $NAME \
  --workers $NUM_WORKERS \
  --user=$USER --group=$GROUP \
  --bind=unix:$SOCKFILE

Copy Code Copied! Use a different Browser

chmod 755 /home/ubuntu/FLASK/gunicorn.sh

Step 7
Create a Gunicorn upstart script

Copy Code Copied! Use a different Browser

cd /etc/init/

sudo vim gunicorn.conf

Copy Code Copied! Use a different Browser

#Upstart Script

description "gunicorn"

respawn
respawn limit 15 5

start on runlevel [2345]
stop on runlevel [06]

env SCRIPTS_BIN=/home/ubuntu/FLASK

script
chdir $SCRIPTS_BIN
exec ./gunicorn.sh
end script

Step 8
Install NGINX

Copy Code Copied! Use a different Browser

sudo apt-get install nginx

cd /etc/nginx/conf.d/

mkdir /home/ubuntu/www

sudo vim flask.conf

flask.conf *Make sure you change the server_name


Copy Code Copied! Use a different Browser

upstream gunicorn_server {

  server localhost:8080 fail_timeout=0;
}

    server {
        listen       80;
        server_name  your-web-app-hostname-here.com;

	root /home/ubuntu/www;
	client_max_body_size 4G;
	keepalive_timeout 5;
        proxy_read_timeout 900;

        location / {
	try_files $uri @app;
        }

	location @app {
      	 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Real-IP	$remote_addr;
      	 proxy_set_header Host $http_host;
      	 proxy_redirect off;
      	# pass to the upstream gunicorn server mentioned above 
	 proxy_pass http://gunicorn_server;
	}

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
   }

Step 9
Start Gunicorn and NGINX

Copy Code Copied! Use a different Browser

sudo service gunicorn start

sudo service nginx restart

More Information:

• The formula for how many Gunicorn workers to run should be (2 x $num_cores) + 1
• There are different types of Gunicorn workers
• You can configure threads in Gunicorn
• If it applies you can configure NGINX Caching to help with performance

The post How to make a Scalable Python Web App using Flask, Gunicorn, NGINX on Ubuntu 14.04 first appeared on Phil Chen.

]]>