Python

I just released a new snapshot, it includes the following changes:

• fix fork bomb and check number of children against minSpare not maxSpare
• Restore check of the absolute number of children against maxSpare and document rationale.
• Add configurable timeout (default: no timeout) to be used when the WSGI application is called. Only applies to forked servers!

Here are links to the Hg repository and the PyPI page.

If there are any issues, please open a ticket at the flup Trac and/or submit a patch.

I didn't realize this, but all my SHA implementations were still living in my Subversion repository. Well, after some meticulous converting from both my archived CVS and SVN repositories, I've managed to finally move them over to Mercurial.

Anyway, I'm not sure what else in Subversion I'd like to move over. Certainly, there's nothing left in there that's all that interesting to the public. So I will take down the public-facing SVN repo... someday.

Searching Google, I see nothing links directly svn.saddi.com. However, there's quite a lot of documentation that references flup and fcgi.py within it. Well, if anyone's been checking out that flup, it's 2 years out of date. And the standalone fcgi.py module... I'd rather just forget about that since it's hopelessly out of sync from the flup version. (It's basically the flup threaded fcgi server without thread pools.)

I've written up brief guidelines on submitting patches for flup. (Though it also pertains to any of my other public projects.)

And I'd like to thank everyone who has recently contributed! Don't worry, there's nothing in the guidelines that you weren't already doing.

See this entry for details.

I guess I've sat on these changes long enough:

• Import Paste factories (and dependencies...) from PasteScript
• Be tolerant of EAGAIN when sending messages to parent process.
• Add forceCGI keyword argument to FastCGI servers to programmatically force CGI behavior.
• Merge Tommi Virtanen's "single server" (sequential server) patch.
• Update ez_setup.py.
• Re-seed random module after each fork.
• Add an indication as to which header fails assertion when passing in non-string header names and/or values.

The only major change are the Paste factories — they should be a lot closer to the (deprecated) factories for flup servers found in PasteScript. In fact, they are the same factories found in PasteScript. Defaults will have changed, with respect to the previous factory implementations.

I'm looking to release in a week or so. Testing/comments are welcome:

http://hg.saddi.com/flup-server/

And, as you probably have noticed, I don't cut releases that often (not a big fan of "release early, release often"...) But my public repository is always up-to-date. So it's almost the same thing... without the overhead.

Well, Python 3.0 was released a few days ago. I admit, I really haven't been keeping up much with Python development. Up until yesterday, Python 2.5 was all that I've used.

Anyway, I was curious. I was curious about all the backwards-incompatible changes to the language/libraries. I was curious about how WSGI dealt with Python 3.0. With the list of proposed WSGI 1.0 amendments for Python 3.0 (and the Web-SIG posts it referenced), I attempted to port both flup and ajp-wsgi.

It was interesting, at least, to see the issues in two different lights. Though flup and ajp-wsgi do the same thing conceptually, flup is pure-Python and ajp-wsgi is pure-C. The most pain for both, unsurprisingly, came from the new str/bytes distinction. While it was an annoying issue to deal with (and I realize as far as the spec is concerned, all details about it still haven't been worked out), I do welcome the change.

I've published both repositories, for the curious. They work for simple "Hello World" type applications. I kind of doubt that any frameworks have been ported to Python 3.0 yet. I probably won't touch them again until the spec has been clarified more. (Encoding of environ key/values? file_wrapper support with e.g. text-mode files?)

Interestingly, I didn't actually test the FastCGI and SCGI adapters with "real" web servers. (I don't have anything set up.) I used the flup client implementations to cross-test clients/servers on 2.x/3.0. So those flup WSGI servers might actually be broken.

The repositories:

• http://hg.saddi.com/ajp-wsgi-py3.0/
• http://hg.saddi.com/flup-py3.0/

A very minor update to flup. If you aren't having any problems now, then there's probably no need to upgrade.

This update concerns certain web servers & configurations that don't correctly supply PATH_INFO and/or QUERY_STRING to flup. When missing these environment entries, the flup servers will now attempt to deduce PATH_INFO and/or QUERY_STRING from REQUEST_URI (if it is present) before defaulting to the empty string (as it did before).

Thanks to Richard Davies for the patch.

With the advent of flup 1.0 and the disappearance of the middleware modules (I don't think anyone really cares about Publisher ), I've been getting a few queries here and there about alternatives.

Rather than continue to answer people individually, here are some alternatives to flup's middleware and publisher modules. However, they represent alternatives that I've personally chosen. (And considering how far removed I am nowadays from the world of Python web development, take my choices with a grain of salt.) Suggestions for other alternatives (alternative alternatives?!?) are welcome.

For users of flup's SessionMiddleware, I recommend Beaker. Switching over is a simple matter of changing the environ key from 'com.saddi.service.session' to 'beaker.session' and ensuring that session.save() is called before the WSGI application returns. (After you've appropriately swapped out flup's SessionMiddleware with Beaker's in the WSGI stack, of course.)

GzipMiddleware and ErrorMiddleware have analogues in Python Paste.

flup's Publisher is probably most like Colubrid, though I haven't personally tried it. (Also remember that flup's Publisher was inspired by mod_python's Publisher, which was apparently inspired by Zope's ZPublisher ).

Anyway, I updated the old flup 0.5 branch and uploaded the source distribution to the Cheese Shop. I really don't want to maintain two branches, so consider this 0.5 release final.

I resolved a few more outstanding issues with flup and decided to make a release. I went ahead and called it 1.0. And as I previously mentioned, I went ahead and removed the publisher and middleware modules.

If you've been following the Subversion repository for flup (which has been quiet due to my switching to Mercurial), there have only been 1 or 2 new fixes.

I also uploaded the tarball and 2.5 egg to the Cheese Shop. Further updates will also go to the Cheese Shop.

And on the subject of further updates, consider flup to be in maintenance mode - there won't be any more new development. Bug fixes and bug reports are still welcome, of course. (Though this has been the way I've run flup for quite a while now, so I'm just making a formal announcement. )

And as a bit of editorializing, did I ever mention how much I hate FastCGI? Around the time I first released flup, I had transitioned my apps from FastCGI to AJP, and I never missed FastCGI since. But much to my disappointment, the FastCGI module was the most popular... most likely due to ubiquitous & cheap shared hosting services (e.g. Dreamhost).

Oh well, I don't even use flup myself anymore. I've switched to ajp-wsgi...

ajp-wsgi 1.0 has been released. It may be downloaded here (ChangeLog). It's been sitting around for a few months now, in heavy use at my server for both "production" and development WSGI apps. I think it's pretty safe to say it's at least on par with flup's ajp WSGIServer now.

The only lingering issue is a core dump with Trac and only Trac, and only when it is killed or SIGHUP'd. Unfortunately, with so many variables (Trac imports quite a few C extension modules), I haven't been able to isolate problem. (And maybe it's just my environment... sadly, I don't have the resources to try elsewhere.)

Anyway, 1.0... so what now?

My C WSGI implementation is relatively decoupled from the transport code (AJP). It's conceivable that replacing the transport layer with something else is entirely possible. Like say... a full HTTP 1.1 server. I guess there could be two directions to take that:

http-wsgi
I suppose one could take an embeddable HTTP server (or write one from scratch, if so inclined) and glue the WSGI code into the request handling pipeline. Personally, it's not a project that interests me much. Leave web server writing to the web server experts, I say. However, suppose one wrote it as an extension module for one of the popular web servers...

mod_wsgi
How about an extension module for say, Apache HTTPD or lighttpd? The problem I see with this is that, functionally, it would just be equivalent to mod_python. (After all, you're just embedding Python into the web server and patching into its request processing.) I think the only difference would be that the WSGI-adapter code (the layer that sits just above Python) would be written in C. Additionally, you inherit some of the more interesting problems of mod_python... namely conforming Python's process/threading model to that of the web server's. In all likelihood, you would be running multi-process, not multi-threaded. I guess if you were clever, you could run the Python interpreter in only a single process, similar to how CGI works in modern versions of Apache HTTPD.

But then, if you do that, all it buys you is automatic process management versus using an external server model like AJP/SCGI. So why bother with yet another mod_somethingsomething?

Anyway, ajp-wsgi will remain ajp-wsgi for the foreseeable future. (If I'm sufficiently bored and curious, I may try creating an scgi-wsgi someday.) Though http-wsgi does pique my interest somewhat... I just have to find a suitably feature-laden embeddable C web server.

Well, not much has been happening. ajp-wsgi has been humming along, stable as a rock. It's been running all of my Python-based websites for a little over a month now (longer, really, since I had to reboot my server early January to update FreeBSD). Once I make a few documentation updates, I think it would be safe to declare a 1.0 release. (Seemingly a big milestone nowadays...)

Well, after a week of coding, I decided to "release" ajp-wsgi (i.e. make its existence known beyond my web sites and blog). It's a rather niche project, but if one other person finds it useful, then hey, cool. Releasing it costs me nothing.

I found it highly educational to create, illuminating the mysteries of the Python C API. Plus I'm using it everywhere now. And after having closed ticket #4, the solution of which seems to have been a panacea to all current issues, it's pretty much complete as far as I envisioned it.

Now maybe I can get back to Flannel...

And I have thought about writing an SCGI version as well... but it's not something I would use. So what's the point? I don't really like supporting something I don't use regularly, though by virtue of being free software, I'm not really obligated to provide any support. (But I still do because I'm a nice guy. ) Maybe if Apache HTTPD eventually adds a mod_proxy_scgi though...

Ah, no Google hits for mod_proxy_scgi. Oh well. At least this entry may eventually show up.

Apparently, I did not read the AJP13 spec nor my original code very closely:

Note: The content-length header is extremely important. If it is present and non-zero, the container assumes that the request has a body (a POST request, for example), and immediately reads a separate packet off the input stream to get that body.

Here I was requesting the first block. Anyway, a quick and easy fix.

ajp-wsgi is moving along... and actually, development has slowed down immensely (a marked sign of stability?). I've converted all Python WSGI applications on my server to use it now. It may just be psychological, but I do notice application responses being a bit snappier. But who knows.

Trac seemed to be the most non-trivial to convert. It doesn't provide a ready-made application factory to create the WSGI app object. I basically had to mimic (using my config options) the operations that its main() method performed. Other applications (my own blog & shorten projects, moinmoin) had readily-available app objects though. And I'm also glad to say that Paste Deploy-based apps are easily deployed with ajp-wsgi as well.

Anyhow, I went ahead and decoupled the C WSGI code from the AJP code today. Now the next time I'm bored, I think I'll write drivers for both ends of an SCGI connection. It would be interesting if I could write that FastCGI->SCGI adapter wholly in C (using the standard C FastCGI dev kit). Actually, I guess I should check if there's already a C SCGI implementation...

I moved all the WSGI stuff out of my AJP C library project into its own project: ajp-wsgi. I polished it up a bit, gave it a command-line interface, wrote a better build system, and even wrote a simple README for it. You can find it here.

Note that this is not a Python extension. Rather, it is a 100% C WSGI implementation... that executes the application in an embedded Python interpreter.

It's moved beyond a proof-of-concept and is quickly becoming more and more practical. (At this moment, my personal wiki is running atop it. Maybe I'll switch my Trac sites and shorten over to it as well.) But make no mistake, it is very much alpha-quality and untested.

Future directions:

• Decouple the WSGI code from AJP, opening it up to an SCGI implementation. I have no interest in making a FastCGI version, so don't ask.
• If not thread pooling, then maybe a thread limit at least?
• Multi-app support. Maybe read configuration from an INI-style file (each section header would define the module:object for the app).
• Figure out/understand the oddity with mod_proxy_ajp. It seems to stream the request body whether solicited or not. It also sends an unsolicited EOF packet. If this is the case, then mod_jk seems like a saner implementation... but maybe this is the future direction of the protocol?