Merken

Type UWSGI; Press Enter; What Happens?

Zitierlink des Filmsegments
Embed Code

Automatisierte Medienanalyse

Beta
Erkannte Entitäten
Sprachtranskript
and part of the mind
and the and
the same very much what the new tag you is the press
and what happens is the talking here for congratulations if not you're totally free believe benefactor give you the opportunity and ask you all you 3 things for me real quick for thing as a radio it's late in the day everybody stand up real quick I was gonna get William A. that's not put please place your hand over your heart dataset to the left fantastic now you can say that have no matter else what happens the talk was uplifting heartwarming and moving so let's say you build a Django at you're ready to share with the world you tell your friends about it and they think had this thing is really great for when you deploy it when you put up for the world you shouldn't be using Django run server you should be using you was the you as you say it was you is the and their so you go and look at the
you with the product documentation and it says things about being a proxy it says things about uh taking care protocols in managing process as you get apparently right plug-ins in C C + + Objective C and this seems very informative but it doesn't answer the fundamental questions you have about what is you was the what's it doing and why should you use it and those are the questions we're going to try to answer today but
how does he was the handle process from the operating system level as you was the handle networking from the operating system level and then why should you use you whiskey and to tell you that it's about like why I use you with the my name is Phil James if you're reading comma
last year you might remember my talk frog and toad learn about gender security uh if you've been to other pipelines you may have seen
another talk of mine type Python press under what happens in that topic I went through the what was on the box what happens from the operating system level when you type Python and press Enter you may be aware that the type isomer Python and press Enter you get the prompt at the terminal but what is the operators in doing the hood to make that happen and so in that talk we talked about
how they are these things called crossed season a process that you might use to start Python is a process called batch bash starts the Python
process by making a copy of itself and then changing that copy to the Python process through technique as 14 exacting and that process gets access to these things called file descriptors which are the mechanisms that are used by the Python process for input and output for you to communicate with Python for Python to communicate with you and
that's the basis for our starting point here of how does you with the handle processes and talk about that we talk about an that I created a while back I couldn't find it anywhere else in the internet I was really surprised but cats serve cats as a service if you are in need of a cat a service in your life there's a get help link that you can go check out but the app is pretty simple you go to
cancer and you get a cat
the now I did some digging because some people
told me use you was due when deploying this and so I found a u is the incantation
that would let me run this
happen from my server type you as the presenter what happens and what happens if you do this incantation free was the actually could choke on some interval of user you is the before ever in any context but there all those people have their hands raised an evil knew that knew that you could run the whiskey from the command line just like blank command line options OK not as many and that was a realization for many of us as well is that you would see it like many things on Unix systems is a command you can run it the way that you run it outside of a demon and you type you was the and presenter with the using a date with this particular options you get this a bunch of output we've condensed some of it and the line that I really wanna point out here that line at the bottom spondee was the worker 1 and has this thing called a PID name IRA from our previous slide that batch and Python had the ideas those of process ideas and and this line is you the telling you a i have spawned 1 worker 1 thing that is going to run your app and there's the prosody where you can find it and so that looks like a a
diagram of it is there is this you with the process that you've started you is the forks itself and exact your
Python out to make this running Python process running around and when a request comes in now by that worker is busy and it's serving your request and that's great but we wanted to add an extra special feature to this that you know we've been hearing a lot about machine learning and we really want to be able to serve you the best cat not just any cat but the best cats best specifically tailored for you as I put a bunch of our tracking pixels all across the Internet to collect data on was going to be the best cat for you and we put this spin this beta feature and we we tried really hard but we couldn't get the time to load the beta best Caffrey you under 10 seconds we think we can maybe do that in the future right now the page takes 10 seconds and that's a bit of a problem
and because as we see here if unloading the beta which you can see and I try to load the normal home page or the home pages to load really fast and now it's not and in fact if we wait for the full 10 seconds will see that it's only after the
beta page loads with this how
highly tailored cat for you uh that the normal homepage cat loads and that's really not we want you know it we don't want to debate a feature to be basically making the rest of our ap worse and so what we need to
do it had he was he start
more than 1 process and for gender let's especially you know every time if you want to be able to serve multiple request the same time you need to be use uh having jingle run with mobile processors and so here we've added this dashed P 2 to the end of the command the reason to renew was the and he was he tells us that spawned not just 1 but 2 new is the workers with 2 different process ideas and so if we
go back to our data will see that we can have the beta loading in 1 window and the home page now
loads independently perennially that fixed
I happened in the going back to the diagram
the way this works is when you is the fortune execs if Orton execs 2 processes and so while 1 is busy serving the beta page the other 1 can be serving our homepage and our users still get a pretty good experience so that is basically the core of how you whiskey and realistically any other Python web app server like g Unicorn or some of the model libraries for and annex or uh Apache are going to handle this in Ford model processes and happened rout requests to each of those different processes let's talk about what I mean when I say routing requests to those different
processes uh so if we go back
to that command I'm passing in HEP 8 thousand that's telling you is you know what you run this application on that port and so if we look a bit closer we're gonna see look at the middle section of output now where we see some kind of relevant information that he was he is telling us it's telling us that it's bound 8 thousand off FT for its spond HCD 1 on a master process 12 20 this some other FT is there and if you remember from talking a process at the beginning we talked about file descriptors being how input and output is connected to Unix prophecies and he was he is giving us this hand here these FTE is are the file descriptors to these processes that are being passed around and bound to let you is the talk to the internet so it's not a little bit more about
that they wanna connects to a remote server and the remote server here is going be a box and the way you connect to remote servers through ports the ports here are represented as telephone jacks because a way that you can think about ports on your operating system is that they're like telephone lines that are waiting for things to connect to them as you want SSH into this box you probably get used for 22 if you've states into a box ever before you've probably used for 22 if used did you probably used for 22 you probably uses an SSH mode and so the 1st thing that as h is going to do is it's going to be connected this phone line which is our metaphor for a socket going to connect a socket to port 22 and then it's going to use that socket to communicate through the port to the outside world now you was he is doing a similar thing on port 8 thousand words connecting this phone line the socket to 48 thousand and then using that to communicate and accept connections coming in from outside yeah is a little bit more complexity so both the soccer import functions are happening in a space called the kernel the kernel is that of the core of the operating system it's were all the interfacing with hardware happens and it turns out if you wanna to network and you have to interface with hardware at some point and the processes like SHD which is running as a stage and you whiskey which erroneous happening in use of land and as a mechanism for user land processes to talk to the Colonel next through cis calls the scores of the special functions written in C and normally accessed in C. back entire right into the kernel Escobar
deeper let's say you're on your computer you're in Chrome and you wanna connects you you with the server on port 8 thousand you know that 40 thousand is going to be accessed by the kernel up and the 1st and if he was he wants to bind itself wants to connect to 40 thousand so it can receive connections 1st of all the 1st thing you notice is if you were to make this connection from ground 240 thousand before any of the connections of and then you get a connection refuse there right because there's no port exposed the kernel doesn't know what to do with this so just toss it back at you and so he was his the issues and Cisco also gonna getting set up so they can accept requests from your browser the 1st thing it's going to do is issued the socket syscall to create that telephone 1 degree that socket and it's going to be can pass that soccer as a file descriptor because if you're familiar with the Unix philosophy were everything needs to be some sort of file released file like object and you was the needs this file-descriptor handle to the socket but it has created you was he then calls blind and will bind is going to is going to tell the colonel have created the socket please connect socket to the port that I specifies it's connected the 40 thousand and then he was is going to call listeners will listen is going to do is it's going to tell the kernel get everything set up ready to go please expose this port 8 thousand to the outside world so that I can start accepting connections now it's at this point that you was he is going to do it's fork and exacting
to create the worker processes and evidencing about 14 exacting as we forge Exec a process you get the same file-descriptor references that the parent process had so with the with the master browsers and both word across seas have the file descriptor access to the socket was created from 40 thousand and these 2 were the processes are going to call another special Cisco called eat all weight which is effectively these word across seas telling the kernel they were both waiting for a telephone call waiting by the phone as soon as somebody calls the phone were ready to pick it up so now you can make your request from crime against for 8 thousand that the phone rings and and both processes trying to pick it up at the same time they both have access to the file descriptor and they're both going to reach for the phone but they can't both answer the phone that 1 of them is going to win the 1st they're both this article except to both try to pick up that phone at the same time only 1 is going to win and the 1 that wins is going to get a new socket which represents the connection from 48 but from Chrome through 40 thousand to the Python worker process and it's now going to be handling the request while the other python process issues the equal weights is call again letting the kernel no hey so the other guy won the 1st time that if a new request comes in I'm totally ready for it and was a very long complicated diagram but that's basically the core of it through a combination of CIS calls and sockets but you with the sets up a connection and then passes back to a reference that connection to its work across these it's child processes and this child word across seas except the connection to handle the request so
now we get into that we talked about how he was he handles process season we've covered a bit about how you was the handles networking friendly requests why would you use you with the and the 1st couple things that I'm going to talk about are not really specific to you is the they're kind of applicable to any Python application server but but a couple are going be specific he was you know call those out so 1st thing is coterie
reloading this is something that the GenGO run server really can't do that if you are trying to deploy a new version of your code e . co servicing on deploying new version you won't be able to deploy that version without shutting down your entire server and bringing chatting and applications are and bringing it all the way back up so when you with the text there's new code to be run when you tell it hey I would like to change of the code of the workers it sends a signal to its worker process sees the hang of signal saying how telling the workers hate as soon as you're done we use exit and reload yourself and so in this example we've got 1 worker that's busy both workers get the Sync-Up so no 1 is busy into the 1 that isn't busy shuts down immediately the 1 that is busy kind of gets a little modification indicate about power symbol hate when you're done processing your current request you should shut down because you need to be reloaded a complete this request it notices that 0 I should refresh myself it also shuts down now notice that this entire process you whiskey held onto that socket that was connected the outside world so he was he didn't never dropped a connection more connections but added to the queue during that time but you with was always maintaining its presence the outside world so from the user's point of view he may have been a little slower but they never got the connection refused so that's reason number 1 you might use you as the but that's pretty common reason number
2 tunability earlier we noticed that when we were running our data feature we needed more than 1 process In order to serve our application well and not have any users be blocked innovative feature but why tuberosities why not 20 1 at 200 and the answer is you is you will let you respond as many word across users you reasonably want but there's going to be a right number worker process for your system in my testing a Python application worker takes about 2 100 megabytes of RAM if your machine has about 2 gigabytes of RAM is running a small server maybe the right number 4 years 10 or 8 if you wanna give some wiggle room but the important note here is that he was he lets you tune basically every prairie you can think of to match with your or system needs again this 1 we think he was he makes it easier but it's also need inuit unicorn about the others the security there is
a very so overall the GenGO team does an incredible job with security in any part of the framework that you would use on a regular basis that actually can run and composes the application they are very quick to respond security holes they released patches quickly but there's a 1 area of the gender codebase where they have said quite explicitly they will not do any sort of security audit or do any sort of security patches and that is run server directly from the utterance a is not pure and through security audits and that's how it's gonna stay the and that might not seem like a huge deal but just as a small example this is the headers from http request right i if you're familiar with this this promise laws internationally with this brief overview you're getting the a Root page over a 1 when 1 on host concert that I know which unfortunately don't own but you're welcome to created and then put our code upon it and now be great I and this seems pretty straight forward but what if you get a request like this what if there's a layer of your system that interprets the 1st header but not the 2nd header or vise versa now it could be that everything here is fine but the point to make is that the Django team has not thought about this case for run server and the whiskey team hats and so security is 1 of those things that whatever any somebody says it everyone in the room including those who work in security feel slightly inadequate it's more that you should be focusing your efforts on using tools that have been vetted by people who care about the security of their layer and the Django team has enough to worry about and so run servers not on the Security out it's not as good as they use a different application server again pretty common not as early specific to you with the another thing that had he was he
or in other applications are having favor is config files it I show this because the title the talk is tight you with the present what happens but many of you use you was the other regular basis are probably more used to seeing a format like this that you have in a you was the conf file that you can check and again you can pass on as text files you don't have to remember the magical incantation on your server you this point a using year run you is he pointing at this conf file and it will do exactly what you wanted you captured and that's great because you get all the advantages of this having a text configuration file that you can again check and again you can decode you want you can iterate on over time and you never have to worry about remembering the correct options that is a super powerful thing that thing anybody here is done amending appreciates again not necessarily specific to you is the genocidal something that all our super specific to you is the and
you with he comes with so many features and so many modes of operation that you can probably replace large parts of your existing infrastructure with you is the you may not even know it for example you was Commissioner static file server if you'll want your workers to die after a certain number of requests because you think you will never really can you can't be bothered to fix the memory leak right now you can set a match requests per worker on the worker and those restart after certain requests you it comes the queuing system you is he comes GP support is to be a sport to support right of the box becomes the hari-kiri mode so the uh single worker grows to having too much memory it'll just kill itself and start a new workers again if you got a memory leak why budget today when you can debug at 6 months from now is how he was you take care of you the if you want from how you was is doing you can use you as the top if you wanna see exactly where that really just coming from eventually you can use memory port you easy supports a and so when I look at this list I think I think to myself is with all the things that you wish you can do do I still needs a separate queuing or a static files in the system salary the to something red what else can you do us away with the cover decorrelating tunability are pretty common uh security config files and just sold many features if you haven't I been dove into the EU is the docks yet highly recommended you will discover things that you did not know he was he could do the and so that's about it of a special thanks to and that the guy
grade was you reviewed this talk of for me and my co greater the person on the right it so he was incredibly helpful in answering questions if you have any questions I will answer them now we've got about 5 minutes of my name is Phil James I and definitely so I of do a whole bunch of things that work in Jangwon for about 10 years I'm definitely available for consulting especially on security or performance so if your company is having problems that you think could be solver someone who's given talks on security requirements agenda constantly come talk to me that's my e-mail address that is my Twitter handle feel free to Twitter me is my birthday you're also walking the line you drink the water later tonight and with that I will turn over to overcome this request things will talk of every single tutorial I've seen on like how to get Django up and running on the Internet says you make the data used you whiskey and put it behind engine X and is that especially if he was he can do static file-serving males I thought the whole point of using into next the that's a great question the reality is that well you have to ask the specific tutorial author why they made that decision mark our my guess on that decision is at and annexes technology that more people use as they're kind of front-line server and so more people trust it in terms of being that like termination point and being the kind of the heavy here in terms of taking the most load that being said I actually do think for most small to medium applications you could it totally 1 everything away with just running you with the but there some things especially around like certain special proxy configurations that engine X is going to handle better and that was kind of art that my point with the like was the features is if you hit a core if if you think all here use cases can be covered by you with the use you is the I think that he was he can't do quite as well and is if you need to be um as not used up against us that some language that he was using a well-defined languages that people trust and next more I think is a big part of that but for small the mean I personally wouldn't have any fear about using you with you just out in the wild I think a lot of things people do there some talk about I hi is much always be the same as you whiskey bit ASCII our micro has 2 syllables you has 1 syllable in a torque you really stressed for time and so I chose to cut about 100 syllables is shout of my talk by calling it you would use micro is you but I requested and so you talked about a lot or some things that you whiskey and what is the worst thing about it but the worst thing about you is the is there so much there that trying to actually parts what the doctor telling you you was he can do is really tricky the doctor definitely written from the perspective of someone who is a web engineering professional and could be far more beginner friendly especially for exposing some of these school advanced features happy that taken at his mind yeah my question in is and so in terms of the process it happens with the communication with the kernel where the soak is open and pull is exposed how is it different from the run said that what this run so that do under the hood except for the fact that this can't have multiple workers so a when I was creating the stock we I was definitely under the impression that runs a written have multiple workers and then it turned out that runs server sometime in 101 looking at multiple workers uh so runs are actually does that do all lot of the same events that you with he does but there are things like and that was the features that are spread that runs the word can't or won't do and yeah realistically I like runs there is 100 % fine for development but I trust the team when they actively say please please please do not use in production but because they did that's never going to be a priority for the and I think that's in the much actively words that may not like I mean labor like actively reject packages for making it more production ready because that's not the goal of runs over but is doing most of the same dance of like sponsored cross season and have them we on a socket because it does do model prosody now right thank you there were so if you if
you buy if we were
Datentyp
Mereologie
Server
Computeranimation
Proxy Server
Prozess <Physik>
Prozess <Informatik>
Protokoll <Datenverarbeitungssystem>
Systemplattform
Plug in
Betriebssystem
Biprodukt
Computeranimation
Übergang
Objekt <Kategorie>
Komponente <Software>
Rechter Winkel
Software
Datennetz
Lesen <Datenverarbeitung>
Unendlichkeit
Nichtlinearer Operator
Quader
Geschlecht <Mathematik>
Computersicherheit
Datentyp
Radikal <Mathematik>
Betriebssystem
Computeranimation
Data Mining
Übergang
Kraftfahrzeugmechatroniker
Prozess <Physik>
Elektronische Publikation
Ein-Ausgabe
Stapelverarbeitung
Computeranimation
App <Programm>
Videospiel
Dienst <Informatik>
Punkt
Basisvektor
Dienst <Informatik>
Computerunterstützte Übersetzung
Computeranimation
Internetworking
App <Programm>
Punkt
Prozess <Physik>
Prozess <Informatik>
Dienst <Informatik>
Physikalisches System
E-Mail
Kombinatorische Gruppentheorie
Kontextbezogenes System
Computeranimation
Homepage
Konfiguration <Informatik>
Rechenschieber
Hauptidealring
Datentyp
Server
Vorlesung/Konferenz
Dämon <Informatik>
Stapelverarbeitung
Gerade
Funktion <Mathematik>
Weg <Topologie>
Bit
Diagramm
Prozess <Physik>
Rechter Winkel
Betafunktion
Zwei
Computerunterstützte Übersetzung
Algorithmische Lerntheorie
Computeranimation
Internetworking
Homepage
Last
Betafunktion
Zwei
Vorlesung/Konferenz
Computerunterstützte Übersetzung
Normalvektor
Homepage
Subtraktion
Prozess <Physik>
Prozess <Informatik>
Geschlecht <Mathematik>
Vorlesung/Konferenz
Coprozessor
Computeranimation
Stellenring
Prozess <Physik>
Web-Applikation
Routing
Dienst <Informatik>
E-Mail
Computeranimation
Homepage
Diagramm
Informationsmodellierung
Last
Bildschirmfenster
Server
Programmbibliothek
Vorlesung/Konferenz
Speicherabzug
Bit
Prozess <Physik>
Datennetz
Kartesische Koordinaten
Garbentheorie
Information
Elektronische Publikation
Ein-Ausgabe
Lie-Gruppe
Computeranimation
Funktion <Mathematik>
Internetworking
Bit
Prozess <Physik>
Punkt
Quader
Browser
Computer
Raum-Zeit
Computeranimation
Kernel <Informatik>
Spezielle Funktion
Socket
Software
Gerade
Einfach zusammenhängender Raum
Schnelltaste
Lineares Funktional
ATM
Kraftfahrzeugmechatroniker
Hardware
Systemaufruf
Betriebssystem
Elektronische Publikation
Quick-Sort
Objekt <Kategorie>
Minimalgrad
Rechter Winkel
Server
Benutzerführung
Wort <Informatik>
Socket
Speicherabzug
PCMCIA
Aggregatzustand
Einfach zusammenhängender Raum
Bit
Prozess <Physik>
Gewicht <Mathematik>
Browser
Schaltnetz
Systemaufruf
Kartesische Koordinaten
Elektronische Publikation
Computeranimation
Kernel <Informatik>
Diagramm
Unterring
Socket
Menge
Software
Server
Vererbungshierarchie
Socket
Speicherabzug
Benutzerführung
Wort <Informatik>
Softwaretest
Einfach zusammenhängender Raum
Sichtenkonzept
Punkt
Prozess <Physik>
Computersicherheit
Versionsverwaltung
Zahlenbereich
Symboltabelle
Kartesische Koordinaten
Physikalisches System
Code
Computeranimation
Virtuelle Maschine
Dienst <Informatik>
System F
Socket
Rechter Winkel
Code
Server
Wort <Informatik>
Warteschlange
Socket
Ordnung <Mathematik>
Leistung <Physik>
Subtraktion
Punkt
Kartesische Koordinaten
Gesetz <Physik>
Framework <Informatik>
Code
Computeranimation
Homepage
Prozess <Informatik>
Endogene Variable
Computersicherheit
Wurzel <Mathematik>
Konfigurationsraum
E-Mail
Umwandlungsenthalpie
Elektronische Publikation
Prozess <Informatik>
Computersicherheit
Physikalisches System
Elektronische Publikation
Quick-Sort
Konfiguration <Informatik>
Patch <Software>
Flächeninhalt
Geschlecht <Mathematik>
Softwareschwachstelle
Mereologie
Basisvektor
Server
Dateiformat
Hydrostatik
Bit
Punkt
Prozess <Physik>
Formale Sprache
Adressraum
Kartesische Koordinaten
Computeranimation
Gradient
Kernel <Informatik>
Internetworking
Arbeit <Physik>
Code
Computersicherheit
Radikal <Mathematik>
Vorlesung/Konferenz
E-Mail
Gerade
ATM
Nichtlinearer Operator
Synchronisierung
Computersicherheit
Ausnahmebehandlung
Biprodukt
Ereignishorizont
Entscheidungstheorie
Arithmetisches Mittel
Rechter Winkel
Festspeicher
Server
Socket
Telekommunikation
Proxy Server
Quader
Wasserdampftafel
Zahlenbereich
ROM <Informatik>
Term
Überlagerung <Mathematik>
Hydrostatik
Systemprogrammierung
Leck
Informationsmodellierung
Benutzerbeteiligung
Perspektive
Datennetz
Softwareentwickler
Konfigurationsraum
Datei-Server
Autorisierung
Elektronische Publikation
Matching <Graphentheorie>
Einfache Genauigkeit
Mailing-Liste
Physikalisches System
Elektronische Publikation
Moment <Stochastik>
Last
Mereologie
Wort <Informatik>
Mehrrechnersystem

Metadaten

Formale Metadaten

Titel Type UWSGI; Press Enter; What Happens?
Serientitel DjangoCon US 2017
Teil 08
Anzahl der Teile 48
Autor James, Philip
Mitwirkende Confreaks, LLC
Lizenz CC-Namensnennung - Weitergabe unter gleichen Bedingungen 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen und nicht-kommerziellen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen und das Werk bzw. diesen Inhalt auch in veränderter Form nur unter den Bedingungen dieser Lizenz weitergeben.
DOI 10.5446/33173
Herausgeber DjangoCon US
Erscheinungsjahr 2017
Sprache Englisch

Inhaltliche Metadaten

Fachgebiet Informatik
Abstract This talk is aiming right at professional or experienced amateur Django developers who want to learn about one of the core technologies used in modern web apps. We’ll do our best to make it accessible for all, but it’s going to be best to come in with working knowledge of web applications and a rough understanding of web servers. We’ll be covering how uWSGI serves Python web applications, how it manages workers and processes, and how it works with the operating system to handle networking. Our goal is to show how this works both in code and through abstractions, recognizing that different audience members are going to grasp things in different ways. The hope is that attendees will walk away with a working of knowledge of how their apps interact with the network and the operating system through uWSGI, and that a commonly-used but less-understood piece of software will become demystified.

Ähnliche Filme

Loading...