Re: [Zope-dev] Re: Timing the opening of network ports
Chris Withers wrote at 2006-8-31 08:15 +0100: > ... >Er yes, I know why this is a very good thing. I was commenting that I >can't see why anyone would want anything else ;-) You did not read the thread carefully: I explained why I prefer early port binding... -- Dieter ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
Tres Seaver wrote: The other reason for wanting "early binding" to the ports is if the ports are in the "reserved for root" range (< 1024); in that case, the ports *must* be bound early, before dropping privileges to those of the "effective user". Ah, that's true enough, but then again, anyone binding zope to a low-numbered port requires the gun politely pointing away from their foot anyway ;-) Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
On Aug 31, 2006, at 9:41 AM, Tres Seaver wrote: The other reason for wanting "early binding" to the ports is if the ports are in the "reserved for root" range (< 1024); in that case, the ports *must* be bound early, before dropping privileges to those of the "effective user". Not necessarily. The basic sequence for opening a server socket connection is: listener = socket(AF_INET,SOCK_STREAM,0) bind(listener, address_info) listen(listener, LISTEN_QUEUE_LENGTH) For unix and unix-like systems that reserve some range of ports for privileged users, it is the bind() call that has the user check. It is at the listen() call where the port is seen as open and available for connections. It might be that Zope's HTTPServer class bunches all of them in a single method for convenience, but it is possible to bind() early, drop privs, and listen() late. ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
Andreas Jung wrote: The usecase is pretty simple: you have a loadbalancer and remove one backend Zope. The LB detects the removal and stops forwarding request. When the client comes back (means Zope opens the ports early) the LB will start forwarding to the client although it might take a while until the Zope instance is really up and ready to serve request. So by opening the ports late we are able to reduce the latency and avoid pending requests. Er yes, I know why this is a very good thing. I was commenting that I can't see why anyone would want anything else ;-) Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
Christian Theune wrote: b) it's more convenient for developers Why? Early open port means: zopectl restart and reload in your browser immediately without getting "Connection refused". Dieter already mentioned this use case I don't really buy that, but since it's configurable, it doesn't matter... c) it's a good thing if you have 'smart' load balancers How so? Tres mentioned that to me: 'smart' load balancers can probe the server and decide that the port is there, but the response time is too high and won't include it in the pool again yet, but they can know that the port is already open again. Again, I can only see this as being a bad thing: LB: Hmmm, this one's alive but absolutely creamed, I better not send it any requests for a long time. D'oh Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30 Aug 2006, at 14:32, Christian Theune wrote: Chris Withers wrote: Christian Theune wrote: b) it's more convenient for developers Why? Early open port means: zopectl restart and reload in your browser immediately without getting "Connection refused". Dieter already mentioned this use case That's a matter of taste IMHO. Everyone handles that differently doing development. I always do "zopectl fg" and never hit "reload" until the console tells me Zope is ready. Let's not discuss this any further, taste knows no right or wrong ;) c) it's a good thing if you have 'smart' load balancers How so? Tres mentioned that to me: 'smart' load balancers can probe the server and decide that the port is there, but the response time is too high and won't include it in the pool again yet, but they can know that the port is already open again. I don't quite get this. I'd have said "smart load balancers can work around the fact that Zope opens ports way before it can start serving". So in essence, the "smartness" papers over Zope's early port opening issue. I'd never say "Zope opening ports too early is a good thing for smart load balancers"... Besides, there are tons of stupid load balancers out there who only look at open ports. But just like the argument above, this seems to boil down to personal preference. The setting is configurable, let's stop beating that old mare ;) jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (Darwin) iD8DBQFE9YebRAx5nvEhZLIRAh5PAJ4s9ij4ssii3PbQLBDQFGEkwHR89wCdHsDJ C0aoOvlUC7vbcEuk1spKx2Q= =msv1 -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
Chris Withers wrote: Christian Theune wrote: b) it's more convenient for developers Why? Early open port means: zopectl restart and reload in your browser immediately without getting "Connection refused". Dieter already mentioned this use case c) it's a good thing if you have 'smart' load balancers How so? Tres mentioned that to me: 'smart' load balancers can probe the server and decide that the port is there, but the response time is too high and won't include it in the pool again yet, but they can know that the port is already open again. Christian -- gocept gmbh & co. kg - forsterstraße 29 - 06112 halle/saale - germany www.gocept.com - [EMAIL PROTECTED] - phone +49 345 122 9889 7 - fax +49 345 122 9889 1 - zope and plone consulting and development ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
Christian Theune wrote: b) it's more convenient for developers Why? c) it's a good thing if you have 'smart' load balancers How so? Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
--On 29. August 2006 18:37:45 +0100 Chris Withers <[EMAIL PROTECTED]> wrote: Tres Seaver wrote: Unlike you, I prefer when the browser waits until Zope has come up over me having to reload manually until it finally is ready... The branch Andreas just merged leaves the "fast-bind" option on by default. Cool, although I can't really see the use ;-) The usecase is pretty simple: you have a loadbalancer and remove one backend Zope. The LB detects the removal and stops forwarding request. When the client comes back (means Zope opens the ports early) the LB will start forwarding to the client although it might take a while until the Zope instance is really up and ready to serve request. So by opening the ports late we are able to reduce the latency and avoid pending requests. -aj pgpy9h40C2HjS.pgp Description: PGP signature ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
Chris Withers wrote: Tres Seaver wrote: Unlike you, I prefer when the browser waits until Zope has come up over me having to reload manually until it finally is ready... The branch Andreas just merged leaves the "fast-bind" option on by default. Cool, although I can't really see the use ;-) All this does is let app server instances get creamed at restart if the load is high... a) it's the current behaviour b) it's more convenient for developers c) it's a good thing if you have 'smart' load balancers -- gocept gmbh & co. kg - forsterstraße 29 - 06112 halle/saale - germany www.gocept.com - [EMAIL PROTECTED] - phone +49 345 122 9889 7 - fax +49 345 122 9889 1 - zope and plone consulting and development ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
Tres Seaver wrote: Unlike you, I prefer when the browser waits until Zope has come up over me having to reload manually until it finally is ready... The branch Andreas just merged leaves the "fast-bind" option on by default. Cool, although I can't really see the use ;-) All this does is let app server instances get creamed at restart if the load is high... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
Hi, Am Dienstag, den 15.11.2005, 11:14 +0100 schrieb Patrick Gerken: > To configure it, add a fast_listen False to the section > in your config. Just a short note on naming: I'd prefer a more "speaking" nomenclature, e.g.: open_ports [early|late] or early_listen True I don't like both that much. I'll try to find a better name, and I'll look into the patches for Zope 2.8, as I've been the one thinking loudly about it. I should do some work too. Cheers, Christian -- gocept gmbh & co. kg - schalaunische str. 6 - 06366 koethen - germany www.gocept.com - [EMAIL PROTECTED] - phone +49 3496 30 99 112 - fax +49 3496 30 99 118 - zope and plone consulting and development signature.asc Description: This is a digitally signed message part ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Timing the opening of network ports
2005/11/12, Florent Guillaume <[EMAIL PROTECTED]>: > +1 on the general goals, however I have no idea if it's easy to implement. > > Does this sound reasonable to make the behaviour of opening the ports > > configurable? Does anybody have an idea how hard this would be to do? I was curious and tried it. Sadly the patches are against 2.7.8, but the patches itself are relative small and should be easy to apply. I did not write unittests. I just wanted to invest 5 minutes to see how it can be done, and suddenly could not stop finishing it. If somebody reminds me of it in two or three weeks, I will make patches against current with unit tests. I am not happy with how I implemented the listening delay. patching the listen method to only listen when the configuration says fast_listen is not good. but otherwise I would have to patch the medusa sources itself. If this is feasible I can do it, is medusa maintained here or in another project? To configure it, add a fast_listen False to the section in your config. Patrick ZServer_HTTPServer.py.patch Description: Binary data ZServer_component.xml.patch Description: Binary data ZServer_datatypes.py.patch Description: Binary data Zope_Startup___init__py.patch Description: Binary data ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )