|mike||Feb 6, 2009 2:55 pm|
|Atif Ghaffar||Feb 6, 2009 3:25 pm|
|Atif Ghaffar||Feb 6, 2009 3:28 pm|
|mike||Feb 6, 2009 3:35 pm|
|mike||Feb 6, 2009 3:36 pm|
|Igor Sysoev||Feb 7, 2009 2:16 am|
|mike||Feb 7, 2009 2:32 am|
|Igor Sysoev||Feb 7, 2009 2:57 am|
|mike||Feb 7, 2009 3:21 am|
|Volodymyr Kostyrko||Feb 7, 2009 12:32 pm|
|Manlio Perillo||Feb 7, 2009 12:38 pm|
|Grzegorz Nosek||Feb 7, 2009 1:48 pm|
|Jim Ohlstein||Feb 7, 2009 6:50 pm|
|mike||Feb 8, 2009 1:18 am|
|Igor Sysoev||Feb 8, 2009 2:10 am|
|Igor Sysoev||Feb 8, 2009 2:16 am|
|Grzegorz Nosek||Feb 8, 2009 4:56 am|
|Grzegorz Nosek||Feb 8, 2009 5:02 am|
|Jim Ohlstein||Feb 8, 2009 8:48 am|
|Grzegorz Nosek||Feb 8, 2009 10:33 am|
|Andrius Semionovas||Feb 8, 2009 11:09 am|
|Jim Ohlstein||Feb 8, 2009 11:12 am|
|Grzegorz Nosek||Feb 8, 2009 4:30 pm|
|Grzegorz Nosek||Feb 8, 2009 4:36 pm|
|Andrius Semionovas||Feb 9, 2009 5:01 am|
|Subject:||Re: mod_cgi for nginx - anyone?|
|From:||Igor Sysoev (is...@rambler-co.ru)|
|Date:||Feb 8, 2009 2:10:56 am|
On Sat, Feb 07, 2009 at 09:38:41PM +0100, Manlio Perillo wrote:
Igor Sysoev ha scritto:
nginx is not general purpose server, it's rather highload server. CGI is not compatible with highload: if you run Apache/CGI, then CGI will became bottleneck much earlier than Apache.
This is not a problem from the Nginx point of view. Nginx should however put a limit on the number of concurrent CGI requests. It can use a queue to store outgoing request, and if the queue grows too much return a 503 Service Unavailable, setting Retry-After to a reasonable (computed?) value.
No browser support 503 response, however.
I mean that using CGI as main response handler on highload site is useless. CGI may be used for lowload tasks: monitoring, administration, etc. those can be easly handled by Apache or by proxying to Apache.
There are two ways to implement CGI inside nginx:
1) simple one: just fork()ing worker process that has received a request for CGI and exec() a CGI program. It's simple enough, but has a lot of overhead. Besides CGI programs will run with worker privilege only.
Nginx could use seteuid, instead of setuid. So that it can reacquire root privileges.
Yes, but it's not so safe as setuid().
As for CGI support, some time ago I was trying to implement it. The idea was to use unix domain sockets (socketpair), and reusing the http_upstream module.
However I gave up, a lot of code for connection/upstream setup must be rewritten, and I hate to write boiler plate code; and expecially having to maintain it :).
Yes, CGI module should use modified upstream module.
In Nginx one can also easily close all current opened file descriptors, in child process; Nginx keeps all opened connection in the ngx_cycle->free_connections variable so one can write a closefrom function.
This can be resolved using fcntl(F_SETFD, FD_CLOEXEC) too.
-- Igor Sysoev http://sysoev.ru/en/