38👍
Besides the small TCP/IP overhead, there’s not much of a difference. Each listen() socket gets a connection queue, and accept() just pops a connection from that queue. In gunicorn each worker just pops a new connection from that queue as its able so that won’t change. The difference is performance (sockets being a bit faster) and portability (port:IP is more flexible). Unix domain sockets will give you a bit better performance, while a socket connected to localhost gives you a bit better portability if you move the server app to a different OS, you can do so by just changing the IP address from localhost to a different hostname.
35👍
Here are the results of my test TCP Proxy via Unix socket:
Setup:
nginx + gunicorn + django running on 4 m4.xlarge nodes on AWS.
Setup of each node is uniform (from the same image).
1 million of requests are made over about 30 minute window:
One instance is at 100% CPU because of unrelated job running on one of the servers. 3 others are 70% CPU each represent real application load.
TCP vs. socket is virtually identical
Timing for making 1000000 requests
is 27 minutes for TCP proxy
and 31 minutes for the unix socket.
In this particular setup no unix socket performance advantage.
- [Django]-Django Model Field Default Based Off Another Field in Same Model
- [Django]-How do I print out the contents of my settings in a django shell?
- [Django]-How to query as GROUP BY in Django?
26👍
Socket traffic will be an easy choice if both your webserver and app server(wsgi) exist on the same machine. However you will need network ports over network connections as sockets cannot work over network so..
- If webserver and appserver lie on same machine – GO SOCKET
- If webserver and appserver are on network – GO PORTS
- [Django]-How to install libpq-fe.h?
- [Django]-Set language within a django view
- [Django]-How to hide some fields in django-admin?
9👍
would prefer socket traffic over TCP/IP since no extra port is needed to be open. the less ports open the the more hardened your system becomes
as suggested here “be paranoid”
https://hynek.me/talks/python-deployments/
“UNIX file sockets with restrictive permissions are your friends. And you can stop coming up with port numbers”
- [Django]-Numeric for loop in Django templates
- [Django]-Should I be adding the Django migration files in the .gitignore file?
- [Django]-How do I convert datetime.timedelta to minutes, hours in Python?
6👍
I know I’m late to this party, bit this may be of use, if you are trying to get this to work on Red Hat flavour Linux with SELinux enforcing.
It gets in the way badly if you try to use sockets. I gave up.
It also gets in the way if you try to bind Gunicorn via an arbitrary TCP Port. By default (on Centos 1708) there is a subset of ports which SELinux is happy for you to use: 80,81,443,488,8008,8009,8443,9000
I went with 8009 but apparently for some other port you can use
semanage -a -t http_port_t -p tcp $PORTNUMBER
and to see the list of ports
semanage port -l
- [Django]-Django: return string from view
- [Django]-Charts in django Web Applications
- [Django]-How do I POST with jQuery/Ajax in Django?