标签:hive 漏洞 程序 强制 arch context access alter 配置
http://ssmax.net/archives/977.html
http://www.cnblogs.com/yuxc/p/3555005.html
mod_wsgi 有两种运行模式,
第一种是嵌入模式,类似于mod_python,直接在apache进程中运行,这样的好处是不需要另外增加进程,但是坏处也很明显,所有内存都和apache共享,如果和mod_python一样造成内存漏洞的话,就会危害整个apache。而且如果apache是用worker mpm,mod_wsgi也就强制进入了线程模式,这样子对于非线程安全的程序来说就没法用了。
这种模式下只需要在apache下面设置
WSGIScriptAlias /path /path-to-wsgi
即可生效,对于小型脚本的话,直接用这种模式即可。
第二种是后台模式,类似于FastCGI的后台,mod_wsgi会借apache的外壳,另外启动一个或多个进程,然后通过socket通信和apache的进程联系。
这种方式只要使用以下配置即可开启:
#启动WSGI后台,site1是后台名字
WSGIDaemonProcess site1 processes=2 threads=15 display-name=%{GROUP}
#分配当前上下文应该使用哪个WSGI后台,可以放在Location里面指定
WSGIProcessGroup site1
#根据当前上下文的ProcessGroup分配到对应的后台
WSGIScriptAlias /path /path-to-wsgi
后台模式由于是与apache进程分离了,内存独立,而且可以独立重启,不会影响apache的进程,如果你有多个项目(django),可以选择建立多个后台或者共同使用一个后台。
比如在同一个VirtualHost里面,不同的path对应不同的django项目,可以同时使用一个Daemon:
WSGIDaemonProcess default processes=1 threads=1 display-name=%{GROUP}
WSGIProcessGroup default
WSGIScriptAlias /project1 “/home/website/project1.wsgi”
WSGIScriptAlias /project2 “/home/website/project2.wsgi”
这样子两个django都使用同一个WSGI后台。
也可以把不同的项目分开,分开使用不同的后台,这样开销比较大,但就不会耦合在一起了。
display-name是后台进程的名字,这样方便重启对应的进程,而不需要全部杀掉。
WSGIDaemonProcess site1 processes=1 threads=1 display-name=%{GROUP}
WSGIDaemonProcess site2 processes=1 threads=1 display-name=%{GROUP}
<Location “/project1”>
WSGIProcessGroup site1
</Location>
WSGIScriptAlias /project1 “/home/website/project1.wsgi”
<Location “/project1”>
WSGIProcessGroup site2
</Location>
WSGIScriptAlias /project2 “/home/website/project2.wsgi”
对于django 1.0以下的版本,由于官方认定不是线程安全的,所以建议使用多进程单线程模式
processes=n threads=1
但是我自己在用django 0.9.6,使用多线程模式在很多项目里面基本都没有问题,包括在worker模式下面使用mod_python,其实是一样的道理,呵呵。
升级到django 1.0以后,就可以放心的使用多进程多线程模式了:
processes=2 threads=64
这样子性能会更好。
下面是两种模式的英文原文:
When hosting WSGI applications using mod_wsgi, one of two primary modes of operation can be used. In ’embedded’ mode, mod_wsgi works in a similar way to mod_python in that the Python application code will be executed within the context of the normal Apache child processes. WSGI applications when run in this mode will therefore share the same processes as other Apache hosted applications using Apache modules for PHP and Perl.
An alternate mode of operation available with Apache 2.X on UNIX is ‘daemon’ mode. This mode operates in similar ways to FASTCGI/SCGI solutions, whereby distinct processes can be dedicated to run a WSGI application. Unlike FASTCGI/SCGI solutions however, a separate infrastructure is not needed when implementing the WSGI application and everything is handled automatically by mod_wsgi.
Because the WSGI applications in daemon mode are being run in their own processes, the impact on the normal Apache child processes used to serve up static files and host applications using Apache modules for PHP, Perl or some other language is much reduced. Daemon processes may if required also be run as a distinct user ensuring that WSGI applications cannot interfere with each other or access information they shouldn’t be able to.
标签:hive 漏洞 程序 强制 arch context access alter 配置
原文地址:http://www.cnblogs.com/saolv/p/7383145.html