From f85c2c2a75a43fb49413b9470cc454be24f1a62c Mon Sep 17 00:00:00 2001 From: "Joshua M. Boniface" Date: Mon, 26 Oct 2020 01:39:55 -0400 Subject: [PATCH] Remove PyWSGI and move to Flask server Gevent was completely failure. The API would block during large file uploads with no obvious solutions beyond "use gunicorn", which is not suited to this. I originally had this working with the Flask "debug" server, so just move to using that all the time. SSL is added using a custom context with the OpenSSL library, so include that as a dependency. --- api-daemon/pvcapid/Daemon.py | 31 +++++++------------------------ api-daemon/pvcapid/flaskapi.py | 2 ++ debian/control | 2 +- 3 files changed, 10 insertions(+), 25 deletions(-) diff --git a/api-daemon/pvcapid/Daemon.py b/api-daemon/pvcapid/Daemon.py index 6f43a39b..daebf054 100755 --- a/api-daemon/pvcapid/Daemon.py +++ b/api-daemon/pvcapid/Daemon.py @@ -20,33 +20,16 @@ # ############################################################################### -from gevent import monkey -monkey.patch_all() - -import gevent.pywsgi import pvcapid.flaskapi as pvc_api ########################################################## # Entrypoint ########################################################## -if pvc_api.config['debug']: - # Run in Flask standard mode - pvc_api.app.run(pvc_api.config['listen_address'], pvc_api.config['listen_port'], threaded=True) -else: - if pvc_api.config['ssl_enabled']: - # Run the WSGI server with SSL - http_server = gevent.pywsgi.WSGIServer( - (pvc_api.config['listen_address'], pvc_api.config['listen_port']), - pvc_api.app, - keyfile=pvc_api.config['ssl_key_file'], - certfile=pvc_api.config['ssl_cert_file'] - ) - else: - # Run the ?WSGI server without SSL - http_server = gevent.pywsgi.WSGIServer( - (pvc_api.config['listen_address'], pvc_api.config['listen_port']), - pvc_api.app - ) - print('Starting PyWSGI server at {}:{} with SSL={}, Authentication={}'.format(pvc_api.config['listen_address'], pvc_api.config['listen_port'], pvc_api.config['ssl_enabled'], pvc_api.config['auth_enabled'])) - http_server.serve_forever() +if pvc_api.config['ssl_enabled']: + context = (pvc_api.config['ssl_cert_file'], pvc_api.config['ssl_key_file']) +else: + context=None + +print('Starting PVC API daemon at {}:{} with SSL={}, Authentication={}'.format(pvc_api.config['listen_address'], pvc_api.config['listen_port'], pvc_api.config['ssl_enabled'], pvc_api.config['auth_enabled'])) +pvc_api.app.run(pvc_api.config['listen_address'], pvc_api.config['listen_port'], threaded=True, ssl_context=context) diff --git a/api-daemon/pvcapid/flaskapi.py b/api-daemon/pvcapid/flaskapi.py index 059b1416..204390b3 100755 --- a/api-daemon/pvcapid/flaskapi.py +++ b/api-daemon/pvcapid/flaskapi.py @@ -124,6 +124,8 @@ app.config['SQLALCHEMY_DATABASE_URI'] = 'postgresql://{}:{}@{}:{}/{}'.format(con if config['debug']: app.config['DEBUG'] = True +else: + app.config['DEBUG'] = False if config['auth_enabled']: app.config["SECRET_KEY"] = config['auth_secret_key'] diff --git a/debian/control b/debian/control index fafe15f4..74dd58d8 100644 --- a/debian/control +++ b/debian/control @@ -17,7 +17,7 @@ Description: Parallel Virtual Cluster node daemon (Python 3) Package: pvc-daemon-api Architecture: all -Depends: systemd, pvc-daemon-common, python3-yaml, python3-flask, python3-flask-restful, python3-gevent, python3-celery, python-celery-common, python3-distutils, redis, python3-redis, python3-lxml, python3-flask-migrate, python3-flask-script, fio +Depends: systemd, pvc-daemon-common, python3-yaml, python3-flask, python3-flask-restful, python3-openssl, python3-celery, python-celery-common, python3-distutils, redis, python3-redis, python3-lxml, python3-flask-migrate, python3-flask-script, fio Description: Parallel Virtual Cluster API daemon (Python 3) A KVM/Zookeeper/Ceph-based VM and private cloud manager .