We really shouldn't allow the people to override the way we spawn the
new workers on reload. Graceful is about launching new worker and kill
olders after the graceful time.
This change add gtraceful timeout option. This timeout is different than
the worker timeout and can be extended to handled a longer delay before
closing a running connection.
Patch based on the one given by @sirkonst with some edit + support of
the eventlet worker.
patch from Djoume Salvetti . address the following issues in gunicorn:
* Gunicorn does not limit the size of a request header (the
* limit_request_field_size configuration parameter is not used)
* When the configured request limit is lower than its maximum value, the
* maximum value is used instead. For instance if limit_request_line is
* set to 1024, gunicorn will only limit the request line to 4096 chars
* (this issue also affects limit_request_fields)
* Request limits are not limited to their maximum authorized values. For
* instance it is possible to set limit_request_line to 64K (this issue
* also affects limit_request_fields)
* Setting limit_request_fields and limit_request_field_size to 0 does
* not make them unlimited. The following patch allows limit_request_line
* and limit_request_field_size to be unlimited. limit_request_fields can
* no longer be unlimited (I can't imagine 32K fields to not be enough
* but I have a use case where 8K for the request line is not enough).
* Parsing errors (premature client disconnection) are not reported
* When request line limit is exceeded the configured value is reported
* instead of the effective value.
Now you able to use existed type instance or factory method to create and customize class during in-code configuration.
E.g.:
>>> settings.set('worker_class', MyWorkerClass)
>>> settings.set('worker_class', lambda: MyWorkerClass)
All other formats still valid.
Intoduce a change in log access format:
- request headers are now added to the log format using the
{HeaderName}i variable
- response headers are now handled using the {HeaderName}o variables
- headers name are insensitive
- non existent keys in the log access format are replaced by '-'
Add --limit-request-fields (limit_request_fields) and
--limit-request-field-size (limit-request-field-size) options.
- limit_request_fields:
Value is a number from 0 (unlimited) to 32768. This parameter is
used to limit the number of headers in a request to prevent DDOS
attack. Used with the `limit_request_field_size` it allows more
safety.
- limit_request_field_size:
Value is a number from 0 (unlimited) to 8190. to set the limit
on the allowed size of an HTTP request header field.
You can now pass the parameter --limit-request-line or set the
limit_request_line in your configuration file to set the max size of the
request line in bytes.
This parameter is used to limit the allowed size of a client's HTTP
request-line. Since the request-line consists of the HTTP method, URI,
and protocol version, this directive places a restriction on the length
of a request-URI allowed for a request on the server. A server needs
this value to be large enough to hold any of its resource names,
including any information that might be passed in the query part of a
GET request. By default this value is 4094 and can't be larger than
8190.
This parameter can be used to prevent any DDOS attack.
- handle new way to launch applications in django 1.4
- simplify the way we discover the project path and settings
- add --pythonpath & --settings options for django applications
- still compatible with older versions (>=1.1)
-handle DJANGO_SETTINGS_MODULE env.
close#283, #275, #274, #241
- make log access format customizable in settings:
- fix logger
To setup a log format use the --access-logformat option.
By default:
%(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"
h: remote address
t: date of the request
r: status line (ex: GET / HTTP/1.1)
s: status
b: response length or '-'
f: referer
a: user agent
T: request time in seconds
D: request time in microseconds
You can also pass any WSGI request header as a parameter.
(ex '%(HTTP_HOST)s').
the possibility to manage an access log compatible with apache combined
log format. reopening files is also handled. Also, this change fix
issues #237 and #190.
For the sake of simplicity logging file have been removed
--logfile option has become --error-logfile, by default "-"
Following options have been added:
--access-logfile, the access log file path. By default None. If set
access logs will bre written to defined output
eg:
$ gunicorn -w3 --access-logfile=- test:app
2011-08-21 19:36:52 [84572] [INFO] Starting gunicorn 0.13.0
2011-08-21 19:36:52 [84572] [INFO] Listening at: http://127.0.0.1:8000
(84572)
2011-08-21 19:36:52 [84572] [INFO] Using worker: sync
2011-08-21 19:36:52 [84573] [INFO] Booting worker with pid: 84573
2011-08-21 19:36:52 [84574] [INFO] Booting worker with pid: 84574
2011-08-21 19:36:52 [84575] [INFO] Booting worker with pid: 84575
127.0.0.1 - - [21/Aug/2011:19:37:04] "GET / HTTP/1.1" 200 14 "-"
"curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r
zlib/1.2.5"
Instead of hardcoding X-Forwarded-Protocol and X-Forwarded-SSL, make the
header and value configurable, with no default that would enable a
client to spoof secure requests if the reverse proxy is not configured
to strip the header used.
Works on sync and eventlet works. Doesn't work on gevent_pywsig or
gevent_wsgi workers as we don't control their main loops. Tornado
workers appear to be broken.
Worst of all, this causes vanilla gevent workers to segfault. I'm
waiting to see if there's a known issue before considering what to
do next. Worst case we could refuse to run with the bad combination
of settings.
