Hi, Marco d'Itri: > On Dec 04, Matthias Urlichs <matth...@urlichs.de> wrote: > > > If you can run a CGI inside a chroot/container/whatever, you can run a > > small web server on a local port / Unix socket, and reverse-proxy it, > > just as easily. > While using many more times the resources.
Which "many more" are you talking about? Setting up a chroot and starting an external program has the same cost. Thus, a CGI script is more expensive than a FastCGI process or a small web app (Python Flask or whatever) as soon as the second request for a resource it serves arrives. > You obviously have no idea of the challenges of providing secure web > hosting for non-trivial quantities of web sites. You obviously assume that the users' app servers need to actually run before they're able to serve requests. This assumption is incorrect. I start the app server and its container via socket activation. (In most cases, unfortunately, this is a simple php5-fpm server.) I then stop it after a few seconds of inactivity (or with an LRU list, based on how much server memory is left). Problem solved. … at least in principle; socket activation still isn't exactly common, so this solution still requires a couple of hacks to work, and I really should submit some patches. :-/ But it works. -- -- Matthias Urlichs -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141204205543.gt6...@smurf.noris.de
