Uwsgi

Changelog [20140601]

Bugfixes
--------

- fixed support for repeated headers in the Lua plugin (Credits: tizoc)
- fixed support for embedding configuration in OpenBSD and NetBSD
- various fixes in the cURL-based plugins (Credits: Yu Zhao)
- fixed milliseconds-based waits
- fixed sharedarea's poller
- fixed the JSON encoder in the stats server
- fixed FastCGI parser and implemented EOF management (Credits: Jeff Trawick)
- improved fast on-demand mode
- avg_rt computation is excluded for static files
- fixed variable support in uwsgi internal router
- fixed websockets + keepalive ordering
- disable SIGPIPE management in coroutine-based loop engines
- fixed 64-bit sharedarea management in 32-bit systems
- honor chmod/chown-socket in fd0 mode
- hack to avoid Safari on iOS making a mess with keepalive
- fixed log setup when both --logto and --log2 are used (Credits: Łukasz Mierzwa)
- fixed mule_get_msg EAGAIN
- signal_pidfile returns the right error code
- fixed asyncio on OSX

New features
------------

graceful reload of mule processes (Credits: Paul Egan)
******************************************************

`SIGHUP` is now sent to mules instead of directly killing them.
You are free to trap/catch the signal in your code.
If a mule does not die in the allowed "mercy time" (`--mule-reload-mercy`, default 60 seconds), SIGKILL will be sent.

`return` routing action (Credits: Yu Zhao)
******************************************

This new action will allow users to write simplified "break" clauses.

For example, "return:403" is equivalent to "break:403 Forbidden", with response body "Forbidden".

The response body is quite useful for telling end users what's going wrong.

--emperor-no-blacklist
**********************

This new option completely disables the Emperor's blacklisting subsystem.

Icecast2 protocol helpers
*************************

One of the upcoming unbit.com projects is a uWSGI based audio/video streaming server.

The plugin (should be released during Europython 2014) already supports the Icecast2 protocol.

A bunch of patches have been added to the HTTP router to support the Icecast2 protocol.

For example the ``--http-manage-source`` option allows the HTTP router to honor `SOURCE` method requests, automatically placing them in raw mode.

--metrics-no-cores, --stats-no-cores, --stats-no-metrics
********************************************************

When you have hundreds (or thousands) of async cores, exposing metrics for them may get really slow.

Three new options have been added allowing you to disable the generation of core-related metrics and consequently their usage in the stats server.

sharedarea improvements
***********************

The sharedarea API continues to improve. Latest patches include support for memory-mapping files (or devices) (`mmap`) directly from the command line.

An interesting way to test this is mapping the BCM2835 memory of the Raspberry PI. This little example allows you to read the RPi system timer.

.. code-block:: sh

uwsgi --sharedarea file=/dev/mem,offset=0x20003000,size=4096 ...

Now you can read a 64-bit value from the first (zero-based) sharedarea:

.. code-block:: python

# read 64bit from 0x20003004
timer = uwsgi.sharedarea_read64(0, 0x04)

(Obviously, when reading and writing the Raspberry Pi memory, be careful. An error could crash the whole system!)

UWSGI_GO_CHEAP_CODE
*******************

This exit code (15) can be raised by a worker to tell the master to not respawn it.

PROXY1 support for the http router (Credits: bgglenn)
*****************************************************

The option ``--http-enable-proxy-protocol`` allows the HTTP router to understand PROXY1 protocol requests, such as those made by Haproxy or Amazon Elastic Load Balancer (ELB).

reset_after_push for metrics (Credits: Babacar Tall)
****************************************************

This metric attribute ensures that the metric value is reset to 0 (or its hardcoded `initial_value`) after the metric is pushed to external systems (such as Carbon or StatsD).

setremoteaddr
*************

This new routing action allows you to completely override the `REMOTE_ADDR` detected by protocol handlers:

.. code-block:: ini

[uwsgi]
; treat all requests as local
route-run = setremoteaddr:127.0.0.1

the `resolve` option
********************

There are uWSGI options (or plugins) that do not automatically resolve DNS names to IP addresses. This option allows you to map
a placeholder to the DNS resolution result of a string:

.. code-block:: ini

[uwsgi]
; place the dns resolution of 'example.com' in the 'myserver' placeholder
resolve = myserver=example.com
; %(myserver) would now be 93.184.216.119
subscribe2 = server=%(myserver),key=foobar

Availability
-------------

uWSGI 2.0.5 has been released on [20140601] and can be downloaded from:

https://projects.unbit.it/downloads/uwsgi-2.0.5.tar.gz

Changelog [20140422]

Bugfixes
--------

- fixed "mime" routing var (Steve Stagg)
- allow duplicate headers in http parsers
- faster on_demand Emperor management
- fixed UWSGI_ADDITIONAL_SOURCES build option
- merge duplicated headers when SPDY is enabled (Łukasz Mierzwa)
- fixed segfault for unnamed loggers
- --need-app works in lazy-apps mode
- fixed fatal hooks management


New features
------------

The experimental asyncio loop engine (CPython >= 3.4)
*****************************************************

asyncio (also known as 'tulip') is the new infrastructure for writing non-blocking/async/callback-based code with Python 3.

This (experimental) plugin allows you to use asyncio as the uWSGI loop engine.

Docs: https://uwsgi-docs.readthedocs.io/en/latest/asyncio.html

httprouter advanced timeout management
**************************************

The HTTP router learned 2 new specific timeouts:

* `--http-headers-timeout <n>`: defines the timeout while waiting for http headers
* `--http-connect-timeout <n>`: defines the timeout when connecting to backend instances

These should help sysadmins to improve security and availability.

Credits: Łukasz Mierzwa

allow disabling cache warnings in --cache2
******************************************

Author: Łukasz Mierzwa

The 'ignore_full' keyval option has been added to cache2. This will disable warnings when a cache is full.

purge LRU cache feature by Yu Zhao (getcwd)
*******************************************

This new mode allows you to configure a cache to automatically expire the least recently used (LRU) items to make space when it's running out.

Just add `purge_lru=1` into your cache2 directive.

support embedded config on FreeBSD
**********************************

You can now embed configuration files into the binary also on FreeBSD systems:

https://uwsgi-docs.readthedocs.io/en/latest/Embed.html#step-2-embedding-the-config-file

RPC hook
********

Two new hooks have been added:

* 'rpc' -> call the specified RPC function (fails on error)
* 'rpcretry' -> call the specified RPC function (retries on error)

`setmodifier1` and `setmodifier2` routing actions
*************************************************

Having to load the 'uwsgi' routing plugin to simply set modifiers was really annoying.

These two new routing options allow you to dynamically set request modifiers.

`no_headers` option for static router
*************************************

keyval based static routing actions can now avoid rewriting response headers (useful for X-Sendfile), just add no_headers=1 to your keyval options.

Availability
------------

uWSGI 2.0.4 has been released on 20140422, you can download it from:

https://projects.unbit.it/downloads/uwsgi-2.0.4.tar.gz

Changelog 20140317

Bugfixes
********

* fixed spooler 'at' key usage
* fixed a memory and fd leak with on-demand Emperor sokets
* on __APPLE__ use LOG_NOTICE for syslog plugin
* fixed mongrel2 support
* hack for avoiding libmongoclient to crash on broken cursor
* log alarm is now a uwsgi_log_verbose() wrapper
* fixed tuntap router memory corruption
* Set ECDHE curve independently from DHE parameters (Hynek Schlawack)
* do not wait for a whole Emperor cycle before checking for each waitpid
* fix a regression with caller() not indicating the starting *.psgi program (Ævar Arnfjörð Bjarmason)

New features
************

Emperor SIGWINCH and SIGURG
---------------------------

The Emperor now responds to two new signals:

SIGWINCH: force an emperor rescan of vassals

SIGURG: cleanup the Emperor states (for now it only clears its blacklist)

Building plugins on-the-fly from git repositories
-------------------------------------------------

You can now build plugins stored on git servers:

.. code-block:: sh

uwsgi --build-plugin https://github.com/unbit/uwsgi-bonjour

or

.. code-block:: sh

UWSGI_EMBED_PLUGINS="bonjour=https://github.com/unbit/uwsgi-bonjour" pip install uwsgi

uwsgi.add_var(key, value)
-------------------------

You can now set request variables direcly from your app, for better integration with the internal routing subsystem

.. code-block:: pl

my $app = sub {
uwsgi::add_var("newvar","newvalue");
return [200, ['Content-Type' => 'text/html'], ["Hello"]];
}

.. code-block:: sh

uwsgi --http-socket :9090 --psgi hello.pl --response-route-run "log:\${newvar}"

add_var has been implemented in the CPython and Perl plugins

'disableheaders' routing action
-------------------------------

This new action disables the sending of response headers, independently by the current request state

Smarter Emperor on bad conditions
---------------------------------

Now the Emperor completely destroys internal vassal-related structures when it is impossible to correctly kill a broken vassal
(both for inconsistent Emperor state or for internal system problems)

Availability
************

You can download uWSGI 2.0.3 from: https://projects.unbit.it/downloads/uwsgi-2.0.3.tar.gz

Changelog 20140226


Bugfixes
--------

* fixed python3 support on older compilers/libc
* allow starting in spooler-only mode
* fixed cache bitmap support and added test suite (credits: Danila Shtan)
* fixed ftime log var
* added async remote signal management
* fixed end-for and end-if
* fixed loop in internal-routing response chain
* fixed pypy execute_source usage
* logpipe: Don't setsid() twice (credits: INADA Naoki)

New features and improvements
-----------------------------

CGI plugin
**********

The plugin has been improved to support streaming.

In addition to this the long-awaited async support is finally ready. Now you can have CGI concurrency
without spawning a gazillion of expensive threads/processes

Check: :doc:`CGI`

PSGI loading improvements
*************************

The PSGI loader now tries to use Plack::Util::load_psgi() function instead of simple eval. This addresses various inconsistences
in the environment (like the double parsing/compilation/execution of psgi scripts).

If the Plack module is not available, a simple do-based code is used (very similar to load_psgi)

Many thanks to Ævar Arnfjörð Bjarmason of booking.com for having discovered the problem

Availability
************

uWSGI 2.0.2 can be downloaded from: https://projects.unbit.it/downloads/uwsgi-2.0.2.tar.gz

Changelog [20140209]

Bugfixes and improvements
*************************

- due to a wrong prototype declaration, building uWSGI without SSL resulted in a compilation bug. The issue has been fixed.
- a race condition preventing usage of a massive number of threads in the PyPy plugin has been fixed
- check for heartbeat status only if heartbeat subsystem has been enabled
- improved heartbeat code to support various corner cases
- improved psgi.input to support offset in read()
- fixed (and simplified) perl stacktrace usage
- fixed sni secured subscription
- CGI plugin does not require anymore that Status header is the first one (Andjelko Horvat)
- fixed CPython mule_msg_get timeout parsing
- allows embedding of config files via absolute paths
- fixed symcall rpc
- fixed a memory leak in CPython spooler api (xiaost)
- The --no-orphans hardening has been brought back (currently Linux-only)
- improved dotsplit router mode to reduce DOS risk
- sub-Emperor are now loyal by default
- fixed non-shared ruby 1.8.7 support
- fixed harakiri CPython tracebacker
- request vars are now correctly exposed by the stats server
- support log-master for logfile-chown
- improved legion reload
- fixed tuntap netmask
- fixed busyness plugin without metrics subsystem

New features
************

uWSGI 2.0 is a LTS branch, so do not expect too much new features. 2.0.1 is the first maintainance release, so you still get a bunch of them
(mainly features not complete in 2.0)


Perl native Spooler support
---------------------------

Perl finally got full support for the Spooler subsystem. In 2.0 we added server support, in 2.0.1 we completed client support too.

.. code-block:: pl

use Data::Dumper;

uwsgi::spooler(sub {
my $env = shift;
print Dumper($env);
return uwsgi::SPOOL_OK;
});

uwsgi::spool({'foo' => 'bar', 'arg2' => 'test2'})


--alarm-backlog
---------------

Raise the specified alarm when the listen queue is full

.. code-block:: ini

[uwsgi]
alarm = myalarm cmd:mail -s 'ALARM ON QUEUE' [email protected]
alarm-backlog = myalarm

--close-on-exec2
----------------

Credits: Kaarle Ritvanen

this flag applies CLOSE_ON_EXEC socket flag on all of the server socket. Use it if you do not want you request-generated processes to inherit the server file descriptor.

Note: --close-on-exec applies the flag on all of the sockets (client and server)

simple notifications subsystem
------------------------------

An annoying problem with subscriptions is that the client does not know if it has been correctly subscribed to the server.

The notification subsystem allows you to add to the subscription packet a datagram address (udp or unix) on which the server will send back
messages (like successful subscription)

.. code-block:: ini

[uwsgi]
; enable the notification socket
notify-socket = /tmp/notify.socket
; pass it in subscriptions
subscription-notify-socket = /tmp/notify.socket
...

the notification subsystem is really generic. Expect more subsystem to use it in the future.

pid namespace for daemons (Linux only)
--------------------------------------

This is a Linux-only, epxerimental feature allowing you to spawn a daemon in a new pid namespace. This feature requires the master running as root.

Check: :doc:`AttachingDaemons`

Resubscriptions
---------------

The fastrouter and the http/https/spdy router now support "resubscription".

You can specify a dgram address (udp or unix) on which all of the subscriptions request will be forwarded to (obviously changing the node address to the router one)

The system could be useful to build 'federated' setup:

.. code-block:: ini

[uwsgi]
fastrouter = 192.168.0.1:3031
fastrouter-subscription-server = 127.0.0.1:5000
fastrouter-resubscribe = 192.168.0.2:5000

with this setup the fastrouter on 192.168.0.2 will have all of the records of 192.168.0.1 with the destination set to 192.168.0.1:3031.

filesystem monitor api
----------------------

The real-time filesystem notification api has been standardized and it is now usable by plugins. The prototype to register a monitor is:

.. code-block:: c

struct uwsgi_fsmon *uwsgi_register_fsmon(char *path, void (*func) (struct uwsgi_fsmon *), void *data) {

it will register a monitor on "path" triggering the function "func" passing "data" as argument.

Remember, this is different from the "touch" api, that is poll-based and can only monitor files. (while fsmon can monitor directories too)

support for yajl 1.0
--------------------

2.0 added support yajl JSON parser (version 2). 2.0.1 added support for 1.0 too

for-readline
------------

a config-logic iterator that yield file lines:

.. code-block:: ini

[uwsgi]
for-readline = /etc/myenvs
env = %(_)
end-for =

%i and %j magic vars
--------------------

%i -> returns the inode of the currently parsed file

%j -> returns hex representation of 32bit djb33x hashing of the currently parsed absolute filename

--inject-before and --inject-after
----------------------------------

This two new options should make the config templating system complete for everyone.

They basically prepend and append 'blobs' to a config file.

Yeah, it sound a bit nonsense.

Check the following example:

header.xml:

.. code-block:: xml

<uwsgi>
<socket>:3031</socket>

footer.xml:

.. code-block:: xml

<master/>
</uwsgi>

and body.xml:

.. code-block:: xml

<processes>8</processes>

you can build a single config tree with:

.. code-block:: sh

uwsgi --show-config --inject-before header.xml --inject-after footer.xml --xml body.xml

this approach, albeit raw, allows you to use magic-vars in more advanced ways (as you have control on the context of the file using them)

Note: ordering is important, --inject-before and --inject-after must be specified before the relevant config option.

--http-server-name-as-http-host
-------------------------------

Some Ruby/Rack middleware make a questionable check on SERVER_NAME/HTTP_HOST matching.

This flag allow the http router to map SERVER_NAME to HTTP_HOST automatically instead of instructing your uWSGI instances to do it.

better Emperor's Ragnarok (shutdown procedure)
----------------------------------------------

The 'Ragnarok' is the Emperor phase executed when you ask him to shutdown.

Before 2.0.1, this procedure simply send KILL to vassals to brutally destroy them.

The new Ragnarok is way more benevolent, asking vassals to gracefully shutdown.

The Emperor tolerance for vassals not shutting down can be tuned with --reload-mercy (default 30 seconds)

PyPy paste support
------------------

Two new options for PyPy plugin have been added for paste support:

--pypy-paste <config>

--pypy-ini-paste <ini>

they both maps 1:1 to the CPython variants, but contrary to it they automatically fix logging

Availability
************

You can download uWSGI 2.0.1 from: https://projects.unbit.it/downloads/uwsgi-2.0.1.tar.gz

Changelog [20131230]

Important changes
*****************

Dynamic options have been definitely removed as well as the broken_plugins directory

Bugfixes and improvements
*************************

- improved log rotation
- do not rely on unix signals to print request status during harakiri
- added magic vars for uid and gid
- various Lua fixes
- a tons of coverity-governed bugfixes made by Riccardo Magliocchetti

New features
************

--attach-daemon2
^^^^^^^^^^^^^^^^

this is a keyval based option for configuring external daemons.

Updated docs are: :doc:`AttachingDaemons`

Linux setns() support
^^^^^^^^^^^^^^^^^^^^^

One of the biggest improvements in uWSGI 1.9-2.0 has been the total support for Linux namespaces.

This last patch adds support for the setns() syscall.

This syscall allows a process to "attach" to a running namespace.

uWSGI instances can exposes their namespaces file descriptors (basically they are the files in /proc/self/ns) via a unix socket.

External instances connects to that unix socket and automatically enters the mapped namespace.

to spawn an instance in "namespace server mode", you use the ``--setns-socket <addr>`` option

.. code-block:: sh

uwsgi --setns-socket /var/run/ns.socket --unshare net,ipc,uts ...


to attach you simply use ``--setns <addr>``


.. code-block:: sh

uwsgi --setns /var/run/ns.socket ...

Updated docs: :doc:`Namespaces`

"private" hooks
^^^^^^^^^^^^^^^

When uWSGI runs your hooks, it verbosely print the whole hook action line. This could be a security problem
in some scenario (for example when you run initial phases as root user but allows unprivileged access to logs).

Prefixing your action with a '!' will suppress full logging:

.. code-block:: ini

[uwsgi]
hook-asap = !exec:my_secret_command

Support for yajl library (JSON parser)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Til now uWSGI only supported jansson as the json parser required for managing .js config files.

You can now use the yajl library (available in centos) as alternative JSON parser (will be automatically detected)

Perl spooler support
^^^^^^^^^^^^^^^^^^^^

The perl/PSGI plugin can now be used as a spooler server:

.. code-block:: pl

uwsgi::spooler(sub {
my $args = shift;
print Dumper($args);
return -2;
});


The client part is still missing as we need to fix some internal api problem.

Expect it in 2.0.1 ;)

Gateways can drop privileges
^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Gateways (like http router, sslrouter, rawrouter, forkptyrouter ...) can now drop privileges independently by the master.

Currently only the http/https/spdy router exposes the new option (``--http-uid/--http-gid``)

Subscriptions-governed SNI contexts
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The subscription subsystem now supports 3 additional keys (you can set them with the --subscribe2 option):

``sni_key``

``sni_cert``

``sni_ca``

all of the takes a path to the relevant ssl files.

Check: :doc:`SNI`


Availability
************

uWSGI 2.0 has been released on 20131230 and can be downloaded from:

https://projects.unbit.it/downloads/uwsgi-2.0.tar.gz