Open GrahamDumpleton opened 5 years ago
I've only recently started using mod_wsgi-docker
because the underlying host has a lot of Python 2 code that needs updating and all new code being written is Python 3, so using a container seemed to be the cleanest way of solving that problem.
Having looked at slides 23 and 24, I think that the simplest solution is:
build the image yourself using your own Dockerfile from the official Python base images.
but I think it would be helpful if there was, perhaps, a new git repository containing that Dockerfile so that (a) there is a published starting point for users and (b) potentially the opportunity for a (small) community to work on any improvements, suggestions, maintenance, etc.
My latest playing around in that space was:
And if you want to understand the underlying rational for why it is created that way, try and read through the content for this workshop on building container images.
The
mod_wsgi-docker
project has effectively been dead for some time. There are various reasons this happened. These include:Docker Inc changed how automated builds worked on Docker Hub such that it was impossible to build this specific image using it. This means there was no automated way to build images if changes were made. This happened years ago. Any updates since then were done manually by building on my laptop and pushing updates to Docker Hub. These manual updates could only be done when I was travelling at conferences and they had sufficient network bandwidth. I can't do it from home as Australia has such crappy internet. I never go into an office. I haven't done any such updates for a long time.
The way the image was constructed followed practices which Docker Inc sort of led us to believe were okay to do, such as running containers as
root
, using privileged ports etc. Turns out these were bad practices to adopt. It is always a bad idea to require an image be run asroot
. Once you set things up that way though, it is impossible to change because people depend on it. This is why official Docker Inc images still use such bad practices.Maintaining custom steps to build Python from source code so that it was installed correctly was an extra maintenance burden. One couldn't use the official Python base images from Docker Inc at the time because they didn't install Python such that it could be used with embedded systems. This was because they didn't provide a version with Python shared libraries. This much at least has now been corrected in the official Python images.
The custom build/runtime scripts designed to make it easy to deploy were a good first pass, but based on what was learned, a second pass was really necessary. This is what the
warpdrive
project was about. Although I did a number of blog posts, and mentionedwarpdrive
in conference talks, as a generalised build/runtime system to deploying Python WSGI applications (especially in containers), feedback and interest was next to non existent. Reality is that in the Python web community, or at least in the container space, people don't like the idea of opinionated stacks. Tools likedocker
were such a shiny new thing, people saw it as an opportunity to learn something new and so did everything from scratch, even if they did a poor job of it. They didn't want a curated container image built to best practices and there still isn't really any out there that I know of.There was never a community around
mod_wsgi-docker
either. Yes, a small number of people were probably using it, but the number who have ever communicated back to me about it is very few. Sure there are some bug reports or issues here, but very few, and no one willing to help.So the
mod_wsgi-docker
project really needs to be officially abandoned. The issue is for the few using it what you do. Pre-built images based onwarpdrive
also died due to lack of interest from anyone.The only real suggestion is that you use
warpdrive
if you like the idea of an opinionated build and runtime, but build the image yourself using your ownDockerfile
from the official Python base images.I outlined a
Dockerfile
to get things started in this direction in the talk:See slides 23 and 24.
Do note though that that
Dockerfile
is incomplete, and is now known to have security issues related to some things it does if you are not running images in a container runtime which has been setup with security in mind. Additional steps would need to be added to it to fix those issues.Anyway, this issue is here to solicit feedback for those few using the
mod_wsgi-docker
image, as to what you would like to see happen. I don't want to be maintaining this image, nor the alternate images which usedwarpdrive
. I still might entertain expanding on and describing a recommendedDockerfile
which useswarpdrive
, but you build yourself to create an image. Right now I am not even usingwarpdrive
though, so I don't have too much incentive to do that either if only going to be a handful of users.Please provide any thoughts you may have as comments here.