1

This might be a bit ignorant question, but why everyone is saying [1,2,...] that Flask and/or Bottle HTTP servers are not to be used in production?

Seems like things have changed a lot, for example bottle+ssl+gevent sounds like a viable option for production (to me) which handles the main concerns:

  • Security (ssl)
  • Multiple/parallel requests (gevent)

Am I missing something, like a major security risk? or a performance issue? I mean how much faster might nginx or apache2 be when the major bottleneck is IO?

(Side-question: what you suggest for micro-service deployment with minimal system requirements?)

Cheers

Community
  • 1
  • 1
urban
  • 5,392
  • 3
  • 19
  • 45
  • i believe your answer is already in the 2nd link you provided (the stackoverflow question) concerning flask....i don't know about bottle – danidee Sep 11 '16 at 18:35
  • @danidee I see cross-referencing docs. I don't see technical reason other than "It will not handle more than one request at a time by default." / "The development server doesn't scale well." which are addressed nowadays with `gevents`... (I think) – urban Sep 11 '16 at 19:04

1 Answers1

3

The short answer is that default server is slow and not concurrent. You asked whats wrong with bottle+gevent (leaving aside ssl for now), I don't see anything wrong but it is not the default server :)

for small deployment your option seems reasonable but when it will grow bigger and more complex nginx will be a more simple tool to manage since it will separate your concerns (static vs dynamic routing & ssl).

Nginx for example have a much more robust and variable options on ssl handling then the more native approach

But as I said, If you are doing a small setup, keep it simple :)

Yoav Glazner
  • 7,936
  • 1
  • 19
  • 36
  • Hey, I was mainly asking about any large performance hit, vulnerabilities and/or known memory leaks. I get that `gevent` is indeed not the default server but is not `apache` or `nginx` setup either. I have a case in my hands where keeping simple (+1) and as system independent as possible is a major plus. Thanks for your answer. – urban Sep 14 '16 at 18:16