All geek questions in one place

Embedded web server with integrated XML parser

I have a requirement to integrate a web server into an embedded Linux device, and I am evaluating OSS and commercial offers.

The system requirements are not very tight: - A set for working in memory up to 10 MB, - It can save 20% + ARM 300 MHz and more in packages, - the UI will be in jQuery and JSON, so I would like to feed several hundred KB pages linking dozens of CSS and js files in a second.

Performance requirements: - Support for HTTPS, - 10+ concurrent connections, - Well tested against DOS attacks.

Will appreciate the integrated XML parser to support the implementation of SOAP.

Not a fan of PHP, but not sure of server-side Javascript and not familiar with Lua. So look for suggestions for solution templates, possibly based on Python.

A discussion of SO and lists on Wikipedia has already been viewed. I know thttpd , Mongoose , Cherokee , Appweb .

At this stage, I offer detailed technical suggestions and discussion of implementation options based on first-hand experience in deploying product quality.

+6
source share
4 answers

When it comes to a simple python server stack, the combination I heard most often from the community for a lightweight implementation is CherryPy (to provide a WSGI server with a pool) Werkzeug (to create a basic application structure) Both are very minor; another approach to WSGI significantly speeds up time development.

There are some pretty good notes outlining the main python database comparisons (although not in the embedded environment, but the focus was on lightweight deployments.) On this issue, in which Alex “Machine” Martelli weighed these two.

If you can afford the overhead of a python interpreter (which I assume is fine since you included it in your list), werkzeug is a great way to configure an application consisting of simple endpoints. Answers can be matched inline to help release your UI libraries (jQuery, etc.). There are amazing examples in the Werkzeug docs.

One of the best resources I've found when comparing WSGI servers (to meet your high parallel requirements and DOS survivability) can be found in Nicholas Peel's Blog Entry on this subject , where CherryPy is among the best bang-for resources -your-buck "to speed up. Cherry's WSGI server is ready to be deployed, and it can be used as a server process providing the environment for your Werkzeug application, so you don’t need to implement something heavier like Apache with mod_wsgi. Cherry can easily average about 2000 r / ps with a response time of a second second at moderate load.

Since I do not know on which device you will deploy this, I must mention, of course, that both of these platforms are regularly updated, so this should also be taken into account if, for any reason, the allocation of network resources for updating the device is not practical.

By combining the python minidom module (v2.6 +) with endpoint routing in Werkzeug, you will also get very good development speed. Building a complex URL scheme is simple using the Werkzeug Map function, and the tutorial on the documentation page provides an amazing explanation for this. Between them, it should not be too difficult to access a web service.

+2
source

You need to decide which server technology you will use first. For an embedded system, you have serious resource limitations, so make sure you choose lightweight technologies accordingly! Having said that Node.js is a great technology ( http://nodejs.org/ ) that you can pay attention to. I also saw some SOAP implementations. On the other hand, javascript-based development can be very messy! You can try various solutions and start testing the functional behavior of your system with tools such as JMeter ( http://jmeter.apache.org ).

Some of the suggestions: Configure a lightweight HTTP server (e.g. Cherokee, lighttpd, etc.) in the embedded system, then configure PHP (PHP also has some SOAP tools). Modify PHP later using a Python or Ruby solution (e.g. built-in Mongrel, etc.). Find out how your system behaves under heavy load with JMeter.

+1
source

I assume that the goal of your embedded web server is to provide an administrative interface for configuration, operations, and status.

To disclose information, our company builds and deploys an administrative network of interfaces on many embedded systems with specifications similar to those that you describe based on our product, Web. You can learn more about our approach at http://uweb.workware.net.au/ , and you can read the paper I presented at the Embedded Linux Conference 2010 at http://workware.net.au/papers/embedded-scripting. pdf , which provides some details on how we balance size and performance with fast deployment through scripts.

You have two broad options. First, you should use an infrastructure such as μWeb, or a Barracuda Server (mentioned above) or an open source framework such as luci (http://luci.subsignal.org/trac). The second is to use a lightweight web server, such as the ones you mention above, and then create your own structure (presumably based on jQuery and JSON). The second option will take much more time. security is a concern as you access XSS, CRSF, and DOS attacks.

In any case, I highly recommend that you stay away from PHP, Python, or server-side Javascript. They are too resourceful for 300MHz ARM.

Why is XML and SOAP required if your admin user interface will be jQuery and JSON? Do you have a separate requirement for SOAP support? If so, then gSOAP is probably the smart choice (it has been a few years since the last time I used it).

As for https and 10+ concurrent sessions, please note that the initial SSL handshake is a significantly resource-intensive and built-in platform. If you frequently ask new requests (either because of new sessions, or because of requests not pipelined), the platform will struggle. You can probably establish 1-2 SSL connections / second.

+1
source

If you have only 10 MB, then many of the suggestions are out of the question: node and ruby ​​will quickly exceed this trace with just a small application. PHP will start at about 8 MB and can quickly switch to 20 + MB. We saw one site with 50MB PHP management. Definitely not the best choice for embedded if you do not have GB for backup.

I used Appweb with ESP, which is a c-language MVC framework, and Ejscript, which is server-side Javascript. Ejscript has an XML parser and can handle a SOAP request. Appweb includes a very simple XML parser. You will need libxml if you want to handle high-level SOAP.

Appweb 4 has good DOS protection. You can limit the number of simultaneous requests from one client using the LimitRequestPerClient directive. LimitParseTimeout also helps to quickly close DOS requests that do not enclose their headers. The Appweb sandbox provides many guidelines for characterizing your load - this helps DOS and other security threats.

Your other choice would be to switch to pure Javascript and use Ejscript with the Appweb HTTP engine built into it.

+1
source

Source: https://habr.com/ru/post/906601/

More articles:


All Articles