Adjust paramiko and bcrypt versions #115
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
…ormance and bcrypt to avoid sub-interpreter import errors in mod_wsgi
Elaborate and polish comment about the choice of paramiko and bcrypt version in pip installation. Signed-off-by: Jonas Bardino <bardino@science.ku.dk>
jonasbardino approved these changes Jul 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Currently the OS default package manager installs paramiko version 2.12.0 with the following instruction when UPGRADE_PARAMIKO is set to False
docker-migrid/Dockerfile.rocky9
Line 419 in 4cb2c07
However, this has shown to produce up to 6 times less SFTP based download bandwidth compared to uploading.
As indicated at https://www.paramiko.org/changelog.html, version 3.0.0 makes several improvements to the SFTP performance, that fixes this imbalance in our benchmarks.
To implement this version fix, it would be as simple as rebuilding the image the UPGRADE_PARAMIKO=True that ensure that the latest paramiko version available at pypi.org is installed via:
docker-migrid/Dockerfile.rocky9
Line 771 in 4cb2c07
This however has shown the side-effect of producing the https://github.com/PyO3/pyo3/blob/main/guide/src/migration.md#each-pymodule-can-now-only-be-initialized-once-per-process import errors by the mod_wsgi process from time to time when importing the paramiko module. This is likely due to mod_wsgi usage of sub-interpreters and the failure to reinitialize the import in a different interpreter after the first initialization.
For the time being, the fix is to limit the bcrypt version to be less than 4.x which Rust implementation seems to introduce this error.