Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Solid Python Deployments for Everybody by Hynek...
Search
PyCon 2013
March 16, 2013
14
1.1k
Solid Python Deployments for Everybody by Hynek Schlawack
PyCon 2013
March 16, 2013
Tweet
Share
More Decks by PyCon 2013
See All by PyCon 2013
Bayesian statistics made simple by Allen Downey
pyconslides
32
6.4k
Python for Humans
pyconslides
40
6.7k
Contribute with me! Getting started with the tools of free software development by Jessica McKellar
pyconslides
11
2k
ApplePy: An Apple ][ emulator in Python by James Tauber
pyconslides
3
1.6k
Use curses, don't swear by Sean Zicari
pyconslides
2
1.5k
Namespaces in Python by Eric Snow
pyconslides
9
1.9k
Internationalization and Localization Done Right by Ruchi Varshney
pyconslides
9
1.2k
"Good Enough" is good enough! by Alex Martelli
pyconslides
13
2.6k
Plover: Thought to Text at 240 WPM by Mirabai Knight
pyconslides
1
1.3k
Featured
See All Featured
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.4k
Testing 201, or: Great Expectations
jmmastey
45
7.7k
The Power of CSS Pseudo Elements
geoffreycrofte
79
6k
Practical Orchestrator
shlominoach
190
11k
Navigating Team Friction
lara
189
15k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
36
2.5k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
14k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
48
9.7k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
30
9.7k
Building Flexible Design Systems
yeseniaperezcruz
329
39k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.1k
Transcript
PyCon US, 2013 Solid Python Application Deployments For Everybody Hynek
Schlawack
None
@hynek http://hynek.me http://github.com/hynek http://www.variomedia.de Hi!
?
AHEAD
http://ox.cx/d The One & Only Link
OPINIONS AHEAD
PaaS Schema Migrations
None
Key Concept
easy ≠ simple
None
“Simplicity is prerequisite for reliability.” — Edsger W. Dijkstra
“…and security.” — Every Credible Security Expert Ever
Put effort into making your deployments simple.
None
Development
Development
None
No!
None
“Python 2.4 is not supported. It came out 8 years
ago. That's older than Youtube. Upgrade.” — Kenneth Reitz
Stable Platform Key Infrastructure?
But Hyyyn ek… My boss won’t let me!
Development tests!
None
אל
spotty outdated loss of control System Package
spotty outdated loss of control System Package
spotty outdated loss of control System Package
None
Use virtualen $ virtualenv venv; . venv/bin/activate $ pip install
pyramid requests $ py.test … $ pip freeze >requirements.txt … $ pip install -r requirements.txt
Pin Dep Hard “Django == 1.4.3” Don’t rely on SemVer!
update w/ pip-tools
But Hyyyn ek… SECURITY!
Security‽ It’s your Job.
Package It
+ git
+ git Ne!
Fabric
build tools repetitive downloads What’ Wrong‽
None
.rpm .deb .pkg.tgz
introspection CM integration versatile Native Package ‽
1. check out from VCS 2. create virtualenv 3. install
dependencies 4. do whatever you want 5. package result 6. push to your repo
Abuse the Pipeline run tests LESS/SASS/CoffeeScript compression cache busting
Packaging is hard! But Hyyyn ek…
fpm Nope.
But Hyyyn ek… repo server
Rep Serve dpkg -i tar.bz2
Automate!
from … import Deployment def deb(branch=None): deploy = Deployment( 'whois',
build_deps=['libpq-dev',], run_deps=['libpq5',]) deploy.prepare_app( branch=branch) deploy.build_deb()
Lazy?
There’ more than one way t d it…
None
!ل
Configuration Management declarative describe the goal CM choses the path
Solution prise-oriented features to to compare the two pet Open
ource Puppet Enterprise ✔ ✔ ✔
prise-oriented features to to compare the two pet Open ource
Puppet Enterprise ✔ ✔ ✔ Not easy at all. Solution
Why anyway? safety/security reproducible “later”
safety/security reproducible “later” Why anyway?
safety/security reproducible “later” Why anyway?
Kate Heddleston This Room: 2:35 p.m.–3:05 p.m. Chef: Automating web
application infrastructure
Test It in Staging
r t
r t Nein!
Just don’t.
Privileged Port drop privileges authbind
But Hyyyn ek… Need dat POWER!
Single Purpose Worke celery rq zerorpc pb/AMP
Be Paranoid /bin/false iptables file sockets REVOKE ALL SSL fail2ban
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
$ ./manage.py runserver ▌ [0] 0:bash*
None
$ ./manage.py runserver ▌ [0] 0:bash* ᔒ༗!
It’ Easy! upstart systemd supervisord circus …
It’ Easy! upstart systemd supervisord circus …
Example: upstart $ cat /etc/init/yourapp.conf start on static-network-up stop on
deconfiguring-networking respawn chdir /path/to/yourapp setuid yourapp exec /path/to/gunicorn_django settings.py $ start yourapp
+ mod_wsgi
+ mod_wsgi Нет!
Disclaime Using Apache is perfectly fine.
Iff you decide consciously for it. Disclaime
mod_wsgi
mod_wsgi ? ?
+ g or
+ g or Better separation of Concerns.
Easy t Set U : gunicorn $ gunicorn_django settings.py $
gunicorn_paster settings.ini
$ cat settings.py … INSTALLED_APPS = ( … "gunicorn", )
… $ manage.py run_gunicorn Easy t Set U : gunicorn
Easy t Set U : nginx location / { proxy_pass
http://127.0.0.1:5000; } location /static/ { root /your/app/public/; }
Graham Dumpleton This Room: 3:15 p.m.–3:45 p.m. Making Apache suck
less for hosting Python web applications.
Deploy!
Ro back!
Monito
Monito
Measure
Measure statsd graphite scales
got 1
FIN http://ox.cx/d @hynek http://hynek.me http://vrmd.de