Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Solid Python Deployments for Everybody by Hynek...
Search
PyCon 2013
March 16, 2013
14
1.1k
Solid Python Deployments for Everybody by Hynek Schlawack
PyCon 2013
March 16, 2013
Tweet
Share
More Decks by PyCon 2013
See All by PyCon 2013
Bayesian statistics made simple by Allen Downey
pyconslides
32
6.3k
Python for Humans
pyconslides
40
6.6k
Contribute with me! Getting started with the tools of free software development by Jessica McKellar
pyconslides
11
2k
ApplePy: An Apple ][ emulator in Python by James Tauber
pyconslides
3
1.5k
Use curses, don't swear by Sean Zicari
pyconslides
2
1.4k
Namespaces in Python by Eric Snow
pyconslides
9
1.8k
Internationalization and Localization Done Right by Ruchi Varshney
pyconslides
9
1.1k
"Good Enough" is good enough! by Alex Martelli
pyconslides
13
2.5k
Plover: Thought to Text at 240 WPM by Mirabai Knight
pyconslides
1
1.2k
Featured
See All Featured
XXLCSS - How to scale CSS and keep your sanity
sugarenia
247
1.3M
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
26
1.9k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.2k
It's Worth the Effort
3n
183
28k
Building a Scalable Design System with Sketch
lauravandoore
460
33k
Build The Right Thing And Hit Your Dates
maggiecrowley
33
2.4k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.2k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
127
18k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
Practical Orchestrator
shlominoach
186
10k
Raft: Consensus for Rubyists
vanstee
137
6.7k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Transcript
PyCon US, 2013 Solid Python Application Deployments For Everybody Hynek
Schlawack
None
@hynek http://hynek.me http://github.com/hynek http://www.variomedia.de Hi!
?
AHEAD
http://ox.cx/d The One & Only Link
OPINIONS AHEAD
PaaS Schema Migrations
None
Key Concept
easy ≠ simple
None
“Simplicity is prerequisite for reliability.” — Edsger W. Dijkstra
“…and security.” — Every Credible Security Expert Ever
Put effort into making your deployments simple.
None
Development
Development
None
No!
None
“Python 2.4 is not supported. It came out 8 years
ago. That's older than Youtube. Upgrade.” — Kenneth Reitz
Stable Platform Key Infrastructure?
But Hyyyn ek… My boss won’t let me!
Development tests!
None
אל
spotty outdated loss of control System Package
spotty outdated loss of control System Package
spotty outdated loss of control System Package
None
Use virtualen $ virtualenv venv; . venv/bin/activate $ pip install
pyramid requests $ py.test … $ pip freeze >requirements.txt … $ pip install -r requirements.txt
Pin Dep Hard “Django == 1.4.3” Don’t rely on SemVer!
update w/ pip-tools
But Hyyyn ek… SECURITY!
Security‽ It’s your Job.
Package It
+ git
+ git Ne!
Fabric
build tools repetitive downloads What’ Wrong‽
None
.rpm .deb .pkg.tgz
introspection CM integration versatile Native Package ‽
1. check out from VCS 2. create virtualenv 3. install
dependencies 4. do whatever you want 5. package result 6. push to your repo
Abuse the Pipeline run tests LESS/SASS/CoffeeScript compression cache busting
Packaging is hard! But Hyyyn ek…
fpm Nope.
But Hyyyn ek… repo server
Rep Serve dpkg -i tar.bz2
Automate!
from … import Deployment def deb(branch=None): deploy = Deployment( 'whois',
build_deps=['libpq-dev',], run_deps=['libpq5',]) deploy.prepare_app( branch=branch) deploy.build_deb()
Lazy?
There’ more than one way t d it…
None
!ل
Configuration Management declarative describe the goal CM choses the path
Solution prise-oriented features to to compare the two pet Open
ource Puppet Enterprise ✔ ✔ ✔
prise-oriented features to to compare the two pet Open ource
Puppet Enterprise ✔ ✔ ✔ Not easy at all. Solution
Why anyway? safety/security reproducible “later”
safety/security reproducible “later” Why anyway?
safety/security reproducible “later” Why anyway?
Kate Heddleston This Room: 2:35 p.m.–3:05 p.m. Chef: Automating web
application infrastructure
Test It in Staging
r t
r t Nein!
Just don’t.
Privileged Port drop privileges authbind
But Hyyyn ek… Need dat POWER!
Single Purpose Worke celery rq zerorpc pb/AMP
Be Paranoid /bin/false iptables file sockets REVOKE ALL SSL fail2ban
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
$ ./manage.py runserver ▌ [0] 0:bash*
None
$ ./manage.py runserver ▌ [0] 0:bash* ᔒ༗!
It’ Easy! upstart systemd supervisord circus …
It’ Easy! upstart systemd supervisord circus …
Example: upstart $ cat /etc/init/yourapp.conf start on static-network-up stop on
deconfiguring-networking respawn chdir /path/to/yourapp setuid yourapp exec /path/to/gunicorn_django settings.py $ start yourapp
+ mod_wsgi
+ mod_wsgi Нет!
Disclaime Using Apache is perfectly fine.
Iff you decide consciously for it. Disclaime
mod_wsgi
mod_wsgi ? ?
+ g or
+ g or Better separation of Concerns.
Easy t Set U : gunicorn $ gunicorn_django settings.py $
gunicorn_paster settings.ini
$ cat settings.py … INSTALLED_APPS = ( … "gunicorn", )
… $ manage.py run_gunicorn Easy t Set U : gunicorn
Easy t Set U : nginx location / { proxy_pass
http://127.0.0.1:5000; } location /static/ { root /your/app/public/; }
Graham Dumpleton This Room: 3:15 p.m.–3:45 p.m. Making Apache suck
less for hosting Python web applications.
Deploy!
Ro back!
Monito
Monito
Measure
Measure statsd graphite scales
got 1
FIN http://ox.cx/d @hynek http://hynek.me http://vrmd.de