Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The Python Deployment Albatross - PyTennessee 2017
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Cindy Sridharan
February 05, 2017
Technology
550
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
The Python Deployment Albatross - PyTennessee 2017
Second stab at this talk.
Cindy Sridharan
February 05, 2017
More Decks by Cindy Sridharan
See All by Cindy Sridharan
Unmasking netpoll.go
copyconstructor
4
2.5k
Monitoring in the time of Cloud Native
copyconstructor
4
430
Prometheus - A Whirlwind Tour
copyconstructor
11
3.8k
Prometheus at Google NYC Tech Talks Nov 2016
copyconstructor
10
2.6k
Other Decks in Technology
See All in Technology
【FinOps】データドリブンな意思決定を目指して
z63d
0
360
【Snowflake Summit 2026 Recap!!】Snowflake Summit Deep Dive: Security & Governance
civitaspo
1
310
AWS Security Hub CSPMの成功・失敗体験
cmusudakeisuke
0
550
クレデンシャル流出 ― 攻撃 3 時間 vs 復旧 10 時間。この非対称性にどう備えるか
kazzpapa3
3
560
新しいUbuntu/GNOMEが使いたいからXからWaylandへ移行頑張ってるの巻 2026-06-20
nobutomurata
0
160
「軸足」は 固定しなくていい - 熱量と強みで描く、しなやかなキャリアの形
kakehashi
PRO
1
270
入門!AWS Blocks
ysuzuki
1
190
不要なレビューをAIにまかせて AIコーディングの環境改善を加速した
shoota
1
270
AWS Security Agent といっしょに脅威モデリングをやってみよう
amarelo_n24
1
210
Microsoft のサポートとフィードバック総まとめ
murachiakira
PRO
0
110
Comment regagner la souveraineté de vos données tout en étant payé grâce à Nostr !
rlifchitz
0
200
Agile and AI Redmine Japan 2026
hiranabe
4
480
Featured
See All Featured
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
210
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
118
120k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
123
22k
Docker and Python
trallard
47
3.9k
Evolving SEO for Evolving Search Engines
ryanjones
0
220
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4.3k
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.3k
How STYLIGHT went responsive
nonsquared
100
6.2k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
helenjbeal
1
220
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
170
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
630
Navigating Weather and Climate Data
rabernat
0
230
Transcript
The Python Deployment Albatross CINDY SRIDHARAN @COPYCONSTRUCT PYTENNESSEE FEBRUARY 5,
2017 NASHVILLE, TN
setup.py
What’s our goal?
Hermetically sealed, uniform, reproducible Python artifacts
Hermetically sealed
✓ Isolate pure Python dependencies ✓ Isolate compile time native/non-Python
dependencies ✓ Isolate runtime native/non-Python dependencies
uniform
Output of the build process is platform and architecture agnostic
Reproducible
A set of software development practices that create a verifiable
path from human readable source code to the binary code used by computers.
What is Python? python hello_world.py Python – or /usr/bin/python –
as your system understands it, is a program called the interpreter
How does Python know what to import from where? site.py
sys.prefix sys.exec_prefix
None
None
WHEELS VIRTUALENV PEX DOCKER CONDA NIX
wheels
but before wheels there were …
eggs-ecutable
purely a distribution format wheels
no build system needed on target host no C compiler
required wheels
wheels no arbitrary code execution like sdists Ergo faster installation
pip builds and caches wheels by default
ergo less tied to a specific version of Python Creates
.pyc files as a part of the installation wheels
manylinux wheels
None
virtualenv
helps “isolate Python environments”
✓ Isolates per-project pure Python dependencies from one another virtualenv
virtualenv ✓ Isolates per-project pure Python dependencies from system Python
✓ Isolates header files and shared libraries *if these are
packaged* virtualenv
greenlet.h is installed local to the virtualenv
… as is greenlet.so
Where virtualenv falls short Uses system provided headers and .so
files if not packaged
- - relocatable doesn’t always work
dh-virtualenv
PEX
Any directory with an __init__.py is considered a package Python
import quirks
__init__.py
Any directory with a __main__.py is treated as an executable
Python import quirks
__main__.py package is now executable
python –m package will execute package/__main__.py if it exists Python
import quirks
Adding #!/usr/bin/env python to the beginning of any module makes
it an executable Python executables
change permissions of file
Zipfiles A zipfile with an __init__.py is considered a package
Zipfiles A zipfile with a __main__.py is treated as an
executable
zip file is now executable
✓zip files don’t start until a magic zip number ✓
can add arbitrary strings at the start of the file ✓ #!/usr/bin/env python PEX
zip files are also used at Facebook
None
pex file
None
None
None
None
Uses system provided headers and .so files if not packaged
PEX
not cross-platform by default PEX
docker treats packaging as a namespacing problem
What does it mean to containerize a Python process?
Docker image for Python processes
BASE IMAGE DEVELOPMENT HEADERS AND LIBRARIES VIRTUALENV PEX
Best practices for building Docker images for Python ✓ small
images ✓ always use a virtualenv or pex ✓ single process per container
Dockerflow
Challenges of containerization
None
The Docker engine is a container runtime Overlay Networking With
1.12 in Swarm mode, it’s also a cluster scheduler Process manager … and much, much more (service discovery, load balancing, TLS ...) All compiled into one gigantic binary running as root
Logging Metrics Collection Observability Debugging
conda
CONDA or PIP?
PIP lacks a SAT solver
CONDA or WHEELS?
CONDA or VIRTUALENV?
CONDA or DOCKER?
VM ==> DOCKER :: DOCKER ==> CONDA
✓ Python or other modules ✓ System-level libraries ✓ Executable
programs conda package Can be downloaded from remote channels
all build dependencies need to be preinstalled in the build
prefix tarball files generated by the build script to produce a package
None
NIX
referential transparency
An expression is said to be referentially transparent if evaluating
it gives the same value for same arguments. Such functions are called pure functions.
nix expressions Nix expressions specify how to build nix packages,
including, if necessary, their dependencies.
different users have different “views” of the system profiles
profiles
garbage collection any package not in use (no symlinks) by
any generation of any profile
List of all dependencies, recursively, down to the bare minimum
necessary to use that derivation closure
channels a URL that points to a place that contains
a set of Nix expressions and a manifest
A use case for nix
✓ Statically linked Objective-C, C and Lua code ✓ Every
time there’s a MacOS upgrade, hosts need to be reimaged ✓ Application then needs to be recompiled ✓ A nix closure gets around this Why nix closures?
Conclusion ✓ Build wheels ✓ Use a virtualenv (or pex),
even with Docker ✓ Build small Docker images ✓ Explore conda/nix only if needed ✓ Good Luck!
@copyconstruct