Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Solid Python Application Deployments For Everyb...
Search
Hynek Schlawack
June 28, 2013
Technology
9
1.8k
Solid Python Application Deployments For Everybody EP Edition
An expanded version of my PyCon US 2013 talk held at EuroPython 2013 in Florence.
Hynek Schlawack
June 28, 2013
Tweet
Share
More Decks by Hynek Schlawack
See All by Hynek Schlawack
Subclassing, Composition, Python, and You
hynek
3
270
Classy Abstractions @ Python Web Conf
hynek
0
180
On the Meaning of Version Numbers
hynek
0
300
Maintaining a Python Project When It’s Not Your Job
hynek
1
2.4k
How to Write Deployment-friendly Applications
hynek
0
2.5k
Solid Snakes or: How to Take 5 Weeks of Vacation
hynek
2
5.8k
Get Instrumented: How Prometheus Can Unify Your Metrics
hynek
4
11k
Beyond grep – PyCon JP
hynek
1
3.4k
Beyond grep – EuroPython Edition
hynek
1
10k
Other Decks in Technology
See All in Technology
Visualize, Visualize, Visualize and rclone
tomoaki0705
9
80k
遷移の高速化 ヤフートップの試行錯誤
narirou
6
1k
AWSではじめる Web APIテスト実践ガイド / A practical guide to testing Web APIs on AWS
yokawasa
7
570
Perlの生きのこり - エンジニアがこの先生きのこるためのカンファレンス2025
kfly8
2
260
LINE NEWSにおけるバックエンド開発
lycorptech_jp
PRO
0
190
EMConf JP 2025 懇親会LT / EMConf JP 2025 social gathering
sugamasao
2
180
2/18 Making Security Scale: メルカリが考えるセキュリティ戦略 - Coincheck x LayerX x Mercari
jsonf
0
110
「正しく」失敗できる チームの作り方 〜リアルな事例から紐解く失敗を恐れない組織とは〜 / A team that can fail correctly
i35_267
4
790
抽象化をするということ - 具体と抽象の往復を身につける / Abstraction and concretization
soudai
27
15k
白金鉱業Meetup Vol.17_あるデータサイエンティストのデータマネジメントとの向き合い方
brainpadpr
7
1k
PHPで印刷所に入稿できる名札データを作る / Generating Print-Ready Name Tag Data with PHP
tomzoh
0
180
LINEギフトにおけるバックエンド開発
lycorptech_jp
PRO
0
230
Featured
See All Featured
The Pragmatic Product Professional
lauravandoore
32
6.4k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
GitHub's CSS Performance
jonrohan
1030
460k
Designing for humans not robots
tammielis
250
25k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
4
360
Bootstrapping a Software Product
garrettdimon
PRO
306
110k
KATA
mclloyd
29
14k
[RailsConf 2023] Rails as a piece of cake
palkan
53
5.3k
Agile that works and the tools we love
rasmusluckow
328
21k
Optimizing for Happiness
mojombo
376
70k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
Transcript
River Bar, 2013 Solid Python Application Deployments For Everybody Hynek
Schlawack
None
@hynek http://hynek.me http://github.com/hynek http://www.variomedia.de H!
?
AHEAD
http://ox.cx/d Te Oe & Ol Ln
OPINIONS AHEAD
PaaS Schema Migrations
None
Ky Cnet
easy ≠ simple
None
“Simplicity is prerequisite for reliability.” — Edsger W. Dijkstra
“It is important to find simple solutions instead of stopping
as soon as a first solution is found.” — Donald Knuth
Put effort into making your deployments simple.
None
Dvlpet
Dvlpet
None
No!
None
“Python 2.4 is not supported. It came out 8 years
ago. That's older than Youtube. Upgrade.” — Kenneth Reitz
Sal Pafr Key Infrastructure!
Sal Pafr Application is tied to server OS version. Upgrading
servers == updating your app. Some servers upgraded?
Bt Hynek… My boss won’t let me!
tests! Dvlpet
None
אל
spotty outdated loss of control Sse Pcae
spotty outdated loss of control Sse Pcae
spotty outdated loss of control Sse Pcae
None
Ue vruln $ virtualenv venv; . venv/bin/activate $ pip install
pyramid requests pytest $ py.test … $ pip freeze >requirements.txt … $ pip install -r requirements.txt
Pn Dp Hr “Django == 1.4.3” Don’t rely on SemVer!
update w/ pip-tools
SECURITY! Bt Hynek…
Scrt!? It’s your Job.
Si I
+ git
+ git Ne!
Fabric
build tools repetitive downloads Wa’s Wog!?
None
.rpm .deb .pkg.tgz
introspection CM integration versatile Ntv Pcae !?
1. check out from VCS 2. create virtualenv 3. install
dependencies 4. do whatever you want 5. package result 6. push to your repo
1. check out from VCS 2. create virtualenv 3. install
dependencies 4. do whatever you want 5. package result 6. push to your repo
Abuse the Pipeline run tests LESS/SASS/CoffeeScript compression cache busting
Packaging is hard! Bt Hynek…
fpm Np.
fpm \ -s dir \ -t deb \ <appdir>
repo server Bt Hynek…
Rp Sre dpkg -i tar.bz2
Atmt! e
app_name: whois project: DOM build_deps: - libpq-dev run_deps: - libpq5
- authbind
Tee’s mr ta oe wy t d i…
None
!ل
Cn grto Mngmn declarative describe the goal CM choses the
path
Sltos prise-oriented features to to compare the two pet Open
ource Puppet Enterprise ✔ ✔ ✔
prise-oriented features to to compare the two pet Open ource
Puppet Enterprise ✔ ✔ ✔ Not easy at all. Sltos
Wy aya? safety/security reproducible “later”
safety/security reproducible “later” Wy aya?
safety/security reproducible “later” Wy aya?
Ts I i Saig
r t
r t Nein!
Js dn’t.
Piiee Pr drop privileges authbind
Need dat POWER! Bt Hynek…
Snl Proe Wres celery rq zerorpc perspective broker/AMP
B Prni /bin/false iptables file sockets REVOKE ALL SSL fail2ban
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
$ ./manage.py runserver ▌ [0] 0:bash*
None
$ ./manage.py runserver ▌ [0] 0:bash* ᔒ༗!
I’s Es! upstart systemd supervisord circus …
I’s Es! upstart systemd supervisord circus …
Eape: usat $ cat /etc/init/yourapp.conf start on static-network-up stop on
deconfiguring-networking respawn chdir /path/to/yourapp setuid yourapp exec /path/to/gunicorn_django settings.py $ start yourapp
Lg log to stderr redirect stderr syslog use OS tools
Lg … [uwsgi] log-syslog = your-app … twistd --syslog --prefix
your-app …
Lg if $programname == 'you-app' \ then /var/log/your-app.log & ~
+ mod_wsgi
+ mod_wsgi Нет!
Dslie Using Apache is perfectly fine.
Iff you decide consciously for it. Dslie
mod_wsgi
mod_wsgi ? ?
+ g or
+ g or Better separation of concerns.
Es t St U: gncr $ gunicorn_django settings.py $ gunicorn_paster
settings.ini
$ cat settings.py … INSTALLED_APPS = ( … "gunicorn", )
… $ manage.py run_gunicorn Es t St U: gncr
location / { proxy_pass unix:///tmp/app.sock; } location /static/ { root
/your/app/public/; } Es t St U: nix
Fo Es t AEOE
Text
Sil Es: usi uwsgi --emperor production.ini … [uwsgi] paste =
config:%p uwsgi-socket = /tmp/app.sock processes = 2 …
location / { include uwsgi_params; uwsgi_param UWSGI_SCHEME $scheme; uwsgi_pass unix:///tmp/app.sock;
} Sil Es To: nix
Dpo!
Rlbc!
Mntr
Mntr
None
None
Mntr
Maue statsd graphite yunomi
None
None
Maue statsd graphite yunomi
gt 1
http://ox.cx/d @hynek http://hynek.me http://vrmd.de