Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Solid Python Application Deployments For Everybody EP Edition
Search
Hynek Schlawack
June 28, 2013
Technology
9
1.7k
Solid Python Application Deployments For Everybody EP Edition
An expanded version of my PyCon US 2013 talk held at EuroPython 2013 in Florence.
Hynek Schlawack
June 28, 2013
Tweet
Share
More Decks by Hynek Schlawack
See All by Hynek Schlawack
Classy Abstractions @ Python Web Conf
hynek
0
160
On the Meaning of Version Numbers
hynek
0
270
Maintaining a Python Project When It’s Not Your Job
hynek
1
2.3k
How to Write Deployment-friendly Applications
hynek
0
2.5k
Solid Snakes or: How to Take 5 Weeks of Vacation
hynek
2
5.7k
Get Instrumented: How Prometheus Can Unify Your Metrics
hynek
4
11k
Beyond grep – PyCon JP
hynek
1
3.2k
Beyond grep – EuroPython Edition
hynek
1
10k
Beyond grep: Practical Logging and Metrics
hynek
3
1.2k
Other Decks in Technology
See All in Technology
Amazon FSx for NetApp ONTAPのパフォーマンスチューニング要素をまとめてみた #cm_odyssey #devio2024
non97
0
220
Github Actions 로 Android 팀의 효율성 극대화
hadonghyun
0
160
公共領域から学ぶ クラウド移行についてエンジニアが意識していること
kawakawa2222
0
140
AIエージェントを現場に導入する目線とは
masahiro_nishimi
1
1.5k
成長期に歩みを止めないための創業期の開発文化形成
mayah
6
420
ABEMAにおけるLLMを用いたコンテンツベース推薦システム導入と効果検証
cyberagentdevelopers
PRO
1
750
データ分析を支える技術 生成AI再入門
ishikawa_satoru
0
380
20240717_イケコパ代表Copilot_in_Teams会社でこう使ってます
ponponmikankan
2
430
テストケースの自動生成に生成AIの導入を試みた話と生成AIによる今後の期待
shift_evolve
0
190
E2Eテスト自動化プラットフォームにおけるAIの活用
shift_evolve
0
190
【基調講演】変える、今ここから ― IoTとAIで紡ぐ未来
soracom
PRO
0
320
頼られるのが大好きな 皆さんへ - 支援相手との期待の合わせ方、突き放し方 -/For_people_who_like_to_be_relied_on
naitosatoshi
1
290
Featured
See All Featured
Atom: Resistance is Futile
akmur
261
25k
What the flash - Photography Introduction
edds
65
11k
Building Applications with DynamoDB
mza
89
5.8k
Navigating Team Friction
lara
181
13k
Done Done
chrislema
179
15k
How GitHub Uses GitHub to Build GitHub
holman
471
290k
Making the Leap to Tech Lead
cromwellryan
127
8.7k
We Have a Design System, Now What?
morganepeng
46
7k
BBQ
matthewcrist
82
9k
The Cult of Friendly URLs
andyhume
75
5.9k
The Pragmatic Product Professional
lauravandoore
29
6.1k
Building Flexible Design Systems
yeseniaperezcruz
323
37k
Transcript
River Bar, 2013 Solid Python Application Deployments For Everybody Hynek
Schlawack
None
@hynek http://hynek.me http://github.com/hynek http://www.variomedia.de H!
?
AHEAD
http://ox.cx/d Te Oe & Ol Ln
OPINIONS AHEAD
PaaS Schema Migrations
None
Ky Cnet
easy ≠ simple
None
“Simplicity is prerequisite for reliability.” — Edsger W. Dijkstra
“It is important to find simple solutions instead of stopping
as soon as a first solution is found.” — Donald Knuth
Put effort into making your deployments simple.
None
Dvlpet
Dvlpet
None
No!
None
“Python 2.4 is not supported. It came out 8 years
ago. That's older than Youtube. Upgrade.” — Kenneth Reitz
Sal Pafr Key Infrastructure!
Sal Pafr Application is tied to server OS version. Upgrading
servers == updating your app. Some servers upgraded?
Bt Hynek… My boss won’t let me!
tests! Dvlpet
None
אל
spotty outdated loss of control Sse Pcae
spotty outdated loss of control Sse Pcae
spotty outdated loss of control Sse Pcae
None
Ue vruln $ virtualenv venv; . venv/bin/activate $ pip install
pyramid requests pytest $ py.test … $ pip freeze >requirements.txt … $ pip install -r requirements.txt
Pn Dp Hr “Django == 1.4.3” Don’t rely on SemVer!
update w/ pip-tools
SECURITY! Bt Hynek…
Scrt!? It’s your Job.
Si I
+ git
+ git Ne!
Fabric
build tools repetitive downloads Wa’s Wog!?
None
.rpm .deb .pkg.tgz
introspection CM integration versatile Ntv Pcae !?
1. check out from VCS 2. create virtualenv 3. install
dependencies 4. do whatever you want 5. package result 6. push to your repo
1. check out from VCS 2. create virtualenv 3. install
dependencies 4. do whatever you want 5. package result 6. push to your repo
Abuse the Pipeline run tests LESS/SASS/CoffeeScript compression cache busting
Packaging is hard! Bt Hynek…
fpm Np.
fpm \ -s dir \ -t deb \ <appdir>
repo server Bt Hynek…
Rp Sre dpkg -i tar.bz2
Atmt! e
app_name: whois project: DOM build_deps: - libpq-dev run_deps: - libpq5
- authbind
Tee’s mr ta oe wy t d i…
None
!ل
Cn grto Mngmn declarative describe the goal CM choses the
path
Sltos prise-oriented features to to compare the two pet Open
ource Puppet Enterprise ✔ ✔ ✔
prise-oriented features to to compare the two pet Open ource
Puppet Enterprise ✔ ✔ ✔ Not easy at all. Sltos
Wy aya? safety/security reproducible “later”
safety/security reproducible “later” Wy aya?
safety/security reproducible “later” Wy aya?
Ts I i Saig
r t
r t Nein!
Js dn’t.
Piiee Pr drop privileges authbind
Need dat POWER! Bt Hynek…
Snl Proe Wres celery rq zerorpc perspective broker/AMP
B Prni /bin/false iptables file sockets REVOKE ALL SSL fail2ban
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
$ ./manage.py runserver ▌ [0] 0:bash*
None
$ ./manage.py runserver ▌ [0] 0:bash* ᔒ༗!
I’s Es! upstart systemd supervisord circus …
I’s Es! upstart systemd supervisord circus …
Eape: usat $ cat /etc/init/yourapp.conf start on static-network-up stop on
deconfiguring-networking respawn chdir /path/to/yourapp setuid yourapp exec /path/to/gunicorn_django settings.py $ start yourapp
Lg log to stderr redirect stderr syslog use OS tools
Lg … [uwsgi] log-syslog = your-app … twistd --syslog --prefix
your-app …
Lg if $programname == 'you-app' \ then /var/log/your-app.log & ~
+ mod_wsgi
+ mod_wsgi Нет!
Dslie Using Apache is perfectly fine.
Iff you decide consciously for it. Dslie
mod_wsgi
mod_wsgi ? ?
+ g or
+ g or Better separation of concerns.
Es t St U: gncr $ gunicorn_django settings.py $ gunicorn_paster
settings.ini
$ cat settings.py … INSTALLED_APPS = ( … "gunicorn", )
… $ manage.py run_gunicorn Es t St U: gncr
location / { proxy_pass unix:///tmp/app.sock; } location /static/ { root
/your/app/public/; } Es t St U: nix
Fo Es t AEOE
Text
Sil Es: usi uwsgi --emperor production.ini … [uwsgi] paste =
config:%p uwsgi-socket = /tmp/app.sock processes = 2 …
location / { include uwsgi_params; uwsgi_param UWSGI_SCHEME $scheme; uwsgi_pass unix:///tmp/app.sock;
} Sil Es To: nix
Dpo!
Rlbc!
Mntr
Mntr
None
None
Mntr
Maue statsd graphite yunomi
None
None
Maue statsd graphite yunomi
gt 1
http://ox.cx/d @hynek http://hynek.me http://vrmd.de