Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Solid Python Deployments for Everybody

Hynek Schlawack
March 16, 2013
Programming
8
4k

Solid Python Deployments for Everybody

Without orientation, deployments of Python applications can be tiresome and even painful. This talk attempts to replace anxiety and pain through informed annoyance.

There are extensive additional notes to this talk at http://hynek.me/talks/python-deployments/ .

Hynek Schlawack

March 16, 2013
Tweet

More Decks by Hynek Schlawack

See All by Hynek Schlawack
Subclassing, Composition, Python, and You
hynek
3
220
Classy Abstractions @ Python Web Conf
hynek
0
170
On the Meaning of Version Numbers
hynek
0
280
Maintaining a Python Project When It’s Not Your Job
hynek
1
2.4k
How to Write Deployment-friendly Applications
hynek
0
2.5k
Solid Snakes or: How to Take 5 Weeks of Vacation
hynek
2
5.8k
Get Instrumented: How Prometheus Can Unify Your Metrics
hynek
4
11k
Beyond grep – PyCon JP
hynek
1
3.3k
Beyond grep – EuroPython Edition
hynek
1
10k

Other Decks in Programming

See All in Programming
イベント駆動で成長して委員会
happymana
1
320
「今のプロジェクトいろいろ大変なんですよ、app/services とかもあって……」/After Kaigi on Rails 2024 LT Night
junk0612
5
2.1k
Jakarta EE meets AI
ivargrimstad
0
510
3rd party scriptでもReactを使いたい! Preact + Reactのハイブリッド開発
righttouch
PRO
1
600
ローコードSaaSのUXを向上させるためのTypeScript
taro28
1
610
macOS でできる リアルタイム動画像処理
biacco42
9
2.4k
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
1
100
聞き手から登壇者へ: RubyKaigi2024 LTでの初挑戦が 教えてくれた、可能性の星
mikik0
1
130
Realtime API 入門
riofujimon
0
150
Generative AI Use Cases JP (略称:GenU)奮闘記
hideg
1
290
シールドクラスをはじめよう / Getting Started with Sealed Classes
mackey0225
4
640
Laravel や Symfony で手っ取り早く
OpenAPI のドキュメントを作成する
azuki
1
110

Featured

See All Featured
Building a Modern Day 
E-commerce SEO Strategy
aleyda
38
6.9k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Code Review Best Practice
trishagee
64
17k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
131
33k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5k
How to train your dragon (web standard)
notwaldorf
88
5.7k
Designing for Performance
lara
604
68k
Happy Clients
brianwarren
98
6.7k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.8k
Building Adaptive Systems
keathley
38
2.3k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
169
50k

Transcript

  1. PyCon US, 2013 Solid Python Application Deployments For Everybody Hynek

    Schlawack
  2. None

  3. @hynek http://hynek.me http://github.com/hynek http://www.variomedia.de Hi!

  4. ?

  5. AHEAD

  6. http://ox.cx/d The One & Only Link

  7. OPINIONS AHEAD

  8. PaaS Schema Migrations

  9. None

  10. Key Concept

  11. easy ≠ simple

  12. None

  13. “Simplicity is prerequisite for reliability.” — Edsger W. Dijkstra

  14. “…and security.” — Every Credible Security Expert Ever

  15. Put effort into making your deployments simple.

  16. None

  17. Development

  18. Development

  19. None

  20. No!

  21. None

  22. “Python 2.4 is not supported. It came out 8 years

    ago. That's older than Youtube. Upgrade.” — Kenneth Reitz

  23. Stable Platform Key Infrastructure?

  24. But Hyyyn ek… My boss won’t let me!

  25. Development tests!

  26. None

  27. אל

  28. spotty outdated loss of control System Package

  29. spotty outdated loss of control System Package

  30. spotty outdated loss of control System Package

  31. None

  32. Use virtualen $ virtualenv venv; . venv/bin/activate $ pip install

    pyramid requests $ py.test … $ pip freeze >requirements.txt … $ pip install -r requirements.txt

  33. Pin Dep Hard “Django == 1.4.3” Don’t rely on SemVer!

    update w/ pip-tools

  34. But Hyyyn ek… SECURITY!

  35. Security‽ It’s your Job.

  36. Package It

  37. + git

  38. + git Ne!

  39. Fabric

  40. build tools repetitive downloads What’ Wrong‽

  41. None

  42. .rpm .deb .pkg.tgz

  43. introspection CM integration versatile Native Package ‽

  44. 1. check out from VCS 2. create virtualenv 3. install

    dependencies 4. do whatever you want 5. package result 6. push to your repo

  45. Abuse the Pipeline run tests LESS/SASS/CoffeeScript compression cache busting

  46. Packaging is hard! But Hyyyn ek…

  47. fpm Nope.

  48. But Hyyyn ek… repo server

  49. Rep Serve dpkg -i tar.bz2

  50. Automate!

  51. from … import Deployment def deb(branch=None): deploy = Deployment( 'whois',

    build_deps=['libpq-dev',], run_deps=['libpq5',]) deploy.prepare_app( branch=branch) deploy.build_deb()

  52. Lazy?

  53. There’ more than one way t d it…

  54. None

  56. Configuration Management declarative describe the goal CM choses the path

  57. Solution prise-oriented features to to compare the two pet Open

    ource Puppet Enterprise ✔ ✔ ✔

  58. prise-oriented features to to compare the two pet Open ource

    Puppet Enterprise ✔ ✔ ✔ Not easy at all. Solution

  59. Why anyway? safety/security reproducible “later”

  60. safety/security reproducible “later” Why anyway?

  61. safety/security reproducible “later” Why anyway?

  62. Kate Heddleston This Room: 2:35 p.m.–3:05 p.m. Chef: Automating web

    application infrastructure

  63. Test It in Staging

  64. r t

  65. r t Nein!

  66. Just don’t.

  67. Privileged Port drop privileges authbind

  68. But Hyyyn ek… Need dat POWER!

  69. Single Purpose Worke celery rq zerorpc pb/AMP

  70. Be Paranoid /bin/false iptables file sockets REVOKE ALL SSL fail2ban

  71. /bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid

  72. /bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid

  73. /bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid

  74. /bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid

  75. /bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid

  76. $ ./manage.py runserver ▌ [0] 0:bash*

  77. None

  78. $ ./manage.py runserver ▌ [0] 0:bash* ᔒ༗!

  79. It’ Easy! upstart systemd supervisord circus …

  80. It’ Easy! upstart systemd supervisord circus …

  81. Example: upstart $ cat /etc/init/yourapp.conf start on static-network-up stop on

    deconfiguring-networking respawn chdir /path/to/yourapp setuid yourapp exec /path/to/gunicorn_django settings.py $ start yourapp

  82. + mod_wsgi

  83. + mod_wsgi Нет!

  84. Disclaime Using Apache is perfectly fine.

  85. Iff you decide consciously for it. Disclaime

  86. mod_wsgi

  87. mod_wsgi ? ?

  88. + g or

  89. + g or Better separation of Concerns.

  90. Easy t Set U : gunicorn $ gunicorn_django settings.py $

    gunicorn_paster settings.ini

  91. $ cat settings.py … INSTALLED_APPS = ( … "gunicorn", )

    … $ manage.py run_gunicorn Easy t Set U : gunicorn

  92. Easy t Set U : nginx location / { proxy_pass

    http://127.0.0.1:5000; } location /static/ { root /your/app/public/; }

  93. Graham Dumpleton This Room: 3:15 p.m.–3:45 p.m. Making Apache suck

    less for hosting Python web applications.

  94. Deploy!

  95. Ro back!

  96. Monito

  97. Monito

  98. Measure

  99. Measure statsd graphite scales

  100. got 1

  101. FIN http://ox.cx/d @hynek http://hynek.me http://vrmd.de