PHILOSOPHY
Keep things as simple as possible
While maintaining:
Performance
Observability
Stability
Security
Slide 5
Slide 5 text
Hosting
Configuration
Web Server
Assets (static and media)
OVERVIEW
Additional
Considerations:
Performance
Security
Observability
Slide 6
Slide 6 text
HOSTING
Slide 7
Slide 7 text
PLATFORM AS A
SERVICE (PAAS)
Heroku
PythonAnywhere
Platform.sh
Google App Engine
Google Cloud Run
Slide 8
Slide 8 text
PROS
CONS
PLATFORM AS A SERVICE
(PAAS)
Managed
Monitored
Secured
Supported
Backing services may be
included
Performance
Less flexibility
Cost*
Slide 9
Slide 9 text
FUNCTIONS AS A SERVICE
(FAAS OR SERVERLESS)
AWS Lambda (with Zappa)
Google Cloud Functions
Azure Functions
ZEIT
Slide 10
Slide 10 text
PROS
CONS
FUNCTIONS AS A SERVICE
(FAAS OR SERVERLESS)
Managed
Monitored
Secured
Less expensive*
New = rough edges
Performance and cold
starts
Management
commands
Slide 11
Slide 11 text
KUBERNETES
(MANAGED)
Google Kubernetes
Engine (GKE)
DigitalOcean
Kubernetes
Amazon Elastic
Kubernetes Service (EKS)
Azure Kubernetes
Service (AKS)
SECRETS
API KEYS, SECRET_KEY, SERVICE CREDENTIALS, ETC.
Never in your code repository
(unencrypted)
Slide 24
Slide 24 text
CONFIGURATION
PaaS Configuration
Amazon SSM and Chamber
Kubernetes Secrets
Encrypted in configuration mangagement
Hashicorp Vault
Slide 25
Slide 25 text
GOODCONF
Slide 26
Slide 26 text
GOODCONF
Configuration via file or environment variables
Type casting for environment variables
Auto-generate documentation
Auto-generate commented sample configs
Slide 27
Slide 27 text
No content
Slide 28
Slide 28 text
No content
Slide 29
Slide 29 text
Additional
Considerations:
Performance
Security
Observability
OVERVIEW
Hosting
Configuration
Web Server
Assets (static and media)
Slide 30
Slide 30 text
WEB SERVER
Slide 31
Slide 31 text
WEB SERVER
Slide 32
Slide 32 text
GUNICORN
Slide 33
Slide 33 text
UWSGI
Slide 34
Slide 34 text
Additional
Considerations:
Performance
Security
Observability
OVERVIEW
Hosting
Configuration
Web Server
Assets (static and media)
Slide 35
Slide 35 text
SERVING ASSETS
Slide 36
Slide 36 text
WHITENOISE
pip install whitenoise
Slide 37
Slide 37 text
UWSGI
Slide 38
Slide 38 text
NODE.JS
Source files in version control
Webpack/Parcel to generate static files during build
Add build destination to STATICFILES_DIRS
django-webpack-loader if bundle-splitting
Slide 39
Slide 39 text
MEDIA
Use django-storages
with your preferred
backend (Amazon,
Google, Azure, etc.)
Be careful of public
vs. private
AWS_DEFAULT_ACL
AWS_QUERYSTRING_AUTH
AWS_QUERYSTRING_EXPIRE
Slide 40
Slide 40 text
Additional
Considerations:
Performance
Security
Observability
OVERVIEW
Hosting
Configuration
Web Server
Assets (static and media)
Slide 41
Slide 41 text
GO LIVE!
Slide 42
Slide 42 text
PERFORMANCE
Slide 43
Slide 43 text
USE AN APM
Third-party: NewRelic, Scout, Datadog
Provider: AWS X-Ray, Google Stackdriver Trace
Self-hosted: Elastic
Slide 44
Slide 44 text
DATABASE
Don't be surprised if your laptop performs better
Network latency
Size of dataset
Slide 45
Slide 45 text
DATABASE
Use Postgres (unless you have a
good reason not to)
CONN_MAX_AGE
Reduce queries
select_related
prefetch_related
Indexes
db_index
index_together
Slide 46
Slide 46 text
TEMPLATE FRAGMENT CACHING
Slide 47
Slide 47 text
TEMPLATE
FRAGMENT CACHING
Slide 48
Slide 48 text
CDN
Slide 49
Slide 49 text
CDN
Third Party: Cloudflare, Fastly
Provider: Amazon Cloudfront,
Google Cloud CDN
Slide 50
Slide 50 text
CDN
Cache static files forever (far-future expires)
Cache Django responses if possible
Slide 51
Slide 51 text
Additional
Considerations:
Performance
Security
Observability
OVERVIEW
Hosting
Configuration
Web Server
Assets (static and media)
Slide 52
Slide 52 text
SECURITY
Slide 53
Slide 53 text
CODE
Monitor dependencies for vulnerabilities
(GitHub Security Alerts)
Use a lockfile (pipenv, poetry, pip-compile)
Consider an external audit