Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
River Bar, 2013 Solid Python Application Deployments For Everybody Hynek Schlawack
Slide 2
Slide 2 text
No content
Slide 3
Slide 3 text
@hynek http://hynek.me http://github.com/hynek http://www.variomedia.de H!
Slide 4
Slide 4 text
?
Slide 5
Slide 5 text
AHEAD
Slide 6
Slide 6 text
http://ox.cx/d Te Oe & Ol Ln
Slide 7
Slide 7 text
OPINIONS AHEAD
Slide 8
Slide 8 text
PaaS Schema Migrations
Slide 9
Slide 9 text
No content
Slide 10
Slide 10 text
Ky Cnet
Slide 11
Slide 11 text
easy ≠ simple
Slide 12
Slide 12 text
No content
Slide 13
Slide 13 text
“Simplicity is prerequisite for reliability.” — Edsger W. Dijkstra
Slide 14
Slide 14 text
“It is important to find simple solutions instead of stopping as soon as a first solution is found.” — Donald Knuth
Slide 15
Slide 15 text
Put effort into making your deployments simple.
Slide 16
Slide 16 text
No content
Slide 17
Slide 17 text
Dvlpet
Slide 18
Slide 18 text
Dvlpet
Slide 19
Slide 19 text
No content
Slide 20
Slide 20 text
No!
Slide 21
Slide 21 text
No content
Slide 22
Slide 22 text
“Python 2.4 is not supported. It came out 8 years ago. That's older than Youtube. Upgrade.” — Kenneth Reitz
Slide 23
Slide 23 text
Sal Pafr Key Infrastructure!
Slide 24
Slide 24 text
Sal Pafr Application is tied to server OS version. Upgrading servers == updating your app. Some servers upgraded?
Slide 25
Slide 25 text
Bt Hynek… My boss won’t let me!
Slide 26
Slide 26 text
tests! Dvlpet
Slide 27
Slide 27 text
No content
Slide 28
Slide 28 text
אל
Slide 29
Slide 29 text
spotty outdated loss of control Sse Pcae
Slide 30
Slide 30 text
spotty outdated loss of control Sse Pcae
Slide 31
Slide 31 text
spotty outdated loss of control Sse Pcae
Slide 32
Slide 32 text
No content
Slide 33
Slide 33 text
Ue vruln $ virtualenv venv; . venv/bin/activate $ pip install pyramid requests pytest $ py.test … $ pip freeze >requirements.txt … $ pip install -r requirements.txt
Slide 34
Slide 34 text
Pn Dp Hr “Django == 1.4.3” Don’t rely on SemVer! update w/ pip-tools
Slide 35
Slide 35 text
SECURITY! Bt Hynek…
Slide 36
Slide 36 text
Scrt!? It’s your Job.
Slide 37
Slide 37 text
Si I
Slide 38
Slide 38 text
+ git
Slide 39
Slide 39 text
+ git Ne!
Slide 40
Slide 40 text
Fabric
Slide 41
Slide 41 text
build tools repetitive downloads Wa’s Wog!?
Slide 42
Slide 42 text
No content
Slide 43
Slide 43 text
.rpm .deb .pkg.tgz
Slide 44
Slide 44 text
introspection CM integration versatile Ntv Pcae !?
Slide 45
Slide 45 text
1. check out from VCS 2. create virtualenv 3. install dependencies 4. do whatever you want 5. package result 6. push to your repo
Slide 46
Slide 46 text
1. check out from VCS 2. create virtualenv 3. install dependencies 4. do whatever you want 5. package result 6. push to your repo
Slide 47
Slide 47 text
Abuse the Pipeline run tests LESS/SASS/CoffeeScript compression cache busting
Slide 48
Slide 48 text
Packaging is hard! Bt Hynek…
Slide 49
Slide 49 text
fpm Np.
Slide 50
Slide 50 text
fpm \ -s dir \ -t deb \
Slide 51
Slide 51 text
repo server Bt Hynek…
Slide 52
Slide 52 text
Rp Sre dpkg -i tar.bz2
Slide 53
Slide 53 text
Atmt! e
Slide 54
Slide 54 text
app_name: whois project: DOM build_deps: - libpq-dev run_deps: - libpq5 - authbind
Slide 55
Slide 55 text
Tee’s mr ta oe wy t d i…
Slide 56
Slide 56 text
No content
Slide 57
Slide 57 text
!ل
Slide 58
Slide 58 text
Cn grto Mngmn declarative describe the goal CM choses the path
Slide 59
Slide 59 text
Sltos prise-oriented features to to compare the two pet Open ource Puppet Enterprise ✔ ✔ ✔
Slide 60
Slide 60 text
prise-oriented features to to compare the two pet Open ource Puppet Enterprise ✔ ✔ ✔ Not easy at all. Sltos
Slide 61
Slide 61 text
Wy aya? safety/security reproducible “later”
Slide 62
Slide 62 text
safety/security reproducible “later” Wy aya?
Slide 63
Slide 63 text
safety/security reproducible “later” Wy aya?
Slide 64
Slide 64 text
Ts I i Saig
Slide 65
Slide 65 text
r t
Slide 66
Slide 66 text
r t Nein!
Slide 67
Slide 67 text
Js dn’t.
Slide 68
Slide 68 text
Piiee Pr drop privileges authbind
Slide 69
Slide 69 text
Need dat POWER! Bt Hynek…
Slide 70
Slide 70 text
Snl Proe Wres celery rq zerorpc perspective broker/AMP
Slide 71
Slide 71 text
B Prni /bin/false iptables file sockets REVOKE ALL SSL fail2ban
Slide 72
Slide 72 text
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
Slide 73
Slide 73 text
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
Slide 74
Slide 74 text
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
Slide 75
Slide 75 text
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
Slide 76
Slide 76 text
/bin/false iptables file sockets REVOKE ALL SSL fail2ban B Prni
Slide 77
Slide 77 text
$ ./manage.py runserver ▌ [0] 0:bash*
Slide 78
Slide 78 text
No content
Slide 79
Slide 79 text
$ ./manage.py runserver ▌ [0] 0:bash* ᔒ༗!
Slide 80
Slide 80 text
I’s Es! upstart systemd supervisord circus …
Slide 81
Slide 81 text
I’s Es! upstart systemd supervisord circus …
Slide 82
Slide 82 text
Eape: usat $ cat /etc/init/yourapp.conf start on static-network-up stop on deconfiguring-networking respawn chdir /path/to/yourapp setuid yourapp exec /path/to/gunicorn_django settings.py $ start yourapp
Slide 83
Slide 83 text
Lg log to stderr redirect stderr syslog use OS tools
Slide 84
Slide 84 text
Lg … [uwsgi] log-syslog = your-app … twistd --syslog --prefix your-app …
Slide 85
Slide 85 text
Lg if $programname == 'you-app' \ then /var/log/your-app.log & ~
Slide 86
Slide 86 text
+ mod_wsgi
Slide 87
Slide 87 text
+ mod_wsgi Нет!
Slide 88
Slide 88 text
Dslie Using Apache is perfectly fine.
Slide 89
Slide 89 text
Iff you decide consciously for it. Dslie
Slide 90
Slide 90 text
mod_wsgi
Slide 91
Slide 91 text
mod_wsgi ? ?
Slide 92
Slide 92 text
+ g or
Slide 93
Slide 93 text
+ g or Better separation of concerns.
Slide 94
Slide 94 text
Es t St U: gncr $ gunicorn_django settings.py $ gunicorn_paster settings.ini
Slide 95
Slide 95 text
$ cat settings.py … INSTALLED_APPS = ( … "gunicorn", ) … $ manage.py run_gunicorn Es t St U: gncr
Slide 96
Slide 96 text
location / { proxy_pass unix:///tmp/app.sock; } location /static/ { root /your/app/public/; } Es t St U: nix
Slide 97
Slide 97 text
Fo Es t AEOE
Slide 98
Slide 98 text
Text
Slide 99
Slide 99 text
Sil Es: usi uwsgi --emperor production.ini … [uwsgi] paste = config:%p uwsgi-socket = /tmp/app.sock processes = 2 …
Slide 100
Slide 100 text
location / { include uwsgi_params; uwsgi_param UWSGI_SCHEME $scheme; uwsgi_pass unix:///tmp/app.sock; } Sil Es To: nix
Slide 101
Slide 101 text
Dpo!
Slide 102
Slide 102 text
Rlbc!
Slide 103
Slide 103 text
Mntr
Slide 104
Slide 104 text
Mntr
Slide 105
Slide 105 text
No content
Slide 106
Slide 106 text
No content
Slide 107
Slide 107 text
Mntr
Slide 108
Slide 108 text
Maue statsd graphite yunomi
Slide 109
Slide 109 text
No content
Slide 110
Slide 110 text
No content
Slide 111
Slide 111 text
Maue statsd graphite yunomi
Slide 112
Slide 112 text
gt 1
Slide 113
Slide 113 text
http://ox.cx/d @hynek http://hynek.me http://vrmd.de