Save 37% off PRO during our Black Friday Sale! »

Application Deployment: State of the Onion by Noah Kantrowitz

Application Deployment: State of the Onion by Noah Kantrowitz


PyCon 2014

April 11, 2014


  1. State of the Onion Application Deployment Noah Kantrowitz

  2. Me •PSF + PyCon •Balanced •Chef •Making things

  3. Platform Web Server Database App Code Configuration Orchestration

  4. None
  5. Application Code

  6. None
  7. •Simple •Everywhere •Repetitive Tar

  8. •Efficient •Everywhere •Many options Rsync

  9. •Common SCM •Push or pull •Single truth Git

  10. •Pull based •Simple server •Solid tools Packages

  11. •Build packages •No moving parts •See also: depot Omnibus

  12. Configuration Management

  13. None
  14. •Versioned •Readable •Inflexible Flat Files

  15. •Ruby-based •Declarative-ish •Big ecosystem Chef

  16. •Custom DSL •Declarative •Big ecosystem Puppet

  17. •YAML + Jinja •Second wave •Growing SaltStack

  18. •YAML + Jinja •Very new •Agent-less Ansible

  19. None
  20. Orchestration

  21. None
  22. •for x in ... •ssh $x ... •knife ssh SSH

  23. •Python •Task based •Parallel Fabric

  24. •Ad-hoc shell •Dynamic nodes •Accelerated Ansible

  25. •ZeroMQ •Minions only •Modules SaltStack

  26. •AMQP bus •Limited ad-hoc •Live discovery MCollective

  27. •API-driven •Centralized •Workflows Rundeck

  28. •Hubot •Visibility •Emerging trend Chatops

  29. Database

  30. None
  31. •Relational •ACID •Add-ons galore Postgres

  32. •Relational •Mostly ACID •Many forks MySQL

  33. None
  34. •Key/value store •In-memory •Limited HA Redis

  35. •Distributed •Big Table •CQL Cassandra

  36. •Distributed •2i, Search, MR •CRDTs Riak

  37. •MongoDB •Couch* •Interns Others

  38. •Consistent •Slow •Paxos ZooKeeper

  39. Web Server

  40. None
  41. •Battle tested •Flexible MPMs •mod_wsgi Apache

  42. •Concurrent •Simple config •Proxy Nginx

  43. •Pure Python •Simple •Fast Gunicorn

  44. •C extension •Extra features •Config soup Uwsgi

  45. •Really fast •Mix w/ async •Complex Twisted

  46. •Fastly •CloudFront •Varnish CDNs

  47. Server Provisioning

  48. None
  49. •knife ec2 •novaclient •Web UI Manual

  50. •Vendor lock-in •Limited triggers •Easy AWS ASGs

  51. •Whole infra •Fragile state •Very powerful CloudFormation

  52. •OpenStack •Yaml format •Limited compat Heat

  53. •Expensive •Cross-cloud •Chef RightScale

  54. •Netflix stack •AWS ASGs •Deployment Asgard

  55. Secrets Management

  56. None
  57. •Existing tools •Versioned •Insecure Config

  58. •Encrypted bags •Ansible Vault •Unwise Encryption

  59. •Vendor lock in •Moving pieces •Relatively safe S3+IAM

  60. •OpenStack(ish) •Very new •Promising Barbican

  61. •N-of-M •Cold storage •GPG-based Red October

  62. Other services

  63. •Statsd •Collectd •Graphite Metrics

  64. •Logstash •Kibana •Sentry Logs

  65. Platform as a Service

  66. •Easy •No really, easy •Inflexible & $$$ Heroku

  67. •Mild lock-in •Scalable •Few users GAE

  68. •Open-source •No lock-in •Difficult deploy OpenShift

  69. •Docker-based •Very young •Promising Deis/Flynn

  70. Attribution Some images copyright Florida Center for Instructional Technology. All

    logos are property of their respective owners.
  71. Thank you