Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Solid Python Deployments for Everybody by Hynek...
Search
PyCon 2013
March 16, 2013
14
1.1k
Solid Python Deployments for Everybody by Hynek Schlawack
PyCon 2013
March 16, 2013
Tweet
Share
More Decks by PyCon 2013
See All by PyCon 2013
Bayesian statistics made simple by Allen Downey
pyconslides
32
6.2k
Python for Humans
pyconslides
40
6.6k
Contribute with me! Getting started with the tools of free software development by Jessica McKellar
pyconslides
11
2k
ApplePy: An Apple ][ emulator in Python by James Tauber
pyconslides
3
1.5k
Use curses, don't swear by Sean Zicari
pyconslides
2
1.4k
Namespaces in Python by Eric Snow
pyconslides
9
1.8k
Internationalization and Localization Done Right by Ruchi Varshney
pyconslides
9
1.1k
"Good Enough" is good enough! by Alex Martelli
pyconslides
13
2.5k
Plover: Thought to Text at 240 WPM by Mirabai Knight
pyconslides
1
1.2k
Featured
See All Featured
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
7.9k
The Power of CSS Pseudo Elements
geoffreycrofte
72
5.3k
It's Worth the Effort
3n
183
27k
Art, The Web, and Tiny UX
lynnandtonic
296
20k
Thoughts on Productivity
jonyablonski
67
4.3k
Happy Clients
brianwarren
97
6.7k
GitHub's CSS Performance
jonrohan
1030
460k
Keith and Marios Guide to Fast Websites
keithpitt
408
22k
Fireside Chat
paigeccino
32
3k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
3
370
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
22k
Transcript
PyCon US, 2013 Solid Python Application Deployments For Everybody Hynek
Schlawack
None
@hynek http://hynek.me http://github.com/hynek http://www.variomedia.de Hi!
?
AHEAD
http://ox.cx/d The One & Only Link
OPINIONS AHEAD
PaaS Schema Migrations
None
Key Concept
easy ≠ simple
None
“Simplicity is prerequisite for reliability.” — Edsger W. Dijkstra
“…and security.” — Every Credible Security Expert Ever
Put effort into making your deployments simple.
None
Development
Development
None
No!
None
“Python 2.4 is not supported. It came out 8 years
ago. That's older than Youtube. Upgrade.” — Kenneth Reitz
Stable Platform Key Infrastructure?
But Hyyyn ek… My boss won’t let me!
Development tests!
None
אל
spotty outdated loss of control System Package
spotty outdated loss of control System Package
spotty outdated loss of control System Package
None
Use virtualen $ virtualenv venv; . venv/bin/activate $ pip install
pyramid requests $ py.test … $ pip freeze >requirements.txt … $ pip install -r requirements.txt
Pin Dep Hard “Django == 1.4.3” Don’t rely on SemVer!
update w/ pip-tools
But Hyyyn ek… SECURITY!
Security‽ It’s your Job.
Package It
+ git
+ git Ne!
Fabric
build tools repetitive downloads What’ Wrong‽
None
.rpm .deb .pkg.tgz
introspection CM integration versatile Native Package ‽
1. check out from VCS 2. create virtualenv 3. install
dependencies 4. do whatever you want 5. package result 6. push to your repo
Abuse the Pipeline run tests LESS/SASS/CoffeeScript compression cache busting
Packaging is hard! But Hyyyn ek…
fpm Nope.
But Hyyyn ek… repo server
Rep Serve dpkg -i tar.bz2
Automate!
from … import Deployment def deb(branch=None): deploy = Deployment( 'whois',
build_deps=['libpq-dev',], run_deps=['libpq5',]) deploy.prepare_app( branch=branch) deploy.build_deb()
Lazy?
There’ more than one way t d it…
None
!ل
Configuration Management declarative describe the goal CM choses the path
Solution prise-oriented features to to compare the two pet Open
ource Puppet Enterprise ✔ ✔ ✔
prise-oriented features to to compare the two pet Open ource
Puppet Enterprise ✔ ✔ ✔ Not easy at all. Solution
Why anyway? safety/security reproducible “later”
safety/security reproducible “later” Why anyway?
safety/security reproducible “later” Why anyway?
Kate Heddleston This Room: 2:35 p.m.–3:05 p.m. Chef: Automating web
application infrastructure
Test It in Staging
r t
r t Nein!
Just don’t.
Privileged Port drop privileges authbind
But Hyyyn ek… Need dat POWER!
Single Purpose Worke celery rq zerorpc pb/AMP
Be Paranoid /bin/false iptables file sockets REVOKE ALL SSL fail2ban
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
$ ./manage.py runserver ▌ [0] 0:bash*
None
$ ./manage.py runserver ▌ [0] 0:bash* ᔒ༗!
It’ Easy! upstart systemd supervisord circus …
It’ Easy! upstart systemd supervisord circus …
Example: upstart $ cat /etc/init/yourapp.conf start on static-network-up stop on
deconfiguring-networking respawn chdir /path/to/yourapp setuid yourapp exec /path/to/gunicorn_django settings.py $ start yourapp
+ mod_wsgi
+ mod_wsgi Нет!
Disclaime Using Apache is perfectly fine.
Iff you decide consciously for it. Disclaime
mod_wsgi
mod_wsgi ? ?
+ g or
+ g or Better separation of Concerns.
Easy t Set U : gunicorn $ gunicorn_django settings.py $
gunicorn_paster settings.ini
$ cat settings.py … INSTALLED_APPS = ( … "gunicorn", )
… $ manage.py run_gunicorn Easy t Set U : gunicorn
Easy t Set U : nginx location / { proxy_pass
http://127.0.0.1:5000; } location /static/ { root /your/app/public/; }
Graham Dumpleton This Room: 3:15 p.m.–3:45 p.m. Making Apache suck
less for hosting Python web applications.
Deploy!
Ro back!
Monito
Monito
Measure
Measure statsd graphite scales
got 1
FIN http://ox.cx/d @hynek http://hynek.me http://vrmd.de