Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Solid Python Deployments for Everybody by Hynek...
Search
PyCon 2013
March 16, 2013
14
1.1k
Solid Python Deployments for Everybody by Hynek Schlawack
PyCon 2013
March 16, 2013
Tweet
Share
More Decks by PyCon 2013
See All by PyCon 2013
Bayesian statistics made simple by Allen Downey
pyconslides
32
6.3k
Python for Humans
pyconslides
40
6.6k
Contribute with me! Getting started with the tools of free software development by Jessica McKellar
pyconslides
11
2k
ApplePy: An Apple ][ emulator in Python by James Tauber
pyconslides
3
1.5k
Use curses, don't swear by Sean Zicari
pyconslides
2
1.4k
Namespaces in Python by Eric Snow
pyconslides
9
1.8k
Internationalization and Localization Done Right by Ruchi Varshney
pyconslides
9
1.1k
"Good Enough" is good enough! by Alex Martelli
pyconslides
13
2.5k
Plover: Thought to Text at 240 WPM by Mirabai Knight
pyconslides
1
1.2k
Featured
See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
266
13k
Building a Scalable Design System with Sketch
lauravandoore
460
33k
GraphQLとの向き合い方2022年版
quramy
44
13k
The Language of Interfaces
destraynor
154
24k
Designing for humans not robots
tammielis
250
25k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.3k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
28
2.1k
How GitHub (no longer) Works
holman
311
140k
Six Lessons from altMBA
skipperchong
27
3.5k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.3k
What's in a price? How to price your products and services
michaelherold
243
12k
Transcript
PyCon US, 2013 Solid Python Application Deployments For Everybody Hynek
Schlawack
None
@hynek http://hynek.me http://github.com/hynek http://www.variomedia.de Hi!
?
AHEAD
http://ox.cx/d The One & Only Link
OPINIONS AHEAD
PaaS Schema Migrations
None
Key Concept
easy ≠ simple
None
“Simplicity is prerequisite for reliability.” — Edsger W. Dijkstra
“…and security.” — Every Credible Security Expert Ever
Put effort into making your deployments simple.
None
Development
Development
None
No!
None
“Python 2.4 is not supported. It came out 8 years
ago. That's older than Youtube. Upgrade.” — Kenneth Reitz
Stable Platform Key Infrastructure?
But Hyyyn ek… My boss won’t let me!
Development tests!
None
אל
spotty outdated loss of control System Package
spotty outdated loss of control System Package
spotty outdated loss of control System Package
None
Use virtualen $ virtualenv venv; . venv/bin/activate $ pip install
pyramid requests $ py.test … $ pip freeze >requirements.txt … $ pip install -r requirements.txt
Pin Dep Hard “Django == 1.4.3” Don’t rely on SemVer!
update w/ pip-tools
But Hyyyn ek… SECURITY!
Security‽ It’s your Job.
Package It
+ git
+ git Ne!
Fabric
build tools repetitive downloads What’ Wrong‽
None
.rpm .deb .pkg.tgz
introspection CM integration versatile Native Package ‽
1. check out from VCS 2. create virtualenv 3. install
dependencies 4. do whatever you want 5. package result 6. push to your repo
Abuse the Pipeline run tests LESS/SASS/CoffeeScript compression cache busting
Packaging is hard! But Hyyyn ek…
fpm Nope.
But Hyyyn ek… repo server
Rep Serve dpkg -i tar.bz2
Automate!
from … import Deployment def deb(branch=None): deploy = Deployment( 'whois',
build_deps=['libpq-dev',], run_deps=['libpq5',]) deploy.prepare_app( branch=branch) deploy.build_deb()
Lazy?
There’ more than one way t d it…
None
!ل
Configuration Management declarative describe the goal CM choses the path
Solution prise-oriented features to to compare the two pet Open
ource Puppet Enterprise ✔ ✔ ✔
prise-oriented features to to compare the two pet Open ource
Puppet Enterprise ✔ ✔ ✔ Not easy at all. Solution
Why anyway? safety/security reproducible “later”
safety/security reproducible “later” Why anyway?
safety/security reproducible “later” Why anyway?
Kate Heddleston This Room: 2:35 p.m.–3:05 p.m. Chef: Automating web
application infrastructure
Test It in Staging
r t
r t Nein!
Just don’t.
Privileged Port drop privileges authbind
But Hyyyn ek… Need dat POWER!
Single Purpose Worke celery rq zerorpc pb/AMP
Be Paranoid /bin/false iptables file sockets REVOKE ALL SSL fail2ban
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
/bin/false iptables file sockets REVOKE ALL SSL fail2ban Be Paranoid
$ ./manage.py runserver ▌ [0] 0:bash*
None
$ ./manage.py runserver ▌ [0] 0:bash* ᔒ༗!
It’ Easy! upstart systemd supervisord circus …
It’ Easy! upstart systemd supervisord circus …
Example: upstart $ cat /etc/init/yourapp.conf start on static-network-up stop on
deconfiguring-networking respawn chdir /path/to/yourapp setuid yourapp exec /path/to/gunicorn_django settings.py $ start yourapp
+ mod_wsgi
+ mod_wsgi Нет!
Disclaime Using Apache is perfectly fine.
Iff you decide consciously for it. Disclaime
mod_wsgi
mod_wsgi ? ?
+ g or
+ g or Better separation of Concerns.
Easy t Set U : gunicorn $ gunicorn_django settings.py $
gunicorn_paster settings.ini
$ cat settings.py … INSTALLED_APPS = ( … "gunicorn", )
… $ manage.py run_gunicorn Easy t Set U : gunicorn
Easy t Set U : nginx location / { proxy_pass
http://127.0.0.1:5000; } location /static/ { root /your/app/public/; }
Graham Dumpleton This Room: 3:15 p.m.–3:45 p.m. Making Apache suck
less for hosting Python web applications.
Deploy!
Ro back!
Monito
Monito
Measure
Measure statsd graphite scales
got 1
FIN http://ox.cx/d @hynek http://hynek.me http://vrmd.de