• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Django deployment and rpm+yum
 

Django deployment and rpm+yum

on

  • 406 views

 

Statistics

Views

Total Views
406
Views on SlideShare
386
Embed Views
20

Actions

Likes
0
Downloads
3
Comments
0

3 Embeds 20

http://localhost 18
http://eventifier.co 1
http://www.slideee.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Django deployment and rpm+yum Django deployment and rpm+yum Presentation Transcript

    • Django deployment and RPM+YUM by Walter Liu
    • Agenda ● Apache, WSGI, Django ● Django deployment/security note ● Using RPM and YUM
    • Apache+WSGI+Django
    • Why use Apache? runserver is not stable
    • WSGI Web Server Gateway Interface
    • Apache, WSGI, Django
    • Apache contain multi WSGI
    • Example WSGI parameters TraceEnable Off WSGIScriptAlias / /var/www/html/axx_service/wsgi.py WSGIPythonPath /var/www/html/axx_service/ WSGISocketPrefix /var/run/wsgi WSGIProcessGroup axxais WSGIDaemonProcess axxais processes=4 threads=16 maximum-requests=4096 display-name=%{GROUP} # no embedded mode for WSGI. for smaller memory and log message. WSGIRestrictEmbedded on <Directory "/var/www/html/axx_service/"> <Files wsgi.py> Order deny,allow Allow from all </Files> </Directory>
    • Questions?
    • Django deployment note
    • Deployment note ● ● ● ● ● ● ● DEBUG = False TEMPLATE_DEBUG = False 404 template 500 template Host static files Error alert e-mail (ADMINS, MANAGERS) Logging settings
    • Apache+wsgi: Host static files Alias /robots.txt /usr/local/wsgi/static/robots.txt Alias /favicon.ico /usr/local/wsgi/static/favicon.ico AliasMatch /([^/]*.css) /usr/local/wsgi/static/styles/$1 Alias /media/ /usr/local/wsgi/static/media/ <Directory /usr/local/wsgi/static> Order deny,allow Allow from all </Directory> WSGIScriptAlias / /usr/local/wsgi/scripts/myapp.wsgi <Directory /usr/local/wsgi/scripts> Order allow,deny Allow from all </Directory>
    • Django Security note ● ● ● ● SQL Injection protection (ORM) XSS protection Csrf protection (middleware) Clickjacking protection (middleware, default off) ● Possible weak points ○ Weak admin password ○ DEBUG = True ○ Secret Key
    • Questions?
    • Using RPM and YUM
    • Deployment is ? ● ● ● ● ● ● ● ● ● ssh to each host copy files remove files check file integrity [option] config file upgrade [option] POST: restart httpd [option] check service/security status [option] mock test .......
    • Using git? ● No remove files. (may lead to accidents) ● No other script action in update. ● Config files? ● Version report? (at least not easy to read.) ● Not for OPS ● No package dependency ● Not scalable for large deployment
    • Using RPM ● ● ● ● Ensure package version. Add/remove/update files. Pre/Post installation scripting. YUM for remote and repository
    • How to create RPM ● Prepare *.spec file ● Use rpmbuild to build rpm. (refer AIS)
    • RPM SPEC File
    • rpmbuild script
    • YUM server and repo RPM Now, setup a YUM server + repo RPM, and you may ● yum install pitlane ● yum install pitlane-worker ● yum update pitlane ● #rollback version with ● Auto-dependency
    • What left?
    • Concurrent command to hosts
    • omnitty vs. ssh-keygen ● omnitty ● ssh-key and scripting ● fabric + ssh-key
    • Omnitty
    • sshkey + scripting Example: pitlane_web.py update -> host_list = ...... -> for host in host_list: -> os.system("ssh $s yum update pitlane") How ● generate ssh public key ● copy/cat to target host .ssh/authorized_key
    • Fabric Based on sshkey Made for deployment.
    • Q&A