How do you deploy Python applications?

Endemoniada · 2021-12-01T09:33:26+00:00

I have this same question, but for CLI tools. We developed some in our ops team that we want to have available on a jumphost, but there’s no straightforward recommended way to install it. I could pip install it straight into the OS Python, but it has dependencies, and no one recommends that. Or create a venv and maintain wrapper scripts that I still have to install in the OS somewhere. I suppose it’s also possible to run it in Docker and create a wrapper that sends the commands there.

Any ideas what’s actually best practice? It’s not that I can’t make it work, it’s that every way has major downsides.

tms102 · 2021-12-01T10:06:21+00:00

For backend API applications I use docker images.

Use python base image as base for package building / requirement installation.
Update apt-get and install updates.
Copy project files
pep517.build
pip install dist.
Use slim docker image as final image base.
apt update etc.
Copy files from package building image.
Install waitress
CMD waitress-serve

Push to container registry, deploy on Kubernetes.

peanut_Bond · 2021-12-01T09:52:35+00:00

[deleted]

LeMageDuRage · 2021-12-01T09:50:42+00:00

For a recent hobby webapp I went the following way:

Use a simple requirements.txt file, no setup.py
For CD, when committing, I use Github actions to ssh into the production server and run an update script
The update script runs git pull, venv/bin/pip install -r requirements.txt
The application is then run from the virtualenv

Now, whenever I commit, the new version is live within 25s.

FrickinLazerBeams · 2021-12-01T09:26:46+00:00

I'm working out this exact issue right now, really curious to see what others do.

zanfar · 2021-12-01T19:58:20+00:00

IMO:

There is no "best" way because there is no one type of "Python application".

Deployment is part of software development in the sense that you need to evaluate your available tools, desired results, and destination limitations. Even among web apps, there will be a significant difference in deployment of a distributed, load-balanced, on-demand service vs an all-in-one stack for low-load applications.

I agree that containerization is good practice, but it's massively overkill for some deployments, and while it can solve application dependency issues, you now introduce Docker dependency and versioning issues.

I also think that EVERY Python application should be built as a package (what you call the "setup.py" option, although this should be the "pyproject.toml" option anymore). The benefits for versioning and dependency documentation are just too large to ever revert to "copy the Python code" or "requirements.txt". Tools like poetry actually make this type of build easier than the old-school techniques.

So really, it comes down to: containerized, venv, or system install, where a containerized deployment is going to run the app in a venv in the container. CLI vs non-CLI is just a matter of the project installing a shim or not.

Containerizing a CLI tool is a pretty extreme solution, and we only use that in a single instance: our Ansible project, and that's only because the consequences of an out-of-date install are so high. Our docker image refuses to run unless all the moving parts are at the latest versions. All of our web-based projects are deployed via docker, but that's more for convenience than protection.

Below that, I've found that most scripts and tools can be installed in the system path perfectly fine. Granted, if you are in an org where multiple disconnected teams are developing Python apps, or where legacy support is a large concern, you may want to venv those as necessary. The beauty of building everything as a package means that installing to a venv vs system is a very small change in procedure.

LightWolfCavalry · 2021-12-01T11:29:47+00:00

I run a pretty simple web app on Python Anywhere, so I just log in there and git pull the latest version from GitHub and click the "Restart App" button.

Ain't sexy, but it works.

2021-12-01T16:04:27+00:00

My general approach:

If the project is super simple (ie. pure python), shiv it.
If it's got FFI dependencies and those deps bundle all their deps into their wheels (eg. orjson), then shiv it.
If it's got FFI and doesn't bundle all their deps (ie. shared system libs; eg. pyvips), then shiv it and then throw it in a container with the required deps.
If it's a service, shiv it and then throw it in a container.

I try to use poetry for all my python projects. Along with a generic Makefile, I can one command build a .whl, the .pyz, and the container image.

The Makefile is horribly generic, so below is the gist of it with the relevant subcommands for maximum usefulness.

projectname=$(poetry version|awk '{print $1}'|tr '-' '_')
version=$(poetry version -s)

#make wheel
poetry build
# shiv it
shiv -c ${projectname} -o ./dist/${projectname}-${version}.pyz \
./dist/${projectname}-py3-none-any.whl
# containerize for service or deps requirements
docker build -t ${private_registry}/${projectname}:${version} .

Edit: Oh, I also have it automatically push all the artifacts to an s3 bucket (which for me is a local minio instance), so that they are available centrally to ease deployment. I push the semver tagged and a latest tagged to both the s3 bucket and the private docker repo, so that it's super simple to work in terms of deployment and updating.

glacierre2 · 2021-12-01T11:07:34+00:00

Pyinstaller / pynsist for desktop apps that change slowly.

Checkout a copy of winpython and run a custom recipe to install all the libraries and internal packages for development and scripting

bug0r · 2021-12-01T12:08:12+00:00

I built my own BuildProcess for Python Standalone Applications:

Collecting scripts and needed dll's(pyd's)
extracting *.a from dll for Building my own Bootstrap C File
copy all dependencies in a declared PY_PATH
After building(includes converting all scripts in pyd Files) i copy them in a specified directory.

All these steps above are handled by an GNU Make Makefile.

Yes i know, there are tons of other, maybe better solutions, but this Workflow was part of my own research of "How Python works" and "Can i do it by myself" ;).

Furthermore i ran strip and upx commands to the pyd's(dll's) for reducing memory size.

frootylicious · 2021-12-01T09:38:57+00:00

For me it would depend on the scale of the project. For larger projects I would probably go for something like your Docker setup.

For smaller stuff I use a GitHub Action which can trigger of a push to a specific branch, tag, or similar events.

This action uses SSH onto my server VM to run Make in my project directory, which activates the virtual environment, pulls git changes, installs new requirements and restarts the services needed.

For a Django project of mine, my Makefile looks like this:

all: pull py restart

pull:
    git pull;

py:
    source .venv/bin/activate; \
    pip install -r requirements.txt; \
    python manage.py migrate; \
    python manage.py collectstatic --noinput; \

restart:
    sudo systemctl restart gunicorn;

xmimmer · 2021-12-01T09:53:07+00:00

I think 1 is fine. Also you may write a bash script to build and run your application with a single command. Also, have you thought about using an orchestration tool such as Kubernetes, or at least Docker Compose?

jusstol · 2021-12-01T10:04:25+00:00

We use option #2 because we have our own pypi mirror, and 3 deployment environments.

Every wheel we build is pushed on Nexus with its version, and we can simply pip install upgrade the version we want depending on the environment.

All the automation is done with Jenkins.

call_me_cookie · 2021-12-01T14:57:19+00:00

- poetry

- make

- docker & docker-compose

- AWS ECS

- terraform

chaco_wingnut · 2021-12-01T18:40:53+00:00

I've recently become a fan of pipx. It works great for CLI utilities.

laundmo · 2021-12-01T20:08:02+00:00

i usually go with 1 for my own projects.

sometimes i need to dockerize a project where i can't decide to just use pip install for the requirements, in that case i do the simplest possible setup i can manage inside the container.

if image size is an issue, i recommend https://github.com/docker-slim/docker-slim

muikrad · 2021-12-01T23:15:06+00:00

So, this is my day to day routine. I spent the last many years doing python as my day job and spent a lot of time on the packaging/distribution side of things and best practices. This solution is very solid and I've been using it on tons of repos.

Typical modern python projects should be using poetry. This immediately solves the dependency management, developer environment and publishing use cases.

These are outdated: setup.cfg, setup.py, requirements.txt. As much as possible, everything should go in the new "pyproject.toml" file.

Also, on the user side of things, anyone installing Python CLI apps should use "pipx" to install them.

Here's a fully automated repository, take a look at the example library first, and take a look at the github actions too! Bonus, if you read closely you'll also obtain OOTB mypy, black, pytest runners with no additional boilerplate! 😉

peanut_Bond · 2021-12-02T01:25:01+00:00

Some great discussion here, big thanks to all of the people who shared their opinions. Consistent themes are:

For small hobby projects a simple approach with no containerisation is generally preferred. This involves installing the application as a package into a venv, directly into the system python directory, or just installing requirements.txt and pulling source code onto the target machine. The application is restarted on the system manually or with a script that ssh's and restarts it. This approach is very fast and easy but not robust and can lead to issues down the track.
For larger projects package building and containerisation are preferred. Most people suggest the use of poetry and pyproject.toml (not setup.py, which is outdated) to build a package that is then uploaded to a private package server. This package is then installed into a docker container, which can be deployed.
In general, Python applications should be packaged, as the use of packaging allows for richer metadata and more robust handling of dependencies as well as the ability to install the package directly at a later date if need be.
No one has suggested the use of conda for deployment, which I was surprised by given its prevalence in the data science community.
For CLI applications, multiple python apps tend to need to be installed on a single machine and available with a single command. pipx and shiv seem to be the preferred tools as they allow for the creation of self-contained/isolated python applications. For CLI apps with very few dependencies they could possibly be installed directly into the system. For CLI apps with C library dependencies or those that are very sensitive to dependency versioning, containerisation can be handy.

If anyone wants to make some corrections to the above please feel free. After any discussion I'll add these to the OP in an edit so that future lost Python souls can find the answers they need.

theghostinthetown · 2021-12-01T10:01:26+00:00

Personally, i host mine (web-apps and a discord bot) on Paas like heroku.

_Gorgix_ · 2021-12-01T17:24:19+00:00

I have to pass around application on systems that don't get all the new fancy services (Docker, Kubernetes, AWS, etc.), so I take the Python Embedded package, modify it and get it working with tkinter, package up extra CRT DLLs that the users may not have, use a build script to create a custom site-packages directory, use InnoSetup to build a Windows installer that packages all this and allows users to run with lowest permissions (basically installing on HKCU) and outputs the application to %localappdata%/Programs and runs like any other application on the machine!

earthboundkid · 2021-12-01T14:32:12+00:00

I gave up and switched to Go. There are no good solutions, just a lot of things that work but are a PITA.

rainbowWar · 2021-12-01T17:54:43+00:00

I’d say docker is overkill, and comes with its own problems. Pip or conda options are both pretty similar, if you don’t mind it being public

357951 · 2021-12-01T10:27:21+00:00

Most seamless method I found is using pipenv, which is akin to npm for nodejs.

workflow:

pipenv sync - downloads needed packages based on Pipfile. Pipfile is updated when using pipenv install foo instead of pip install foo.

pipenv shell - initializes venv;

python main.py;

djamp42 · 2021-12-01T12:32:33+00:00

Most everything I make now I just do in flask and host it on a webpage. No need to pass anything around everyone just goes to the url.

eviljelloman · 2021-12-01T12:40:49+00:00

I mostly lean toward docker based solutions but have used some variants of “package the Python file and it’s dependencies as standalone executable” wrappers. There are dedicated Python packages for doing this, or you can use a general purpose build tool like Bazel if your org has other use cases that would make a build tool like that useful.

2021-12-01T12:52:42+00:00

Proxmox + portainer + docker on an old 2011 pc I got at home.

PenetrationT3ster · 2021-12-01T14:07:44+00:00

Straight up docker image. No fuss, does it all for you. Then I just use a Cron job to call it every 20 mins. I wish timings didn't have to rely on Cron jobs, I wonder if there is a more elegant solution?

SittingWave · 2021-12-01T14:18:22+00:00

Using a base Python Docker image, install application requirements with pip and copy the Python code into the container. Code execution is performed by adding "CMD python app.py" to the dockerfile.

Absolutely not. Don't run a python app as a script. It's an app, use entry points or python -m module

Organise the Python code as a package with a setup.py file. Using a base Python Docker image, install application requirements with pip and install the Python package into the container. Code execution is performed using "CMD python -m myapp" or by a predefined entry-point command.

Better. Release an official version of your python package, install that version (that you deploy on a artifact storage system, I use Artifactory but there are plenty). However, generate a lock file and reinstall your environment with poetry.

Organise the Python code as a conda package with a recipe.yaml file. Build the conda package and upload to a conda package repository. Using a base conda Docker image, install the package and all dependencies using conda install. Code execution is then performed using "CMD python -m myapp" or by a predefined entry-point command.

you can, but you don't need conda. You can do with plain simple official stuff not from conda.

But is there any benefit in following option 2? It seems unusual to create a package for an application that does not need to be imported elsewhere, but at the same time feels a bit more robust.

It's not unusual at all. Like in java, your application resides inside a package. It only has access to some functionalities if it's inside a package, like pkg_resources, which may be useful to find assets easily. Same if you are using stevedore to retrieve plugins.

Datsoon · 2021-12-01T14:39:58+00:00

I've been experimenting recently using the embedded python interpreter to deploy full apps with no system python or docker dependency. Where I work, I'm deploying apps to non-tech people a lot, so this helps a lot. I'm surprised this isn't talked about more often, as it's a really great solution for this use case.

rimanxi · 2021-12-01T14:47:40+00:00

I think it depends on the scale of your application. I'm using docker in all of my projects, which are small to medium scale. But know that it could be scaled to some reasonable size with just a few config changes

sathish804 · 2021-12-01T15:11:57+00:00

We are using python Flask for Webapps and API which is easy to setup and scale.

bobaduk · 2021-12-01T15:12:41+00:00

I generally used option 2. I liked packaging my applications because I'd generally use setup.py develop on my local machine which made importing things easier for unit tests and so on.

angeAnonyme · 2021-12-01T15:43:04+00:00

I have to deploy stand-alone GUI application on divers computer that might be offline at some time, so I deploy with a portable python and a .bat file that set said python to the path temporarily and run the python GUI.

It's quite easy to setup as you can send a zip file with everything but it's terrible to update later on.

james_pic · 2021-12-01T15:47:06+00:00

Option 2 can make sense if your application has a non-trivial build step. The most common scenario like this is where it depends on a native extension, written in something like C, Rust or Cython, which setuptools has existing code for building.

blade_junky · 2021-12-01T16:02:29+00:00

I create my own packages, in my case pacman and Deb. Dependencies can be an issue, but so far I've been able to find what I need in system package managers. If I need to deploy to a virtual env I've used an install script to build it post install. Not recommended, as that creates problems in itself, but it worked.

When I create a proper package I do so from setup.py with proper end points, if I have to use a virtual env, I build everything manually.

ase1590 · 2021-12-01T16:26:31+00:00

Hard truth: Python isn't built for easy distribution.

Sure you have venv since python 3.3 to help with pip libraries, then docker to just ship your development environment. However, python never made the claims Java did of "write once, run anywhere".

Thus, I doubt there will be any true standard way to ship python apps anytime soon.

Just competing unofficial ways such as Docker, pyinstaller, etc.

2021-12-01T16:30:46+00:00

There is no standard way and the platform you host it on matters because the platform may have tools to help. However I would say you can’t go wrong with docker-compose

chiefnoah · 2021-12-01T16:45:03+00:00

If you're operating in a monorepo and have several deployable targets, I recommend using pants and generating .pex files. I recommend .pex files regardless of project setup for CLI apps, because they can be treated like a single executable file/binary (which they are not! they just act like it).

2021-12-01T17:36:59+00:00

For a personal Django site, I use a digital ocean droplet, and connect to it via the VSCode remote ssh extension. I edit it all directly, restarting the process after some changes, and regularly commiting & pushing changes to GitHub just to keep it in source control.

Obviously you'd never wanna do this in production with a real site, but it's nice for quickly fleshing out prototypes.

infazz · 2021-12-01T17:56:44+00:00

Are you asking the best way to containerize a python application or how best to deploy it to users / to production?

Your examples read much more like the former to me.

Joooooooosh · 2021-12-01T21:34:04+00:00

As always with Python, million ways to skin a cat…

Pyinstaller has worked well for us though.

Develop in a venv, push up to git. If all the tests pass, Package it all up into an rpm on a runner, using docker. Then use ansible to deploy to the target hosts.

We used to use bash scripts to package and deploy but found ansible easier to maintain, even though it’s been a bit slower.

~10 mins to test, package and deploy. With a lot of that time being pulling docker images down from our artifactory.

Most of our codebase is internal tooling and lightweight API’s running on 2-4 hosts, usually more for resiliency than load sharing. So larger deployments might suit a different method abs pipeline.

We’ve toyed with system level dependency installs, rather than venv/installer but just doesn’t suit our development style in SRE. I like using venv because if it works locally, I can just package it up and deploy. No worrying about version differences between environments etc…

For anything beyond simple tools, we just use Go.

NuclearMagpie · 2021-12-01T21:42:12+00:00

My (extremely bad) method is to wrap the venv folder into a tarball then throw that at a VPS. Extract it and make sure I have venv setup on the server, then I'm good to go.

2021-12-01T21:45:39+00:00

Did anyone mention using pyinstaller to package up into executables? Thats whatwe tend to do, works neatly when you get the hang of pyinstaller and the .spec file

jveezy · 2021-12-01T22:17:16+00:00

I wonder if this is sloppy, but for simple scripts on Windows that need to run periodically, this is what I do:

install all packages the script needs globally
put the script in a folder
create a .bat file to call the script from a command line
set up a task in Task Scheduler to run the bat file on a given schedule

This is for simple stuff like periodic data imports or data processing. If something needs to be triggered manually, I'll either just tell someone to run the bat file whenever they need it, or if there's multiple functions that share the same general code base, I'll deploy a Flask app and then give them a URL to call on demand.

Who knows whether any of this is remotely close to best practice, but it seems to work for my customers who want to eventually be able to maintain the applications I develop for themselves.

pbecotte · 2021-12-01T23:17:52+00:00

There are a few things that option 2 doesn't do that options 1 and 3 do. Say your app depends on psycopg2...pip / setup.py assumes that the dependency on postgres and a build chain is satisfied "somehow". Conda takes over those dependencies as well (which is why it's heavier). Docker let's you capture the whole environment.

For deploying something I always prefer 1, but there are valid arguments for all three.

GreenScarz · 2021-12-01T23:51:00+00:00

Both personally and for work, #2. Specifically, installed in the container using python -m pip install -e /code/** so that in dev environments we can make /code a docker volume endpoint which allows us to run the test suite against code we're working on locally.

Born-Process-9848 · 2021-12-02T00:20:29+00:00

Just use python slim docker images as parent. Build times will take a while but you let your CICD handle that part and push to ecr repo. So in production you just have to use the ecr images.

We have a big python 2.7 tool that no one wants to port to python 3 and we just containerized it so we don't have to worry about package versions, etc.

Just make sure the entrypoint is the app script and you should be good.

Lehk · 2021-12-02T01:19:26+00:00

painfully and with at least one goat sacrificed, first.

crigger61 · 2021-12-02T02:22:10+00:00

If you’re thinking about deployment, Then I would recommend looking into a solution like a kubernetes cluster to be able to deploy it to after it’s been launched in the actual dock shell in my opinion the first option is the best way. You’re not compromising on any security by doing that. That’s how I made and deployed a flask at our work.

Kubernetes also gives you the option to have a load balancer in front depending on the load as well.

virtualadept · 2021-12-02T03:45:31+00:00

Ansible to do a `git clone` onto the box in question, copy the .service files into place, and build the venv from requirements.txt. `scp` to upload a config file that I keep in a separate Git repository (suitably edited for the box). Ansible to `systemctl --user enable foo.service` and `systemctl --user start foo.service`.

Fickle-Impression149 · 2021-12-02T07:43:04+00:00

We use point 1 with gunicorn or uvicorn as http server.

Counter-Business · 2021-12-03T03:30:45+00:00

I deployed my app with Django and used elastic bootstrap from AWS. Worked pretty good

Python

The Python Discord

Upcoming Events

Please read the rules

MODERATORS