PyCon Tutorials, day 2, Liveblog

I’ll update this as the day progresses at PyCon 2010.


1634: It’s just dawned on me that Jacob has as much energy at 4:30 pm as he does at 9:00 am. Yeow.

1620: Linux-HA for redundancy at the very front-end.

1605: Database redundancy via connection middleware. The next release of PostgreSQL will have built-in hot-standby. Advocates pgpool-II. Don’t run the connection pool middleware on the same server hosting the DBMS. Duh. He installed pgpool-II on both httpd servers.

1541: Caching: Memcached. The end. He advocates running memcached on every machine with RAM to spare. Adding extra machines = increasing memcached’s key space. Allocate 1/8 to 1/4 of memory to memcached.

1539: By his descriptions of their capabilities, Perlbal is a win over Nginx as a load balancer. Which matches everything else I’ve heard. I’ll have to ask him why he’s then showing how to use Nginx as a load balancer.

1516: For Nginx, he recommends 1 – 2x worker processes per processor, and 100 worker_connections per process. Perlbal will let you dynamically add and remove servers, which is what you want for a load balancer; Nginx needs to be restarted – hrm, it’s then slightly odd that he prefers it for load balancing.

1449: A small site could maybe have a load balancer in a VM. But normally, it only makes sense to have its own physical box. For static media servers, he likes lighttpd over Nginx, but he prefers AWS or Rackspace over either of them. He uses django-storages to abstract the storage to a cloud.

1441: On to load balancers. He advocates using a load balancer in front of one server box, because slow clients can bottle up a server without one. It also of course makes scaling trivial if the load balancer is already in place. Nginx can handle a couple thousand simultaneous connections, no problem. He uses Nginix for load balancing; also likes Perlbal and lighttpd for this. Interesting.

1436: Jacob prefers Puppet for configuration management. Bcfg2 is in Python, but its configurations are in XML. Gah! “There’s a book on Puppet; don’t waste your money.”

1422: Segueing into automation. He prefers Fabric. Paver is also interesting.

1402: Mod_wsgi is a win over mod_python. The speed is about the same, but the amount and predictability of memory consumption is better. I’ve now heard this from enough sources that I’ll take it on faith. Jacob uses the threaded MPM, and it works fine for him; he didn’t give any credence to MPM performance problem anecdotes/rumors. He likes Nginx, Perlbal, and lighttpd as lightweight servers with limited roles, and Apache httpd for applications.

1344: By default, PostgreSQL listens on all ports. Good security practice is to configure it to listen on just one port of a private IP. One of his hot buttons is taking the time to understand every line in your configuration files.

1314: “Django Deployment Workshop. Looks like this will be more about manual deployment, i.e., what bits need to go where for a production deployment. And not about best practices for automating it with, say, Buildout. Jacob favors Buildout.

1217: Breaking for lunch.

1200: I see the benefit of Activity Streams. I’m less sure of oEmbed, maybe because I haven’t the social media experience to fully grok the problem it purports to solve.

1146: JSON is better than pickle for serialization in Python. It’s faster (!), incorporated in Python as of 2.6, human readable, and standard.

1118: One of the speakers reminds me of me when I was much younger. This is a world-class-creepy realization.


OAuth Problems

1053: Some of these slides would be much clearer as an FSM diagram, or even just an informal graphic. For example, describing how OAuth authentication works.

1044: This is a great slide:

Password Anti-Pattern

1009: WebFinger is interesting. From hueniverse:

WebFinger Rationale

0945: Fundamentally, even if my site uses OpenID, I still must support a local user profile for settings that are local to my site. Supporting OpenID means adding a big ball of hair to my site code, vs. just using django-registration and calling it a day. You need to learn a fair amount to implement it correctly for no benefit to your workload, and almost no benefit to the user if she already uses a password manager. Fail.

0936: 1Password gives me most of OpenID’s benefits without any of the hassle – plus with major advantages. Now doing a Django OpenID example.

OpenID Problems

0926: Talking about OpenID now. Wonder if OpenID’s deficiencies will be addressed (man-in-the-middle attacks, overly complex sequences for the average web user). Ah, they are!


Python Open Stack Technologies


The Open Stack

0907: Mike Malone is one of the talkers. Huh, I’ve been following him on Twitter. Presentation is at Three areas: Identity, relationships, and content & activity.

0821: Nice breakfast with members of the PyCon 2010 A/V team, most of whom where from Denmark. Now getting ready for “Open Stack: Hacking the Social Web.”

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.