An iterative packaging plan for your Python application
You know the basics of packaging your Python application for Docker, but do you know enough to run that image in production? Bad packaging can result in security and production problems, not to mention wasted time try to debug unreproducible errors.
And even if you figure out the best practices, there's still a huge number of details to get right, many of which interact with each other in unexpected ways. My personal list includes over 60 Docker packaging best practices, and it keeps growing. So where do you start? What should you do first?
To help you quickly package your application in a production-ready way, this talk will give you a plan to help you prioritize and iteratively implement these best practices, by starting with the highest priority best practices (security, automation), moving on the correctness and reproducibility, and finally focusing on optimization.
To make this process more concrete, along the way you'll also learn some of the techniques needed to build production-ready images:
- Running as a non-root, for increased security.
- Debugging C crashes with faulthandler.
- Faster startup with pre-compiled .pycs.
- Smaller images by disabling pip caching.
- Avoiding Alpine Linux.
- And more!
At the end of the talk you'll also get some resources to teach you even more best practices that can't be fit in a 30-minute talk.
This talk is for Python programmers who know the basics of Docker packaging, and need to run the resulting images in a production environment.