Creative Dissonance

Deploying a Pylons App to Production, Step-by-Step (Part 1 of 2)

I think there’s a very good reason why the “Deployment” chapter in the official Pylons book is listed in section entitled “Expert Pylons.” Deploying a Pylons app into a production environment can be a real hair-puller for the folks coming from the PHP or ASP/ASP.Net worlds.

Like most everything else about Pylons, you have a lot of choices when it comes to production deployment. The goal of this article is to take you through one particular process, step-by-step. This isn’t your only option, and (depending on your needs) may not even be the best choice for you. However, it’s worked well for me. The components that I will be using are:

CentOS 5.2
Apache 2 / Nginx 0.7.65
FastCGI
Pylons 0.9.7
Subversion

Preparing the Production Environment

Installing Nginx

Nginx (“engine x”) is a lightweight HTTP server. Until this project, I’d never touched it. However, I decided to try it after I managed to bork my Apache install trying to recompile it with FastCGI support. After spending two hours fixing that, I was loathe to continue poking at the httpd beast with a stick. Additionally, I knew that reddit serves about 200M pageviews/mo. using Nginx in front of a Pylons app, so it made sense to at least explore it as another path.

I was very pleasantly surprised with the outcome. Even though I compiled from source and had zero prior experience with it, getting Nginx working was actually the easiest part of this project. It simply needs to be downloaded, compiled, and installed:

cd /var/src
wget http://nginx.org/download/nginx-0.7.65.tar.gz
tar zxvf nginx-0.7.65.tar.gz
cd nginx-0.7.65
./configure
make && make install

Finally, let’s add a new non-privileged account and adjust the file ownership:

adduser nginx
chown -R nginx:nginx /usr/local/nginx

Tada! You now have a working installation of nginx installed in /usr/local/nginx. If the config command yells at you, you probably need to install some dependencies. On one of the servers I use, it complained about not being able to find PCRE, however yum install pcre-devel quickly solved that problem.

You’ll most likely want Nginx to start and stop when the server boots/shutsdown, so go ahead and add the appropriate init.d script:

cd /etc/init.d/
wget http://blog.rightbrainnetworks.com/custom/nginx_init.txt
mv nginx_initd.txt nginx
chmod +x nginx
chkconfig --add nginx
chkconfig --level 345 nginx on

If you’ve modified the default install location (by running ./configure --prefix=/my/new/path when you configured nginx), be sure to modify the init.d script appropriately. We’ll want to configure ngix before we start it, but first we’ll deal with Apache…

Dealing with Apache

If you’re able to remove Apache from your existing server, or you’re building a box specifically for your Pylons app, you’re in an enviable position. Feel free to skip this section. However, for the rest of us wanting to run Nginx and Apache on the same server to maintain existing applications/websites, there are a couple of hoops that need to be jumped through first. You have three basic options when choosing to go this route:

Add another public IP address to your server. Configure Apache not to bind to that new address and use it exclusively with Nginx.
Proxy the Apache requests using Nginx.
Proxy the Nginx requests using Apache.

Option one is certainly the most simple of the bunch and is the preferable choice of the three. However, adding an additional IP may not an option for a lot of people. Configuring Nginx to pass through (proxy) requests for your legacy sites to Apache is certainly doable. But being that a goal of mine is to leave the existing environment as untouched as possible, it probably makes the most sense to configure Nginx to run behind Apache rather than vice-versa. Fortunately, this isn’t difficult to configure. At the bottom of your /etc/httpd/conf/httpd.conf file add the following:

<VirtualHost *:80>
        ServerName www.your-pylons-website.com
        ServerAlias your-pylons-website.com
        ProxyPass / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/
        ProxyPreserveHost On
        ErrorLog /path/to/your/error_log
        CustomLog "|/usr/sbin/rotatelogs /path/to/your/access_logs/www.%Y%m%d.log 84500" combined
</VirtualHost>

Depending on the complexity of your httpd.conf, it might be better to create this config in a seperate file and put it in the Apache config includes directory (/etc/httpd/conf.d). Lines #4 and #5 contain the TCP port number that you will be configuring nginx to listen on. You may pick almost any port that you wish, but since you’ll be running nginx under a non-privileged (non-root) user account for security reasons, the port has to be >1024. Feel free to change the “ErrorLog”, “CustomLog”, “ServerName”, and “ServerAlias” lines to suit your needs. Once the config is modified, give Apache a heads-up with a /etc/init.d/httpd reload command.

Configuring Nginx

Now that we know which port Apache is expecting Nginx to be listening at, we can finish the Nginx configuration. The file that we’re interested in is the main config file, /usr/local/nginx/conf/nginx.conf:

user nginx;
worker_processes  1;
 
error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
 
#pid        logs/nginx.pid;
 
 
events {
    worker_connections  1024;
}
 
 
http {
    include       mime.types;
    default_type  application/octet-stream;
 
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
 
    #access_log  logs/access.log  main;
 
    sendfile        on;
    #tcp_nopush     on;
 
    #keepalive_timeout  0;
    keepalive_timeout  65;
 
    #gzip  on;
 
    server {
        listen       8080;
        server_name  www.your-pylons-project.com your-pylons-project.com;
 
        #charset koi8-r;
 
        #access_log  logs/host.access.log  main;
 
        location / {
        #    root   html;
        #    index  index.html index.htm;
             include /usr/local/nginx/conf/fastcgi.conf;
             fastcgi_index index;
             fastcgi_pass  127.0.0.1:9000;
         }
 
 
        #error_page  404              /404.html;
 
        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
 
        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}
 
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}
 
        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }
 
 
    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;
 
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
 
 
    # HTTPS server
    #
    #server {
    #    listen       443;
    #    server_name  localhost;
 
    #    ssl                  on;
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;
 
    #    ssl_session_timeout  5m;
 
    #    ssl_protocols  SSLv2 SSLv3 TLSv1;
    #    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    #    ssl_prefer_server_ciphers   on;
 
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
 
}

As previously mentioned, this is the first time that I’ve used Nginx so its config file is largely the default. The lines that I’ve modified/added are #1, #35-36, and #42-48. The port number specified in line #35 should match the port you chose in the Apache ProxyPass configuration. Or, if you’re not using Apache in front of Nginx (or have the two daemons bound to separate IP addresses), you’ll probably want to listen on the standard port 80. Line #47 is the host/port used by FastCGI to communicate with your Pylons app. Again, you may chose almost any arbitrary port, so long as it matches up with the value in your project’s production.ini (but we’ll get to that topic in Part 2 of this tutorial).

Conclusion

At this point, you should have your production environment ready to go and awaiting your Pylons application. In Part 2 of this tutorial I will discuss how to package up the application for deployment directly from your Subversion repository and then fire it up in a live environment.

Adding a “disable” feature to the script.aculo.us Ajax.Autocompleter

Scriptalicious’s Ajax.Autocompleter control is pretty cool. It allows a developer to add a drop-down auto-completion feature to an input box with one line of Javascript and a single div tag in the HTML. However (surprisingly), it doesn’t provide a means to turn off the autocompletion feature once it’s attached it to the target text box. There’s no method or property to disable the feature and setting the object to null has no effect (because it doesn’t affect the observers, but we’ll get to that…)

Line #8 doesn’t work as expected:

var autocomplete;
 
if( $('search_box') ) {
    autocomplete = new Ajax.Autocompleter("search_box", "choices", "/Autocomplete", {'frequency': 0.2, 'minChars': 3});
}
 
function disableAutocomplete() {
    autocomplete = null;
}

The top Google result for this issue talks about patching script.aculo.us’s “controls.js”. However, I rejected this solution because I typically load the libraries using Google’s JS API rather than serving them off my web server. Via Google the libraries load faster because they’re served off a CDN. Plus, I don’t have to pay for the bandwidth and it’s just generally more convenient.

Another solution I found is a ticket in RoR’s Trac system. Rather than hacking the source file, this used class inheritance to extend the functionality of the base Ajax.Autocompleter. This looked great because I could continue to use Google’s JS API. The bad news is that the ticket (and solution) was written over three years ago. It did not work with script.aculo.us v1.8.x or prototype.js v1.6.1.

The primary reason why this class was broken was that the methods in which the prototype library keeps track of Event observers changed considerably between versions 1.5, 1.6, and 1.6.1. Long story short: I ended up rewriting the second solution to work with prototype.js 1.6.1 and script.aculo.us v1.8.3.

My new Ajax.ToggleableAutocompleter class:

Ajax.ToggleableAutocompleter= Class.create();
Object.extend(Object.extend(Ajax.ToggleableAutocompleter.prototype, Autocompleter.Base.prototype), {
  initialize: function(element, update, url, options) {
    this.baseInitialize(element, update, options);
    this.options.asynchronous  = true;
    this.options.onComplete    = this.onComplete.bind(this);
    this.options.defaultParams = this.options.parameters || null;
    this.url                   = url;
    this.blurHandler           = new Array();
    this.keydownHandler        = new Array();
    this.keypressHandler       = new Array();    
  },
 
  disable: function() {
    var el = this.element;
    this.hide();
 
    if (this.blurHandler.length==0 && this.keydownHandler.length==0 && this.keypressHandler.length==0) {
        this._registerHandlers();
    }
 
    this.blurHandler.each( function(handler) {
      el.stopObserving('blur', handler);
      el.getStorage().get('prototype_event_registry').unset('blur');
    });    
 
    this.keydownHandler.each( function(handler) {
      el.stopObserving('keydown', handler);
      el.getStorage().get('prototype_event_registry').unset('keydown');
    });      
 
    this.keypressHandler.each( function(handler) {
      el.stopObserving('keypress', handler);
      el.getStorage().get('prototype_event_registry').unset('keypress');      
    });
  },
 
  enable: function() {
    var ele=this.element;
    for (var i = 0; i < this.blurHandler.length; i++) {
      Event.observe(ele, "blur", this.blurHandler[i]);
    }
    for (var i = 0; i < this.keydownHandler.length; i++) {
      Event.observe(ele, "keydown", this.keydownHandler[i]);
    }
    for (var i = 0; i < this.keypressHandler.length; i++) {
      Event.observe(ele, "keypress", this.keypressHandler[i]);
    }    
  },
 
  onComplete: function(request) {
    this.updateChoices(request.responseText);
  },
 
  getUpdatedChoices: function() {
    this.startIndicator();
 
    var entry = encodeURIComponent(this.options.paramName) + '=' +
      encodeURIComponent(this.getToken());
 
    this.options.parameters = this.options.callback ?
      this.options.callback(this.element, entry) : entry;
 
    if(this.options.defaultParams)
      this.options.parameters += '&' + this.options.defaultParams;
 
    new Ajax.Request(this.url, this.options);
  },
 
  _registerHandlers: function() {
    var o = this;
    if ( !o.element.getStorage().get('prototype_event_registry').size() > 0 ) return;
    with( o.element.getStorage().get('prototype_event_registry') ) {
       var blurEvents = get('blur');
       var keypressEvents = get('keypress');
       var keydownEvents = get('keydown');
    }
    if( blurEvents ) blurEvents.each(function(e){ 
         o.blurHandler.push(e.handler);
    });
    if( keypressEvents ) keypressEvents.each(function(e){
         o.keypressHandler.push(e.handler);
    });
    if( keydownEvents ) keydownEvents.each(function(e){
         o.keydownHandler.push(e.handler);
    });
  }
});

To use it:

var autocomplete;
 
if( $('search_box') ) {
    autocomplete = new Ajax.ToggleableAutocompleter("search_box", "choices", "/Autocomplete", {'frequency': 0.2, 'minChars': 3});
}
 
function disableAutocomplete() {
    autocomplete.disable();
}
 
function enableAutocomplete() {
    autocomplete.enable();
}

Rebooted… again.

I’ve been half-heartily blogging for a few years now. Every so often I’ll get the urge, write something, and then leave it untouched for months. I’d be loath to come back to the blog because it felt that I somehow let the Internet down by not writing more frequently. As silly as that sounds, it seems to be a pretty common feeling/trend among bloggers. All the experts urge to post at least once a week, hopefully even daily. It’s an attempt to remain relevant in our Twitter-fueled world, it seems.

But this is an attitude that I’ve recently come to regard as misguided. It was reading this post at reddit (written by the Internet-famous Maddox) that really cemented this observation for me. People are inundated with “what’s new!” nearly 24/7 nowadays. Being topical is no longer as important as it used to be because everyone is topical. So I’ve chosen to focus this blog on quality rather than quantity.

I’ll eventually get around to importing some of my more popular old blog posts from backups. But until then, please enjoy my leisurely-written new posts.