Sunday 1:10 p.m.–1:40 p.m. in Grand Ballroom C

Systemd: why you should care as a Python developer

Alvaro Leiva Geisse

Description

Done! Your shiny new application is functionally complete and ready to be deployed to production! But how exactly do you deploy properly on Linux? Wonder no more! In 30 minutes, this talk explains how you can harness the power of the init system and systemd to solve common deployment problems, including some that you didn't even know you had. Examples of things we will cover: * How to secure your system by having: private /tmp for your process, read-only paths so that your process can not write to them, inaccessible paths, protect users home, network access, bin directories, etc. * How to limit the resources you app can consume. * How to interact directly with systemd, so it can start transient units, start/stop services, mount disks, resolve addresses. * How to isolate your service without containers. * How to isolate your service using containers (using systemd to spawn a namespace). All this will be covered from a Python developer's perspective.