Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 1 year ago.
Improve this question
I want to deploy a website that uses Django on the server side and reactJs Frontend on AWS. I'm estimating traffic of about 40,000 per month. It happens that Amazon has several hosting packages. I like the EC2 instances but I don't know which particular instance will be suitable for me and being cost effective. I want to host for 6 months to get to understand the platform and later extends it if I'm comfortable with their services. The database isn't that robust. I'll also like to add updates at least two times a week.
Honestly, I haven't used AWS before and I don't even know if EC2 is the best for my project. Which of the packages will be best for my project?
Your main choice is Amazon EC2 (highly flexible) vs Amazon Lightsail (similar to a VPS).
Nobody can advise you on sizing your system, since it is totally dependent upon what your application does (video vs compute vs caching, etc) and how your users interact with the app. You should pick an Instance Type, setup a test system that simulates typical usage and then monitor how it runs.
Alternatively, pick something reasonably big, run it in production and monitor for any issues. If it all looks good, you could downsize the system.
AWS EC2 is an IaaS (Infrastructure as a Service) cloud model, and it's best suited for those who are starting to use cloud computing. We can say that it's similar to on-prem environments, you have almost full control over all aspects of computing like memory, storage, and networking, on the other hand, you need to manage them, and in some cases, you don't want or, you don't need to do. In your case, with the information provided, an EC2 seems to be the best choice, so you can safely try AWS (safely, because you will need to take care of costs, and on IaaS model you have more predictability) while learning about other services. The second step will depend on the specificities of your application like if stateful or stateless if needs to be scalable or not. Hope I have contributed.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
We have legacy .exe solution running on industrial client's desktops that I need to port over to Google App Engine. All clients will have the same version of the app, no code customization. We need to be sure that data will not be leaked between different clients of the new GAE app or be snooped on by some external party.
So I have a couple of questions that I hope someone will be able to help me out.
Option 1: Use namespaces to separate client's data. This seems quite robust at the Datastore level; without the proper namespace data would not be served. Since we have the company name of each user, I would presume this would be quite secure against leaks.
Q1: Which precautions do I need to take to avoid someone guessing or hacking at URLs to get to unauthorized data?
Option 2: We could have a separate instance of the code and datastore for each client. This would give the optimal separation between clients.
Q2: Is there a tool or API to "clone" a given GAE app to many clients? We would feed the list of clients and update the code to all those instances in one go.
Thanks!
Which precautions do I need to take to avoid someone guessing or hacking at URLs to get to unauthorized data?
Namespaces are not a security mechanism for Datastore. A user with access to one partition in a project has access to all partitions in the project. Namespaces provide a way to organize your entities within a project.
Is there a tool or API to "clone" a given GAE app to many clients? We would feed the list of clients and update the code to all those instances in one go.
To have completely isolated instances of services, you can create new projects programmatically using the Cloud Resource Manager API and access resources across projects.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 3 years ago.
Improve this question
I want to build REST API (or GraphQL API) which I want to connect with Angular (2+) to build some nice web application.
Which framework should I choose to get started with and why? DjangoREST or ExpressJS ?
Which one of them is easier to get connected with front-end frameworks?
I know python as well as JavaScript. I also have experience with django as well as some JavaScript front-end frameworks like Angular. So, it wouldn't be that difficult to get started with nodejs or either of them.
Which of then is easier and better?
In short, Django for quick development and Express for full-stack,
scalable solutions.
Django provides better, easier security without as much experience. In the case of Express, it takes so much experience and confidence to get the same security from Node.JS
Django uses the MVT (Model View Template) design pattern and Express uses event-driven programming in which the entire architecture is driven by “events” or user choices. MVT is excellent for server-side development, on the other hand, event-driven programming is rather than separating client and server sides.
Django uses an in-house template system, so you won't hang to choosing the right one. With Express, a fully open system you may spend a lot amount of time to choose the perfect one for you.
Django is more structured to work around. It tells you how to do whereas express gives you the flexibility to do it in your way. For example, you need to use Django's ORM to interact with the database, but in the case of Express, you can choose any tool you like.
Express gives you freedom. So, if you’re experienced, there is a space to create whatever you want from scratch. Django gives you a lot of solutions with a vast template and library system, which is great for productivity but not enough for the vision.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 4 years ago.
Improve this question
I want to build a webapp with Python back-end. The front-end of the webapp will just have a simple input box where the user puts an address. Then, on the back-end I want to scrape content from the webpage in that address and then process that data. This data processing might become quite heavy.
I'm quite experienced with Python, although with webapps, hosting, and so on, I have zero experience. I bought a domain name and hosting on namecheap, even though I just found out that maybe I won't be needing to use their hosting, as someone in /r/webhosting recommended me to use AWS instead. This was the methodology I was recommended to follow:
switch to AWS (or Azure)
create python lambda/function to do whatever you want to do with this request...
put lambda behind api-gateway
put Cloudfront in front of api-gateway (optional but hey..)
I have seen tutorials to point the namecheap domain into an EC2 instance. But how do I go about doing this with Lambda? Is it the same principle? Can you point me to any tutorials that might teach me how to handle this? Is Lambda actually the optimal solution for this?
Thanks!
This is a great starting point: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-quick-start.html
Aws sam handles creation and deployment of your Lambda and API Gateway. To have your API/web app exposed to a custom domain, you will need to create a AWS ACM SSL certificate and create a custom domain on your API Gateway. Basically it will create a hidden Cloudfront Distribution that you can use to setup your DNS.
Good luck!
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 days ago.
Improve this question
How to transfer session to another compute node with python in the following case?
case 1: If using kubernete,
case 2: Or using autoscale,
case 3: if using Amazon,
How to transfer session to another compute node with python?
So that program can run forever
Nope, none of those things can transfer a process with all of its in-memory and on-disk state across hosts.
If you’re looking at Kubernetes already, I’d encourage you to design your application so that it doesn’t have any local state. Everything it knows about lives in a database that’s maintained separately (if you’re into AWS, it could be an RDS hosted database or something else). Then you can easily run multiple copies of it (maybe multiple replicas in a Kubernetes ReplicaSet or Deployment) and easily kill one off to restart it somewhere else.
One of the high-end virtualization solutions might be able to do what you’re asking, but keeping a program running forever forever is pretty hard, particularly in a scripting language like Python. (How do you update the program? How do you update the underlying OS, when it needs to reboot to take a kernel update?)
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I know this is technically a duplicate question, but I believe it is valid since the original question was submitted 7 years ago and Python/web security has come a long way since then.
I would like to build a web app that allows users to input python code (through the Ace editor package) and then execute it in the browser using a python interpreter on the server. I cannot use pypy.js because I need to use numpy, pandas, and matplotlib. Essentially I would like to make my own Codecademy (I am a teacher and would like to create Codecademy-like courses for my students). Sadly the create-a-course thing Codecademy mentioned at one point has come to nothing.
I'm using Flask, but I could learn Django if that would be easier.
What is the best way to allow my users to run the python code without allowing them to affect the rest of the program or access files outside of what they're allowed to?
There were no fundamental changes in Python or web security the last 7 years. It is still suicidal to allow users to run code on your server.
However, what did change is the availability of lightweight VM solutions like docker.
For an example how this could work have a look at https://civisanalytics.com/blog/engineering/2014/08/14/Using-Docker-to-Run-Python/ . I will not reference this solution here as you will found other examples, even if this one goes away.
However, this might be more safe then running user code direct on your server, BUT
the user code is still running on your server. It might be not possible to escape the docker image, but a malicious user could still upload for eg. a denial of service tool and start an attack from your server. Or sniff your network traffic or whatever.
there are or at least might be ways to break out of the docker image.
For a controlled environment like a classroom those risks might be acceptable, but for a public server you would need a lot of security know how to further lock down the server and the docker image and filter available python functionality.