akugel | April 7, 2023, 5:57 p.m.
Hi all, as I stated in my last post, I've been working on getting Django Unchained to run on Kubernetes. I was successful in this goal, but it wasn't fully production ready. For instance, it had to use manage.py runserver command instead of running as a Web Server Gateway Interface (WSGI) via Gunicorn. This was, in addition to being horribly inefficient, was a security risk.
I need to have django run via Gunicorn. In order to do this i needed to offload the static assets somewhere else. Since i was using the Azure Kubernetes Service, the most logical place for this would be azure blob storage!
So how do I get the static assets into azure blob storage in an automated way? Well first i need to provision the blob storage. This is done via my terraform repository.
Next, I needed to add functions in django to be able to upload the static files to azure when the manage.py collectstatic command is run. This is done using a python module called django-storages.
I needed a way to pass the key of the storage account that gets created by terraform to the python classes. This is done by creating an output, which is then retrieved via shell script and then passed to kubectl to create a secret. Now i don't have to enable debug mode to run django!
In addition to this, I added functionality to configure a self signed certificate. With an accompanying secret that is created here. This approach does require importing the tls.crt into your browser, but when that's completed, It now has end to end encryption!
I'm Anthony Kugel, a cloud engineer and freelance web developer. I made this site with the help of djangocentral.com.
LinkedIn