October 1, 2019

Static website on AWS S3 with SSL and continuous delivery

AWS S3 is perfect to host static websites. Basic setup when you have a CNAME DNS record pointing to the bucket endpoint covers a lot of use cases. Couple of things missing are SSL continuous delivery. For SSL you need CloudFront to serve as a global load balancer and provide SSL offload. To achieve continues delivery connect the GitHub repo storing the source to CodePipeline. CodePipeline is triggered at every push to the master branch and automatically updates the content of the S3 bucket with changes source files. Read more

September 15, 2019

Representing money in Python

Python’s float type is a natural first step to represent monetary amounts in the code. Almost all platforms map Python floats to IEEE-754 “double precision”. Doubles contain 53 bits of precision. When the machine is trying to represent the fractional part (mantissa) of a given number it finds a bit sequence \(b_1, b_2 ... b_{53}\) so that a sum: $$ b_1(\frac{1}{2})^{1} + b_2(\frac{1}{2})^{2} + ... + b_{53}(\frac{1}{2})^{53} $$ is close to the number as possible. Read more

August 18, 2019

CI/CD pipeline for AWS Lambda (Python runtime)

Continuous integration and continuous delivery are powerful practices that allow release software faster and of a higher quality. This post walks through steps to implement CI/CD pipeline for a small lambda function that calculates square roots by: getting message from SQS that contains the number to calculate sqrt for checks if the calculation was done before by querying DynamoDB if there is not cached answer in DynamoDB - calculate sqrt and saves the result print the result so it’s visible in CloudWatch logs Things I’d like the pipeline to do: Read more

December 12, 2018

Streaming timeseries with Flask and Plotly

This post describes simple app for streaming cpu utilization to a web page. It uses Flask as websockets server (flask-socketio plugin), socket.io as client library and plotly.js for visualization. Flask app Follow flask-socketio doc to create a flask app. SocketIO is going to use Redis as message broker as there will be a separate process that pushes messages to clients. Flask websocket server and this process will communicate through Redis. Read more

November 27, 2018

Background jobs with Flask

Basic request lifecycle with Flask goes like this: Flask gets a request is parses input parameters does necessary calculations and finally returns the result This synchronous task is fine when a user needs the result of calculation immediately. Another use case is when the result is not relevant right now and the user just wants to schedule an execution of the task asynchronously. Such scenarios include: sending an email creating thumbnails from uploaded images starting a calculation for a long CPU intensive task Common implementation Asynchronous tasks are usually implemented like this: Read more

October 26, 2018

Multitenancy with Flask

What is multi-tenancy Consider a SaaS platform that provide access to multiple client organizations. These organizations - tenants - may have each its own database for safety and data protection reasons. It can be a database on a single RDBMS server or physically different servers. Usually additional central database (i.e., General) stores metadata and list of available tenants. Flask-SQLAlchemy Flask-SQLAlchemy provides interface only to one database. Flask app configuration defines SQLALCHEMY_DATABASE_URI for connection information for it. Read more

September 27, 2018

Flask pagination macro

In this post you’ll find out how to create a pagination with Jinja macro feature. Requirements: show preconfigured limited number of pages at once collapse invisible pages under ... provide previous/next navigation buttons Jinja templates for Bootstrap4 I’ve created 3 tier structure of Jinja templates to use Bootstrap4. First - bootstrap4_base.html - loads css and js files from CDN and defines major blocks: head - holds content of the <head> tag and defines title, metas, styles body - holds content of the <body> tag and defines navbar, content, scripts navbar - for navigation bar content - for boostrap container (tag with class="container") scripts - goes in the end of the body, here is why Blocks may be extended or/and overwritten in the later templatesThis template follows Bootstrap4 intro guide Read more

August 13, 2018

Running Flask in production with Docker

Google top for running Flask with Docker is full of posts where Flask runs in debug mode. That what logs look like when Flask is in development mode: * Serving Flask app "app" (lazy loading) * Environment: production WARNING: Do not use the development server in a production environment. Use a production WSGI server instead. * Debug mode: on * Running on (Press CTRL+C to quit) I’d like to make a tutorial on how to run it with uwsgi in Docker using common Docker images. Read more

July 11, 2018

Securing Flask web applications

In this post I’d like to investigate security mechanisms available in Flask. I’ll go through different types of possible vulnerabilities and the way they can be mitigated. XSS Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. source Exploit Consider a form asking for a user input. <form method="post" action="/"> <input type="text" name="tweet"><br> <input type="submit"> </form> And a template to show tweets by other users where user input from above form passed unprocessed: Read more

May 9, 2018

Using NLTK library with AWS Lambda

This is a walk through of the process of creating a simple serverless app for finding part-of-speech tag of an input text. 1 Create virtual environment In order to separate system-wide dependencies from this app, create a separate virtual environment with: ~ mkvirtualenv nltk_env 2 Install nltk In the virtual environment use pip to install nltk package: (nltk_env) ~ pip install nltk 3 Download nltk data Pip doesn’t install additional files that are needed to the app, but nltk has a helper functions to download them: Read more

© Alexey Smirnov 2021