Dynamic web applications¶
For more complex dynamic web applications, you can build something with Python (e.g., using Django or Flask) or something else. Once you have developed and tested your application, there are 2 options to deploy it on Ponyland:
- A webservice in the form of a OCI/Docker image. See Webservices.
- Managing your own LXC/LXD container. See LXD Containers.
Note that in either case, the production environment is strictly isolated from
the rest of ponyland (on the Lightning server). It is very important your system makes no reference to
any absolute paths. All paths should be configurable and/or relative and all
data your system needs should be obtainable from somewhere during the
provisioning stage rather than be in a presupposed location. Notably, all
references to /vol/tensusers
, /vol/customopt
, /home/*
will fail in the
production environment because these mounts do not exist there.
Instead of option 1, there used to be an option using LaMachine, that solution, however, was deprecated in 2022.
Frequently Asked Questions¶
Can't I just run my web application on a ponyland computing server myself?¶
No, that is only suitable for development purposes by yourself and possibly a small team around you. The computing servers are not meant to host services exposed to the public. The firewall deliberately prevents public access, which is why you need a VPN connection or ssh tunnel during development.
The main reason you can't do this is because of security. If you run a service
in that way, it runs under your normal UID, which has fairly extensive access
rights to ponyland, including all your data on /vol/tensusers
, shared data in
/vol/corpora
, of some of your peers, etc... If an attacker manages to
gain access via your application due to a vulnerability in the software, this
might lead to all that data being compromised.
Furthermore, the development webservers that come with many web frameworks are not optimized for security nor for performance, production webservers are.
My web application needs a GPU, what to do?¶
First consider if you really need a GPU, they are generally only needed for model building, whereas most web services simply apply models that have already been built in a prior training stage.
If you do need a GPU, then this is currently the only exceptional case in which you can host a webservice on a ponyland computing server, as the production server (lighting) has no GPU.
However, the service that needs a GPU should be as minimal as possible, i.e. it should only handle parts that require a GPU. In such cases your service is usually split into two; one running the normal way on our production server (lightning), which end-users connect to, and one minimal service running on a ponyland computing server. The former then communicates with the latter and the latter is never exposed directly to the public.