Sessions at DjangoCon US 2011 about Django

Your current filters are…

Monday 5th September 2011

  • Test Anything, Test Everything

    by Dave Dash

    Testing in Django is easy if you're testing models against your database. What happens when you need to test other-systems, like a search engine, or an API? This tutorial will cover how I built SphinxTestCase, ESTestCase and redisutils to allow us to maintain test coverage on our web sites.

    Testing backends other than your database can be tricky. It's entirely necessary, however, otherwise you'll start getting glaring holes in terms of coverage.

    This tutorial will show you how to subclass TestCase and properly setup and teardown external systems.

    It will also show you how to be nice to your other developers who may want to opt-out of testing backend systems (like search).

    At 9:00am to 12:30pm, Monday 5th September

  • Ultimate Django Tutorial Workshop

    by Katharine Jarmul, Audrey Roy, Corey Bertram, Shimon Rura, Jacob Kaplan-Moss, Daniel Greenfeld, James Punteney and Russell Keith-Magee

    All proceeds earned from this tutorial will go to the Pyladies sponsors program.

    This will be a walk-through of the Django Tutorial, where everyone works together with the instructor and lab-assistants to complete the tutorial. If enough time remains, we'll also use one of the new Django hosts (such as http://gondor.io or http://djangozoom.com) to post student projects on-line.

    Students need to already have Python 2.6/2.7 installed on their machine and have already completed an introductory Python course such as http://learnpythonthehardway.org.

    At 9:00am to 12:30pm, Monday 5th September

  • Deploying Django Applications With Amazon Web Services (DA CLOUD!)

    by Corey Bertram

    We all know that Django makes building web apps with python really easy, but few realize that Amazon Web Services makes deploying scalable fault tolerant applications just as easy! This class will focus on taking a provided Django web application and deploying it to AWS through a series of hands on exercises using many of the AWS services and some very easy to use open source Django applications.

    In this class we will start with a demo Django app that they will use for the rest of the exercises. Before getting started there will be a brief intro to Boto, a python project that makes working with AWS a joy.

    At 2:00pm to 5:30pm, Monday 5th September

  • Unbreaking Your Django Application

    by Christophe Pettus

    An application that works great in development and test can be crushed by real-life deployment. Don't let your project be one of them. In a hands-on workshop, fix a (realistically) broken Django example so that it can hold its head high under load.

    Your Django application runs wonderfully in test and in beta, and with great fanfare you launch it, and... it falls over and goes boom. The speed of development that frameworks like Django give you can result in some ugly secrets when the application experiences real load for the first time.

    In this hands-on workshop, we’ll take a (supplied) Django application and fix it up so that it can survive in the wild. Topics will include caching in all its myriad forms, getting the most out of the ORM, database optimization, and deployment environments. We’ll use PostgreSQL as the underlying database, but the techniques here are applicable to any database and, indeed, nearly any application development environment.

    Among the topics we'll cover are:

    • Model design for best performance.
    • Optimal indexing strategy.
    • Effective caching.
    • Transaction management and avoiding lock conflicts.
    • Efficient use of the ORM.
    • When and how to move work into the database.
    • External caches, poolers and load balancers for high-volume sites.
    • How to debug performance at the database level.

    At 2:00pm to 5:30pm, Monday 5th September

Tuesday 6th September 2011

  • From Designer to Django'er in Six Weeks: A Story from Solo Founder

    by Tracy Osborn

    Django gives you the tools to start a successful web app even if you're new to development. Learn how to build and launch a web startup whilst avoiding common pitalls and problems.

    You don't have to be an expert programmer to launch a web startup; designers, marketers, and novice developers can all use Django to quickly launch a web app, build a company, and start bringing in revenue. It's a common trap to get caught up in endless development — follow these tips and tricks to get launched even when you're still learning.

    At 10:30am to 11:10am, Tuesday 6th September

  • Testing with Lettuce and Splinter

    by Adam Nelson

    Lettuce, adapted from Ruby's Cucumber, is a behavior driven development (BDD) testing suite that sits on top of Splinter - a web driver for simulating real-world usage of your site. Learn the ins and outs of BDD using Lettuce and Splinter for rapid deployment.

    Yipit uses Lettuce and Splinter to simulate users moving through the actual site under different scenarios. Unlike unit testing, this allows a tester to find problems at various levels (including Javascript and HTML defects) and under various situations specific to a browser environment. This talk will introduce various tools available right now as well as how to write extensible tests for a production environment. Ways to integrate testing into the release process will also be discussed.

    At 10:30am to 11:20am, Tuesday 6th September

  • Monkeying Around with Python at New Relic

    by Graham Dumpleton

    This session will cover the challenges of creating a production application performance monitoring system for Python. It includes an overview of the architecture of the system, as well as how it hooks into Django and captures details about web transactions, database transactions, memcache requests, exceptions and much more.

    This session provides a technical review of the challenges associated with instrumenting Python for production monitoring. How do you place monitoring hooks into code that cannot be modified directly in order to collect meaningful performance data? Concepts covered in this session will include:

    • Using context manager objects to time execution of code.
    • Using context manager objects to catch details of exceptions.
    • Applying a context manager to functions using wrappers and decorators.
    • Applying a context manager to WSGI applications and components.
    • How to go about applying the above to existing code using monkey patching.
    • Deriving the name of a wrapped object for identification purposes.
    • Using post import hooks as a means to trigger monkey patching.
    • Driving the process of monkey patching from a configuration file.

    The talk includes real-world examples of how these mechanisms have been used to add instrumentation to the Django web framework in order to collect actionable performance data.

    At 11:20am to 12:00pm, Tuesday 6th September

  • Django Hosting Panel

    by Sean O'Connor

    Over the last year there's a been a whole new crop of specialized hosting platforms for Django applications. In this panel, we speak to a number of the people behind these new platforms to discuss what benefits they offer, what challenges they face, and what the Django project/community can do to encourage their growth.

    This is a moderated discussion among a variety of new, specialized, Django hosting providers. Each participant will be given an opportunity to provide a brief overview of their offering and what benefits it provides over other solutions. After these introductions, the focus of the panel will be to discuss the common issues being faced by these new platforms, what they are doing to address the issues raised, and what the Django community can do to improve the available hosting options.

    At 1:30pm to 2:10pm, Tuesday 6th September

    Coverage video

  • Real-Time Django

    by Adam Miskiewicz and Ben Slavin

    The web is live. APIs give us access to continuously changing data. We discuss ways to get real-time data into your app, how to handle data processing and what to do when you get thousands of updates per second.

    "Caching is the answer" can't always be the answer. We discuss how to ensure your site is up-to-date when the data behind it is continuously changing.

    We'll discuss three primary areas pertaining to real-time-data.


    • Streaming APIs
    • Polled APIs (and strategies for dealing with rate limits)
    • PubSubHubbub


    • Denormalization
    • Workers
    • Incremental and generational MapReduce


    • Partial caching
    • Continuous caching
    • Broadcasting real-time updates
    • Failure models

    At 2:20pm to 3:00pm, Tuesday 6th September

  • Testing: The Developer Strikes Back

    by Sandy Strong

    “Code not tested is broken by design” - Jacob Kaplan-Moss Every programming project has unique testing needs. It’s not always easy to understand what those needs are, or how to write tests that satisfy them. One of our goals as developers is to write tests that minimize failures in production that can cost our companies time, money, resources, and in many cases, hours of sleep!

    Every programming project has unique testing needs. It’s not always easy to understand what those needs are, or how to write tests that satisfy them. One of our goals as developers is to write tests that minimize failures in production that can cost our companies time, money, resources, and in many cases, hours of sleep!

    At 2:20pm to 3:00pm, Tuesday 6th September

  • State of the DSF Keynote

    by Russell Keith-Magee

    At 3:30pm to 4:20pm, Tuesday 6th September

  • A summer in the wild

    by Alex Gaynor

    I've spent this past summer away from Django, working for Quora, venturing into the depths of a foreign codebase, and making it faster by running on PyPy. This talk will feature the lessons I've learned about Django, PyPy, and web development in general.

    This talk is going to cover some pretty eclectic ground. Some of the stuff I'm going to talk about includes:

    • Making stuff run on PyPy
    • Profiling and benchmarking a webapp
    • Stuff I missed when I wasn't using Django
    • Tools every Pythonista must be using
    • Good ideas from Quora that Django should steal
    • Learning a giant codebase on the quick
    • Process is no substitute for good process

    At 4:20pm to 5:10pm, Tuesday 6th September

    Coverage slide deck

  • Secrets of PostgreSQL Performance

    by Frank Wiles

    PostgreSQL is effectively the default RDBMS for Django. Learn the dark arts of optimizing this powerful database to be blazingly fast on your own hardware or in the cloud.

    PostgreSQL has been the default recommended database since Django was initially released. Learn the dark arts of optimizing this powerful database. Both in general use cases and specifically for Django.

    In this talk you'll learn:

    ->Things to avoid
    -double duty servers
    -disk contention
    -unnecessary queries

    ->The "Big 3" configuration options you should always adjust
    - shared_buffers
    - effective_cache_size
    - random_page_cost

    ->Other useful configuration options

    ->Hardware considerations
    - RAM, disks, and CPU
    - Rackspace Cloud vs Amazon EC2
    - tablespaces
    - SSDs

    -> Common Django ORM issues
    - Slow count() operations

    -> Indexing Tips and Tricks
    - Index types
    - Multi-column indexes
    - Partial indexes

    -> Performance Tools you can use

    -> The "Dark Arts"
    - Planner Statistics
    - materialized views
    - crazy replication

    At 4:20pm to 5:00pm, Tuesday 6th September

Wednesday 7th September 2011

  • Django Package Thunderdome: Is Your Package Worthy?

    by Audrey Roy and Daniel Greenfeld

    What makes a package useful? What is it about certain packages that makes them must-haves for any project? I’ll go over topics like: purpose, structure, docs, tests, availability on PyPI and Github/Bitbucket, activity, and more. I will visit some of the most useful grids on djangopackages.com and highlight my top package picks, showing examples of what makes these top packages so great.

    What makes a Django package usable? (10 min)

    Modularity (pluggability)
    Availability on PyPI
    Availability on Github/Bitbucket
    Code quality
    Package evaluations (25 min)

    Go to a Django Packages grid
    Drill down into doc/code examples from winning packages to show what makes them so usable
    Making your favorite project get onto my favorites list (5 min)

    Here's a rough outline of what we have in mind:


    1. To paraphrase James Bennett, the smaller the scope and greater the focus of your app, the better it will be. Application logic can be tighter and patching/replacing the app is easier.
    2. The package addresses a real need.


    1. No docs means your app fails. I won't even look at it.
    2. Doc strings do not suffice as documentation.
    3. Bonus points awarded for using rtfd.org for documentation hosting.
    4. If there are dependencies, you must make the requirements clear.
    5. The installation steps should be bulletproof. I should be able to follow your install docs and have the package just work.

    1. No tests means it is hard to do Python/Django/Dependency upgrades
    2. No tests means the the code is unpredictable.

    1. When was the last contribution?
    2. How many people are contributing?
    3. Who is contributing?
    4. Attribution of authors: every author and contributor should be credited. This shows that you're willing to go the extra mile for your package.

    Modularity (pluggability)
    1. Installation should be minimally invasive to the rest of your project.
    2. Do not confuse pluggability with over-engineering for every generic use case.
    3. Within your app, sub-modularity is great, e.g. different registration backends for django-registration

    Availability on PyPI
    1. Give your package proper version numbers and always have the latest release available on PyPI.

    Version Control Hosting
    1. If you aren't on Github or Bitbucket you don't exist. Nothing else has the visibility for Django developers.
    2. Launchpad and SourceForge are much less popular
    3. Google Project Hosting lacks an API, so no metrics can be gathered.

    Code quality / Best practices
    1. Code follows PEP-8?
    2. Tries not to have too many variables set in settings.py?
    3. Easy to plug in, INSTALLED_APPS = ‘foo’ preferred.
    4. Naming of your app: should be django-something, should be descriptive

    Fundamentals that every project needs

    Database migrations

    A sheet of useful packages recommended by Django developers whose opinions we respect deeply.

    At 11:20am to 12:00pm, Wednesday 7th September

    Coverage video

  • RESTful APIs: Promises & Lies

    by Tareque Hossain

    Over the last few years RESTful APIs have become an integral part of many django projects. But some of the fundamental questions still remain unanswered. How do you decouple resources from models, formatting from definitions, authorization from authentication? How should you define resources? How do you handle pagination? Deliver facets? Prevent abuse? Implement versioning? Let's have a look.

    Implementing RESTful APIs for django applications used to be the talk of the town. Eventually a few API frameworks emerged. Some were designed to provide a quick & easy path to implementation. Some focused on decoupling components as much as possible. At the same time, numerous blog posts were published and emails exchanged seeking/ pitching sound API concepts & best practices. Somehow till this date, there is arguably no single solution that addresses all of the major concepts/practices around designing & securing RESTful APIs. Why? What were the promises? What were the lies?

    In this talk, an attempt is made in identifying these concepts/practices in light of recent experiences with a PBS Education Technology project. In designing a RESTful API, it is important to establish a relatively simple resource definition that is uniform across all resources, yet powerful enough to deliver errors, pagination, facets as well as data from attributes/ methods of various models/ instances. It is also desirable to have serialization formats decoupled from these definitions and delivered to consumers according to their preferences.

    Securing the API is a complex task as well. Not all RESTful APIs are meant for public consumption. Yet it is necessary to make AJAX calls that might leave the API vulnerable and expose security patterns. This talk highlights why it is important to have decoupled authentication backends, why 2-legged-OAuth can be an excellent choice in protecting the API and how adding pre-approved tokens can help differentiate between user/ application specific calls.

    Concepts/ best practices evolve over time. So should the API. Sometimes it is necessary to perform refactoring or optimization that alters the API significantly. In any case, establishing a path to versioning API components is a prudent choice. Here, the fundamentals are explored.

    Rest of the talk presents how PBS Education Technology team enhanced django-piston to incorporate the ideas and suggestions mentioned above. Also consumer side practices and security implementations are demonstrated using code examples.

    At 11:20am to 12:00pm, Wednesday 7th September

  • A Little South Sanity

    by Brian Luft

    South is a useful tool in agile development environments, but learning to use it effectively can take some practice. In this demo-driven talk we'll walk through some common workflow examples, disect a couple pitfalls, and call out the relative strengths and weaknesses of South as a tool at each step. Finding South's sweet spot for your environment will give you the best results.

    The talk is based on observations and lessons learned from a few years of using South on large projects, with different teams and team makeups (mixes of developers, creative staff, etc.), and common questions on IRC / mailing list.

    The demos will move quickly; a working understanding of creating and applying South migrations will be assumed. We'll make changes to a sample project, sometimes get ourselves into trouble, and pull back the curtains to figure out the best approach.

    While going through the demos we'll take opportunities to learn how to consider:

    • Impact on invidual developers
    • Impact on other teammates / staff
    • Impact on development and deployment environments
    • Whether South can represent your desired operation in a sane manner
    • Long-term code maintenance
    • Testing changes and undoing messes

    One thing I've found is that different teams and developers have varying philosophies about managing South migration histories over time. We'll put these ideas into context and audience members should come away with a good feeling about how to best use South for their particular needs.

    At 1:30pm to 2:10pm, Wednesday 7th September

    Coverage video

  • Real World Django Deployment Using Chef

    by Noah Kantrowitz

    Chef, a popular configuration management tool, is gaining momentum in the Django community. Learn how to deploy Django sites using Chef, be they one server or a thousand.

    Chef, a configuration management tool, is increasingly popular in the Django community. Many people have yet to take the plunge, and are still managing production systems exclusively through tools like Fabric or Buildout. In this talk I will quickly show the basics of building Chef recipes, both in general and a tour of the Django-and-Python-specific tools available. I will then walk through a suite of cookbooks built to deploy Packaginator as a production site in the cloud. If suitable wireless is available, I would like to do a live demonstration at the end, bringing up a new site from scratch.


    - Chef basics
    - Resources
    - Actions
    - Recipes
    - Cookbooks
    - Roles
    - Search

    Python cookbook
    - Community site/cookbooks
    - pip provider
    - virtualenv provider

    Django application recipe

    Other misc cookbooks
    - Postgres
    - Redis

    Packaginator cookbooks
    - Application recipe
    - Postgres master/slave
    - Gunicorn
    - Nginx
    - HAProxy
    - Redis
    - Celery

    Demo (pending wireless)


    At 1:30pm to 2:10pm, Wednesday 7th September

  • Building APIs in Django with Tastypie

    by Issac Kelly

    Tastypie is one of a couple of frameworks for building APIs with Django. Isaac will go over some of the reasons you might pick Tastypie, and how to implement a Tastypie on top of an existing Django project.

    Tastypie makes APIs. It is both straightforward, and powerful, once you know the basics of what it expects, and how it's structured.

    This talk will introduce, as well as share a few tricks for less simple APIs.

    At 2:20pm to 3:00pm, Wednesday 7th September

    Coverage video

  • Making the Django ORM Multilingual

    by Jonas Obrist

    Why does Django make it hard to have translated database contents? And what solutions are there to make it easier? And how can Django make multilingual database contents less of a pain?

    Multilingual database contents are not an easy thing to accomplish in Django. While there are many projects out there helping you with this, they all have their good and bad sides. The reason for this is that Django does not really help a lot in this area. There are things though, Django could do to make this easier and for some use cases, the existing solutions are actually good enough. I would like to share my knowledge and experience in this field, having developed almost exclusively multilingual websites and having developed two projects to make this easier in Django.

    At 2:20pm to 3:00pm, Wednesday 7th September

    Coverage video

  • Stop Tilting at Windmills - Spotting Bottlenecks

    by Yann Malet and Brandon Konkle

    Learn the questions to ask and the tools to use to spot performance problems in your application. We won't tell you how to scale your site, but we will show you how to locate the bottlenecks as they pop up.

    Performance optimisation has always been a hot topic among the Django community, and as applications become more mature and larger companies adopt Django for high-traffic projects this issue will heat up even more. This talk will not focus on resolving performance/scalability issues but rather on discovering them. It will try to answer the following questions:

    • How do you know where the worst problems are?
    • When did the problem start, and what parts of your application are affected?
    • How do you tell the difference between the giant performance monsters and the windmills that aren't really big problems at all?

    This talk will not spell out a quick and easy 5-step method to alleviating all of your performance woes. It will, however, show you ways to measure your site’s performance over time and spot the real trouble areas as they occur. It’s vital to know both your application and your user well in order to create an effective test plan. We will discuss the importance of reliable performance measurement and realistic performance tests, and walk you through the tools we use to identify and track problems.

    • Django Debug Toolbar - get internal information about what your application is doing
    • Django Debug Logging - log Debug Toolbar statistics to the database and review details and aggregated summaries.
    • Creating a cron job to run automated performance tests at regular intervals
    • Jmeter for external tool to create load tests with high concurrency
    • Integrating Jmeter with Jenkins using the performance plugin

    To close up, we’ll mention some of our favorite resources on handling the performance problems that you encounter during your testing. We’ll also provide links to other tools that you can use as part of your testing efforts. With this information at your disposal you can charge boldly through the meadow on your faithful Rocinante, attacking the real performance problems and leaving the windmills behind.

    At 3:30pm to 4:10pm, Wednesday 7th September

  • Why the Django Documentation Sucks

    by Steve Holden

    Documentation is normally held to be one of Django's strong points. Steve attempts to point out that even the best can stand improvement.

    As someone who had to learn Django primarily from the documentation, the author was glad that the documentation existed, but it seemed to make assumptions of knowledge that weren't necessarily in his head at the time. It was therefore a frustrating enough experience to result in this talk, which looks at some of the ways that the Django documentation could be made more user-friendly and effective.

    At 3:30pm to 4:10pm, Wednesday 7th September

    Coverage video

  • Best Practices for Front-End Django Developers

    by Christine Cheung

    Considerations, best practices, tools, and more for front-end development in Django.

    This talk will go over considerations and best practices for front-end development in Django and beyond. Ways to:

    • Best build and organize your templates
    • Tools to make your life easier and faster
    • Optimize and test code
    • Integrate and play well with the back-end
    • Deliver the most shiny of web applications

    At 4:20pm to 5:00pm, Wednesday 7th September

  • Safely deploying on the cutting edge

    by Eric Holscher

    This talk will go through the deployment system that we have built at Urban Airship. It will cover the process that allows us to automate our deployments, making it safe to deploy at any time. It's built on Fabric, Gunicorn, Virtualenv, Rsync, Supervisord, and Python. We end up with fully isolated environments for our services that are easy to manage.

    This talk will cover how we do deployments. It is the first deployment system that I've been happy with, which says a lot. It is a system that we have been evolving over the last 6 months or so, and has made our developers lives a lot easier. There are a few different points that make it successful, as well as useful.

    Interestingly, there is very little Django specific about this setup. It is how we deploy Django applications, but we also deploy flask and standard WSGI applications using the same framework. A slightly modified version of the code is also used to deploy our Java applications, so the tooling is genericly useful for more than just Django programmers

    The talk will have 4 parts, that will cover the following:
    - The process around Version Control that we use
    - The tooling to deploy code
    - The environment that the code gets deployed in to
    - The process of deploying the code across all of our servers, a subset at a time

    The first part is that we manage our source code in a specific fashion. It's a pretty standard git branching model, where we have a master branch that is the latest stable code. All on-going work is done on feature branches. Then we have a production branch that is what is currently in production. Each push to production is tagged with the date. Git allows us to keep a record of the history of development in one place.

    Next, to actually handle the deployment of the code to the servers, we're using Fabric. To show the full power of the system, we might normally run a command like fab host:web-0 deploy:airship restart:airship monitor:airship. This is mostly abstracted out from people in the day to day use of the system. The deployment system has the following features:

    • Updating source code checkouts
    • Making VCS tags
    • Deploying code
    • Migrating the database
    • Updating media files
    • Restarting services
    • Rolling back to the previous version
    • Allowing the person deploying the ability to easier monitor logs/status of services
    • One command "smart deploys"

    The python environment that things are deployed into is a fully standardized setup using supervisord and gunicorn, along with a number of other helper utilities. It integrates into the init.d system on the host, so that normal management commands work. Each service that we deploy has it's own environment, which I'll go into more depth on.

    Finally, We are also working on a system that will allow us to automatically health check deployments and automatically rollback the deployment if we are seeing elevated error rates. We handle deploying the code to a "canary" system first, then roll it out to half our servers, then the other half. This system is implemented currently at the prototype level, but should be in production use before the talk is given.

    At 4:20pm to 5:00pm, Wednesday 7th September

  • Keynote: Designers Make It Go to Eleven!

    by Idan Gazit

    The open-source world is and always has been focused on code; attention and respect doled out in exchange for patches. As a result, many open-source projects want for design love but don't know how to secure it. We scare off potential contributors from the many fields beneath the aegis of “design”: user experience, user interfaces, usability, interaction design, information architects, graphic design, typography, and other roles assumed by the authors of our markup and styling.

    Django can be a model citizen among open-source projects in changing these attitudes and coaxing contributors out of the woodwork—not just for the benefit of the framework, but for the constellation of 3rd party apps which make Django great. Other FOSS communities have made efforts that we can learn from, and the fight to change perceptions is less uphill than you might think.

    This talk will cover:

    • Misconceptions of “Design.” What is design, and what do designers do?
    • A brief trip down memory lane, and how Django came to be relatively designer-friendly.
    • “I don't get it: what is the BDesignFL role?”
    • Process and tools: How can Django better engage designers, for core's benefit and for the benefit of your projects. How can we help these contributors get over the “suck” threshold?
    • What parts of core are ripe for love from designers? What 3rd party projects?

    At 5:10pm to 6:00pm, Wednesday 7th September

Thursday 8th September 2011

  • Lightning Talks

    At 9:00am to 10:30am, Thursday 8th September

    Coverage slide deck

  • Advanced Django Form Usage

    by Miguel Araujo and Daniel Greenfeld

    Django forms are really powerful but there are edge cases that can cause a bit of anguish. This talk will go over how to handle many common solutions not currently described in the core documentation. It will also cover some useful third-party libraries and will end with clarifications about what the state of form features will be in Django


    Handy tips
    - Turning non-required model fields into required form fields
    - Overriding clean methods
    - Overriding save method
    - Calling forms the easy way in views
    - Custom field definitions
    - Dynamically adding fields
    - Formsets
    - Testing forms

    Third Party Libraries that make your life easier
    - django-uni-form
    - django-floppyforms

    The future
    - Forms refactor in Django 1.4
    - Documentation improvements

    Time will be left for Q&A.

    At 11:20am to 12:00pm, Thursday 8th September

  • Pinax after Three Years: Lessons Learnt and the Way Forward

    by James Tauber

    The Pinax platform has had its ups and downs since it was launched in 2008. People either love it or just don't get it. About the only thing everyone agrees on is that it doesn't seem to be progressing as fast as it once did. This talk will take a fresh look at the goals of Pinax, what we did well, what we didn't do so well and what we're (slowly) doing to fix it.

    The Pinax platform—an integrated collection of tools, apps and starter projects designed to accelerate getting from idea to site launch—has had its ups and downs since it was launched in 2008. It is still widely misunderstood ("isn't it just for social networks?" "how is it different from just reusable apps?") and yet used for an increasing number of sites. People either love it or just don't get it. About the only thing everyone agrees on is that it doesn't seem to be progressing as fast as it once did.

    This talk will take a fresh look at the goals of Pinax, what we did well, what we didn't do so well and what we're (slowly) doing to fix it. It will be of interest to people still not sure what Pinax is all about, existing users of Pinax keen to know where it's headed and people just interested in the challenges running an open source project, especially with both a community and commercial aspect.

    At 11:20am to 12:00pm, Thursday 8th September

    Coverage video

  • Advanced security topics

    by Paul McMillan

    An in-depth look (with demonstrations) at the how and why of several advanced security topics. Discussion of ways to improve security of the framework moving forward.

    This talk will introduce several advanced security topics, and discuss how Django fares. Topics will include timing attacks, man-in-the-middle, hashing issues, brute force attacks, and several topics that can’t currently be discussed (pending fixes in core). Expect practical demonstrations of “theoretical” vulnerabilities.

    The second half of the talk will focus on how we can improve Django’s security in the future. How can we improve response time and transparency for security issues? How can we make it easier to provide security enhancements for new code while retaining backwards compatibility? How can the community work to support security work that is low on the priority list for current core devs?

    At 1:30pm to 2:10pm, Thursday 8th September

    Coverage video

  • Teaching Django to Comrades

    by Issac Kelly

    Inevitably you're going to run into somebody who wants to learn Django, or maybe both Python and Django. This talk will help you make it less painful for them.

    20 months ago, Issac started learning Django and Python on his own. He got miserably stuck and did lots of things poorly. With a load of help from the community, 6 months later he was competent, and confident enough to use Django for his clients.

    Later that year, his company hired it's first employee, who also, didn't previously know Python or Django, and this summer, they hired an intern... who knew some Python, and no Django.

    Come see what we did to accelerate the process of going from 0 to $ in Django.

    At 1:30pm to 2:10pm, Thursday 8th September

  • Deployment, Daemons and Datacenters

    by Andrew Godwin

    A tour through the systems that power ep.io, the Python hosting platform, from the array of daemons powering the system, to how redundancy is set up, and also covering general best practices for hosting Django sites yourself.

    At ep.io, we spend all day finely tweaking and polishing our deployment systems, and this talk will go through some of the parts of our archtecture, show you some of our code, and also advise you on deploying Django sites on your own servers.

    Topics covered include our use of ZeroMQ for redundant communication, the difficulties of running services with transatlantic latency, our extensive use of Eventlet for asynchronous, concurrent I/O, how we've used (and modified) pip and virtualenv, and how we've leveraged class-based views to make our API part of our normal URL structure.

    In addition, there will also be some advice on how to run sites on your own servers, including what programs to use, how to lay things out, and sensible backup strategies.

    At 2:20pm to 3:00pm, Thursday 8th September