Build portable Python binaries
.. image:: https://travis-ci.org/mbachry/exxo.svg?branch=master :alt: Build status :target: https://travis-ci.org/mbachry/exxo
Only Linux x86_64 supported for now
Build your Python package into a portable one-file binary and deploy it just by copying it to target machine. The binary links to libc only and doesn't require Python to be installed on the machine. Exxo was created with DevOps professionals in mind, but the target audience may become larger as project matures.
Exxo uses the excellent
PyRun_ project and
zipapp_ library. The target binary is simply a pyrun binary with zipped application concatenated at the end. This simple design was chosen in hope it proves to be the most portable one (PyRun already works on most major platforms). There's also an assumption that over time zipapps become more popular and more essential packages will become zip safe.
In order for exxo to be practical, PyRun and CPython were patched in the following ways:
zipimport supports loading C extensions (otherwise too many pip libraries would be useless)
zipimport is capable of loading code from
__pycache__if Python 3 is used
original PyRun comes with few C modules distributed separately (with notable examples for multiprocessing or ctypes); exxo's PyRun on the other hand is a truly one file binary with all modules included (at the cost of portability loss, for now)
all libraries standard Python extensions depend on (like sqlite3 or ncurses) are statically compiled in (again, it makes PyRun Linux only)
few I/O functions in CPython are patched to make most zip unsafe packages work out of the box (read
Zip safety hacks_ section below)
.. _PyRun: https://www.egenix.com/products/python/PyRun/ .. _zipapp: https://docs.python.org/3/library/zipapp.html
Exxo is self-hosting. You can download it
here_. The archive contains just one file: exxo binary you should put somewhere in your
.. _here: https://bintray.com/artifact/download/mbachry/exxo/exxo-0.0.7.tar.xz
Your package needs to have a working
setup.pyscript. We'll use a sample project from
exxo git repository_. It's a simple Flask application that prints connecting IP address. It demonstrates using a C extension (gevent), handling data files (Flask templates and static assets) and embedding gunicorn - all in one portable binary.
Create a new virtualenv and activate it with::
exxo venv /tmp/myenv . /tmp/myenv/bin/activate
The default Python version is 3.5. Use
exxo venv -p 2.7for Python 2.7.
You can use the virtualenv in regular way. To build the target binary::
cd example exxo build
You'll find the binary under
distdirectory. Go on and copy it to some server and see if it works.
If you have upx installed (
apt-get install upxor
dnf install upx) you can use
exxo build -c) to compress PyRun binary and save some space.
.. _exxo git repository: https://github.com/mbachry/exxo/
I plan to build few popular Python projects as a showcase of exxo capabilities. For now there's only one.
Link to download_
Required shared libs:
apt-get install -y libpq5 libxml2 libxslt1.1
Sentry_ is a great error capturing and reporting tool - a life saver, if your code lives in a highly distributed environment. It's also a huge Django app, which makes it a good test bed for exxo.
.. _Link to download: https://bintray.com/artifact/download/mbachry/exxo/sentry-8.0.1.tar.xz .. _Sentry: https://getsentry.com/welcome/
There's already a significant competition for exxo, including prominent projects like
PyInstaller_. Here are few things I'd like to see exxo doing differently:
the binary should be almost 100% standalone (i.e. Python doesn't have to be preinstalled)
good startup performance so that exxo can be used for small, short lived apps (this means not unpacking everything to temporary locations)
user-friendliness: should stick to familiar solutions like virtualenv or setuptools
should support at least most popular packages out of the box without manual tweaks at user side
investment in zipapps - even if they need special attention today, they are the cleanest and most modern way of bundling Python apps
.. _pex: https://pex.readthedocs.org/en/stable/ .. _PyInstaller: http://www.pyinstaller.org/
Although exxo binary itself is statically linked, included C extensions (if any) are not. All required shared libraries must be installed on the target machine. For example, if you use
lxml, you must install
libxml2. This shortcoming may be fixed in the future.
Also, exxo still links dynamically glibc for practical reasons (nsswitch support, etc.). Although glibc uses ELF symbol versioning, you shouldn't build your project on a machine with much newer version of glibc than installed on destination server. Exxo release itself is built on Ubuntu 10.04 (with openssl 1.0+) to make sure it runs on every distro, including Centos 6.
Because your application is run as zipapp, it should be zip safe. This applies to all dependencies too, although exxo is armed in few hacks to make many third-party packages run out of the box (see
Zip safety hacks_ section below). The main violation against zip safety is using filesystem API to read data files from inside your package. Don't do this::
pkgutil_ module and its
pkg_resources_ module from
setuptoolsfor more sophisticated API.
Note that your
setup.pymust have one (and exactly one)
console_scriptsentry point defined for
exxo buildto work correctly.
Although exxo tries hard to load everything directly from an executable, some resources still have to be unzipped to a temporary directory due to OS limitations. This applies mostly to bundled binaries (C extensions, shared libraries for
ctypes, ELF binaries), as it's nearly impossible to
dlopendirectly from a zip. One serious limitation coming from this behaviour is that an exxo binary won't work, if your
/tmpdirectory happens to be mounted with
.. pkgutil: https://docs.python.org/3/library/pkgutil.html .. _pkgresources: https://pythonhosted.org/setuptools/pkg_resources.html .. _example/myip/myip.py: https://github.com/mbachry/exxo/blob/master/example/myip/myip.py
Exxo implements few patches over CPython to improve zip compatibility out of the box.
Many popular Python packages are zip unsafe (including Django). Luckily most of zip unsafe code follows the same pattern of loading bundled resources mentioned in previous section::
open(os.path.join(os.path.dirname(__file__), 'templates', 'index.html'))
If loaded from an unpatched exxo binary, it will fail with an exception like::
NotADirectoryError: [Errno 20] Not a directory: '/usr/bin/djangoapp/app/templates/index.html'
The erroneous path is clearly built from two parts: a path to exxo binary (
/usr/bin/djangoapp) and a path inside zip (
app/templates/index.html). Exxo patches several standard I/O functions inside CPython to detect the above pattern and return an object from zip instead of an error. This simple hack vastly improves zip compatibility - to the point it's possible to build Django apps out of the box.
Here's a list of functions and modules patched so far:
ctypes(requires unpacking to temporary location)
subprocess(requires unpacking to temporary location)
Building was tested only on Ubuntu. Python 3.5 is also required.
Install build dependencies with::
apt-get install -y gcc make patch wget tar gzip bzip2 xz-utils blt-dev libbluetooth-dev libbz2-dev libc-dev-bin libc6-dev libdb4.8-dev libexpat1-dev libffi-dev libfontconfig1-dev libfreetype6-dev libncurses5-dev libncursesw5-dev libpthread-stubs0-dev libreadline-dev libreadline6-dev libsqlite3-dev libssl-dev libstdc++6-4.4-dev libx11-dev libxau-dev libxcb1-dev libxdmcp-dev libxext-dev libxft-dev libxrender-dev libxss-dev linux-libc-dev tcl8.5-dev tk8.5-dev x11proto-core-dev x11proto-input-dev x11proto-kb-dev x11proto-render-dev x11proto-scrnsaver-dev x11proto-xext-dev xtrans-dev zlib1g-dev liblzma-dev upx
Build PyRun binaries with::
python3 -m exxo.bootstrap all
From this point exxo is usable as
python3 -m exxo.exxo. Type
make buildto build exxo binary under