Tornado supplies its own HTTP server, and therefore it can run without a WSGI container. However, some cloud providers, such as Google App Engine, only enable the running of Tornado in a WSGI-only environment. When Tornado runs in a WSGI-only environment, it doesn't support asynchronous operations. Hence, we must take into account this important limitation when selecting our cloud platform for Tornado.

We must make sure that the API runs under HTTPS in production environments. In addition, we have to make sure we add some authentication and throttling policies. Our Tornado sample is a simple RESTful API that provides some features we can use as a baseline to generate a more complex and secure API.

Each platform includes detailed instructions for deploying our application. All of them will require us to generate the requirements.txt file, which lists the application dependencies together with their versions. This way, the platforms will be able to install all the necessary dependencies listed in the file. We have been updating this file each time we needed to install a new package in our virtual environment. However, it is a good idea to run the following pip freeze within the root folder of our virtual environment, Tornado01, to generate the final requirements.txt file:

    pip freeze > requirements.txt

The following lines show the contents of a sample generated requirements.txt file. Notice that the generated file also includes all the dependencies that were installed by the packages we specified in the original requirements.txt file:

    atomicwrites==1.2.1
    attrs==18.2.0
    certifi==2018.10.15
    chardet==3.0.4
    coverage==4.5.2
    httpie==1.0.2
    idna==2.7
    more-itertools==4.3.0
    pluggy==0.8.0
    py==1.7.0
    Pygments==2.2.0
    pytest==4.0.2
    pytest-cov==2.6.0
    pytest-tornasync==0.5.0
    requests==2.20.0
    six==1.11.0
    tornado==5.1.1
    urllib3==1.24