Real-World Deployment Map

This is optional enrichment. It is useful for understanding real deployments such as school wikis, project websites, and hosted web apps. It is not required for H2 exam answers unless a question explicitly gives a deployment scenario.

The goal is not to learn Cloudflare, AWS, GitHub, or any other vendor platform in detail. The goal is to see how real tools connect to syllabus ideas such as files, web apps, DNS, servers, databases, security, testing, and responsible handling of data.

Important exam-safe rule:

Explain the computing concept first.
Mention a real service only as an example.

For example, in an exam answer, it is usually better to say:

DNS maps a domain name to the server or service that handles the website.

than to say only:

Use Cloudflare.

The first answer explains the concept. The second answer only names a tool.

Beginner Mental Model

When a project works on your own computer, it is not automatically public on the internet.

There are several separate questions:

Where is the source code?
Where is the built site or running app?
Where is the domain name pointing?
Where is the data stored?
What security controls protect the system?

A useful mental model is:

source files -> build or app server -> hosting -> domain name -> DNS -> HTTPS -> browser

Figure: A real deployment has separate responsibilities: source, build, host, DNS, browser, data, and security. DNS maps the domain to the host, while HTTPS protects browser-server communication.

For a beginner, the most important idea is that each layer has a different job. A mistake in one layer may look like a mistake in another layer.

Example:

The browser shows an old page.

Possible causes include:

  • the source file was not changed;
  • the site was not rebuilt;
  • the deployment failed;
  • the browser or CDN is showing cached content;
  • the domain points to the wrong host.

Do not randomly edit the code until you know which layer is failing.

Local, School, and Public Versions

A program can exist at different levels of visibility.

StageWho can access it?ExampleMain beginner risk
local fileonly the local machine useropening an HTML file directlylinks or paths work only on one computer
local serverusually only your own machineFlask on localhostapp works locally but is not deployed
school or lab environmentexam/class machine or local networkPaper 2 task foldermissing required files at submission
public static siteinternet users can read generated pageshosted wikistale build, broken links, DNS/cache issue
public dynamic web appinternet users interact with server-side codehosted Flask-like appserver error, database, authentication, security

In Paper 2, students normally work with local files, local servers, and submitted soft copies. Public deployment is enrichment unless the question gives a deployment scenario.

Big Picture

When a wiki or web app is published online, several jobs must be handled.

code and content -> hosting -> domain name -> DNS -> HTTPS -> browser

In real projects, different services often handle different jobs.

JobBeginner meaningExample service
code/content storagekeeps the project files and historyGitHub
hostingserves the site or runs the appGitHub Pages, AWS, other hosts
DNSmaps a domain name to the right serviceCloudflare, registrar DNS
HTTPS/TLSprotects browser-server communicationCloudflare, hosting provider
security/filteringreduces some network and web risksCloudflare, AWS security controls
database/storagestores app data beyond static filesSQLite locally, managed cloud database
monitoring/loggingrecords what happened when something failshosting logs, cloud logs

One service can do more than one job, but it helps beginners to separate the jobs first.

How This Connects To H2 Topics

Real-world toolH2 topic connectionWhat to understand
GitHublab/project skills, web applications, ethics/securityfiles, version history, collaboration, public/private access, accidental secret exposure
Cloudflarecomputer networks, network security, web applicationsDNS, domain names, HTTPS, CDN/reverse proxy idea, caching, DDoS protection
AWSweb applications, databases, networks, security, ethicscloud servers, storage, managed databases, access permissions, availability, cost/risk trade-offs
domain registrarcomputer networksowns/renews the domain name; may also provide DNS
local development serverweb applications, lab skillstests the app on your own machine before internet deployment
database hostdatabases, security, ethicsstores persistent app data and needs access control and backups

Do not memorise service names as exam answers. Use them as examples that make abstract ideas visible.

GitHub

GitHub is often used to store a project repository.

For a wiki or website, it may store:

  • Markdown notes;
  • images and generated diagrams;
  • configuration files;
  • source code;
  • build scripts;
  • version history.

Relevant syllabus ideas:

  • file management;
  • project organisation;
  • testing changes before final submission;
  • data privacy and access control;
  • security risk from accidentally publishing secrets or private data.

Typical beginner confusion:

"My files are on GitHub, so why is my website not working?"

GitHub may store the files, but a website also needs to be built and hosted. If GitHub Pages is used, GitHub may also host the static site. If another host is used, GitHub may only be the source repository.

A useful separation is:

QuestionGitHub may help with it?Explanation
Where are the source files?yesrepository stores project files
What changed last week?yescommit history records changes
Is the public website updated?maybeonly if deployment/build succeeded
Is the database backed up?usually noapp data often needs separate backup
Are passwords safe?only if handled correctlysecrets should not be committed

Important:

A repository is not automatically the same as a working website.

Cloudflare

Cloudflare is often placed in front of a website.

It can help with jobs such as:

  • DNS records for a domain;
  • routing a domain name to the website host;
  • HTTPS/TLS certificate handling;
  • caching static content;
  • reducing some DDoS and web traffic risks.

Relevant syllabus ideas:

  • DNS maps human-readable names to network destinations;
  • HTTPS protects communication between browser and server;
  • caching can reduce repeated network/server work;
  • DDoS affects availability;
  • security controls reduce specific risks but do not make a system perfectly safe.

Typical beginner confusion:

"Cloudflare says DNS is set, but the website still does not show the new page."

Possible causes include DNS propagation delay, cached content, wrong build output, wrong host target, or the site build failing before Cloudflare receives the updated content.

A better debugging question is:

Does the domain point to the correct host, and does that host contain the correct current site?

Cloudflare may help traffic reach the host, but it does not automatically fix wrong code, a failed build, or a missing database.

AWS and Other Cloud Platforms

AWS is a large cloud platform. Other cloud platforms provide similar categories of services. The vendor name is less important than the job being done.

For beginner understanding, group cloud services by job:

JobBeginner descriptionH2 connection
computea machine or service runs codeclient-server architecture
storagefiles or objects are storedfile storage, backups
databasestructured app data is stored and queriedSQL/NoSQL, persistence
networkingtraffic reaches the serviceIP, ports, DNS, routing
identity and accesspermissions control who can do whatauthentication, authorisation
monitoringlogs and metrics show what happeneddebugging and system reliability
backup/recoverydata can be restored after failuredata integrity and continuity

Relevant syllabus ideas:

  • client-server architecture;
  • databases and backups;
  • network addressing and ports;
  • access control and authentication;
  • availability and cost trade-offs;
  • ethical handling of user data in hosted systems.

Avoid turning this into an AWS course. The exam-relevant idea is usually the system concept, not the cloud product name.

Domain Registrar, DNS, and Hosting

A public website often involves at least three separate roles.

RoleJobBeginner question
domain registrarmanages ownership of the domain nameWho owns or renews the domain?
DNS providerstores records that point the name to a destinationWhere does the domain point?
hostserves the site or runs the appWhat content or app is actually running?

Sometimes one company does all three jobs. Sometimes different services are used.

Example:

A domain is bought from one registrar.
DNS records are managed through Cloudflare.
The site is hosted somewhere else.

If the website fails, changing the source code may not help if the real problem is a wrong DNS record. Changing DNS may not help if the host has not received the latest build.

Static Wiki Versus Dynamic Web App

A static wiki and a dynamic web app feel similar in a browser, but they are different systems.

FeatureStatic wiki/siteDynamic web app
server-side code while user browsesusually noneyes
database updates from user actionsusually noneoften yes
examplegenerated notes siteFlask app with forms and SQLite
common hoststatic hosting, GitHub Pages-style hostingapp server or cloud service
common riskbroken links, stale build, wrong DNS/cacheserver error, database path, invalid input, authentication/security issues

This distinction matters when debugging deployment.

Static wiki problem: "Did the build produce the right HTML files?"
Dynamic app problem: "Is the server code running and can it access the database?"

Example: Static Wiki Deployment

A static wiki usually works like this:

Markdown notes -> build process -> generated HTML/CSS/assets -> static host -> browser

The student or reader sees a website, but the site may not be running Python or SQL whenever a page is opened. The pages may already have been generated.

Typical static wiki problems:

SymptomLikely layer to check
new note does not appearbuild output, navigation, deployment step
diagram is missingasset path or missing image file
old page still appearscache or old deployment
internal link is brokennote path, filename, generated route
site works locally but not onlinebuild command, deployment configuration, host path

Useful evidence:

Can the site build locally?
Does the generated output contain the expected page?
Did the host receive the new generated files?
Does the browser still show cached content?

Example: Dynamic Flask App Deployment

A dynamic web app usually works like this:

browser request -> web server/app host -> Flask route -> database/file/storage -> response -> browser

The server runs code when users interact with the app. If users submit a form, the server may validate input, write to a database, and return a new page.

Typical dynamic app problems:

SymptomLikely layer to check
app works locally but not onlinehost setup, port, dependencies, environment variables
form submission failsroute method, form field names, validation, server error
database is empty after deploymentwrong path, temporary filesystem, missing persistent storage
uploaded files disappearhost storage is not persistent or path is wrong
login/API call failssecret key, environment variable, access control
app crashes after a requestserver logs, route code, database connection

Useful evidence:

Does the server start?
What do the logs say?
Which database is the app using?
Are required environment variables set?
Can one simple route return a response?

Local Testing Before Deployment

Before putting a project online, test it locally in layers.

LayerLocal check
source filesrequired files and folders are present
build or server startbuild command succeeds, or Flask starts
route/pageone simple page loads
static assetsCSS/images load correctly
formsubmitted values reach the route
databaseinsert/select works and uses the expected path
securityno secrets are hard-coded or committed
final outputuser sees the expected result

This is similar to lab-exam discipline: make the evidence visible before moving to the next layer.

Deployment Troubleshooting Map

Use this map when a deployed site does not behave as expected.

SymptomLikely layer to check
domain does not resolveDNS record, registrar, Cloudflare DNS
browser warns about securityHTTPS/TLS certificate or domain mismatch
old page still appearscache, build output, deployment target
site builds locally but not onlinebuild command, dependency version, deployment logs
Flask works locally but not deployedhost configuration, environment variables, port, database path
static files missingfolder path, build output, static-file route
database data disappearslocal file database on temporary host, wrong path, missing persistent storage
login/API key leakedGitHub visibility, committed secrets, access control
site slow or unavailablehost capacity, network issue, DDoS/rate limits, caching

The practical habit is to identify which layer owns the problem before changing code.

browser -> DNS -> proxy/CDN -> host -> app/build -> files/database

Evidence-Based Debugging

For deployment problems, avoid this pattern:

The site is broken, so I will edit random code and redeploy.

Use this pattern instead:

1. State the symptom clearly.
2. Identify the likely layer.
3. Find evidence from that layer.
4. Change one thing.
5. Retest the same symptom.

Examples:

SymptomEvidence to collect before changing code
domain gives an errorDNS record, host target, HTTPS status
new page missingbuild log, generated output folder, deployment timestamp
database row missingdatabase path, insert result, selected rows, persistence setting
CSS missinggenerated asset path, browser source, static-file route
login failsenvironment variable, access control setting, server log

This habit connects deployment back to testing and debugging.

Security and Responsibility

Deployment makes mistakes more serious because the project may become visible to other people.

Check carefully before publishing:

RiskSafer habit
password or API key committeduse environment variables and rotate exposed secrets
private data in repositoryremove or anonymise data before publishing
public access too broadcheck repository and database permissions
no backup of important datacreate backup/export before risky changes
invalid input reaches databasevalidate server-side, not only in the browser
user data transmitted insecurelyuse HTTPS where appropriate

Security controls reduce risk. They do not make a system perfectly safe.

What Is Exam-Core And What Is Enrichment?

Exam-core ideas:

  • DNS maps names to IP addresses;
  • HTTP/HTTPS supports web request-response;
  • client-server roles;
  • local Flask development and testing;
  • SQLite/database storage;
  • security controls such as firewalls, encryption, authentication, IDS/IPS;
  • privacy, consent, and responsible data handling.

Optional enrichment:

  • GitHub repository workflows;
  • Cloudflare dashboard configuration;
  • AWS service names and cloud architecture;
  • production deployment pipelines;
  • CDN cache purging;
  • domain registrar management;
  • cloud pricing and vendor lock-in.

Use enrichment to understand real projects. Do not use vendor details as default exam answers unless the question itself gives those details.

Related deployment walkthrough: From Local Flask to Public Website explains the same ideas as a practical layer-by-layer path from local testing to a public site.

Exam Answer Guidance

If an exam question asks about a web system, answer with syllabus concepts first.

If the question asks about…Use this kind of answer firstVendor example only if useful
human-readable website namesDNS maps domain names to IP addresses or host targetsCloudflare, registrar DNS
secure browser communicationHTTPS/TLS encrypts communicationhosting provider certificate
public access to a web appclient-server architecture and hostingcloud host
lost database databackup, restore, persistent storagemanaged database backup
leaked credentialsaccess control, secret management, rotationrepository settings
high trafficavailability, caching, scaling, DDoS protectionCDN/cloud service

Weak answer:

Use AWS and Cloudflare.

Stronger answer:

Host the server-side application on a reliable server, configure DNS so the domain points to it, use HTTPS to protect browser-server communication, and store persistent data in a database with backups and access control.

The stronger answer shows understanding even if no vendor name is mentioned.

Safe Beginner Rule

When confused, ask:

Where is the code?
Where is the built site or running app?
Where is the domain pointing?
Where is the data stored?
What security control is protecting which risk?
What evidence proves this layer works?

These questions connect real deployment problems back to syllabus concepts.

Final Takeaway

Real-world deployment is not one magic step called “put it online”.

It is a chain of responsibilities:

source files -> build or app server -> hosting -> DNS -> HTTPS -> browser -> data storage

For H2 Computing, the main learning value is not memorising service dashboards. The main learning value is understanding how web, network, database, testing, and security concepts fit together in a real system.