Millions of Apps - What we've learned

Transcript

1. Millions of apps What we’ve learned

2. None

3. • Can apply to any language • Speeds up deployment

   and scaling • Keeps apps clean • Developed through exposure 12 factor

4. 12 factor • Codebase
 One codebase tracked in revision control,

   many deploys • Dependencies
 Explicitly declare and isolate dependencies • Config
 Store config in the environment • Backing Services
 Treat backing services as attached resources

5. 12 factor • Build, Release, Run
 Strictly separate build and

   run stages • Process
 Execute the app as one or more stateless processes • Port Binding
 Export services via port binding • Concurrency
 Scale out via the process model

6. 12 factor • Disposability
 Maximise robustness with fast startup and

   shutdown • Parity
 Keep environments as similar as possible • Logs
 Treat logs as event streams • Admin Processes
 Run admin/management tasks as one-off processes
7. None

8. Frameworks

9. Rails gets a lot right

10. Security

11. Cross Site Request Forgery

12. config.security_token

13. None
14. None
15. None
16. None

17. Protect your code

18. $ git commit -m “the secretz”

19. Secure keys in source control aren’t secure

20. Environment variables

21. $ rake db:migrate RAILS_ENV=test

22. None

23. Deterministic builds

24. .env

25. $ cat .env SECRET_TOKEN=d2398jdd2

26. https://github.com/bkeepers/dotenv dotenv

27. $ irb > Dotenv.load > puts ENV[‘SECRET_TOKEN’] > “d2398jdd2”

28. https://github.com/ddollar/foreman Foreman

29. $ foreman run irb > puts ENV[‘SECRET_TOKEN’] > “d2398jdd2”

30. In Production

31. • Use Foreman / dotenv • Add to .bashrc •

    Add values directly to the command

32. $ heroku config:set SECRET_TOKEN=“d2398jdd2”

33. Tokens are just one example of config

34. • Resource strings (databases) • Credentials (S3, Twitter, Facebook) •

    Canonical values • Tokens

35. A quick test

36. None

37. Q. Are your apps 
 open-sourceable right now?

38. Do you NEED to deploy your application to change an

    S3 bucket name?

39. Config is the interface between your platform and your code.

    ! Config is not code.

40. Keep config separate from code.

41. Release management

42. $ heroku releases === my_app releases v102 Add SECRET_TOKEN config

    v101 Deploy 0e66245

43. Attachable Resources

44. config.action_controller.asset_host . = ENV[“CDN_URL”]

45. None

46. Replace at will

47. Modular upgrades

48. Environments

49. Q. How many people develop on MongoDB, and deploy to

    PostgreSQL?

50. Q. How many people develop on SQLite3, and deploy to

    PostgreSQL?

51. Environmental Parity

52. • As close to each other as possible • Same

    data-store (PostgreSQL 2.7, Memcached 1.4.15) • Same language versions (Python 3.0) • Real/consistent data

53. Fork

54. README

55. • Living document • Standardised Dev environment • Instructions for

    external dependencies • Instructions for starting processes
 • Had a problem? 
 Put the fix in the README


56. Scripting dev machines

57. Admining * * may or may not be a word

58. $ bin/python manage.py syncdb $ bundle exec rake db:migrate

59. • Admin tasks should run in an identical environment to

    the code • Admin tasks should be equally isolated • Admin tasks should be source controlled and repeatable.

60. $ bundle exec ./scripts/ . fix_bad_records.rb

61. Q. Do you have performance problems?

62. “There are no performance problems, only visibility problems”
 
 -

    Ryan.Smith

63. Application visibility

64. What do we need?

65. Distributed

66. Fault tolerant

67. Streams of data

68. None

69. Streams of data Streams of data

70. Measure metrics

71. None
72. None

73. LogEntries

74. None

75. Track Errors

76. • Honeybadger • Airbrake • New Relic

77. 12 Factors

78. fin.

79. None

80. Questions? @neilmiddleton https://github.com/bkeepers/dotenv dotenv https://github.com/ddollar/foreman foreman http://12factor.net 12 factor http://heroku.com

    Heroku