Millions of Apps Deployed

Millions of Apps Deployed

Heroku has deployed over a million applications in most web languages and frameworks, see what we've learned in the process!

Db953d125f5cc49756edb6149f1b813e?s=128

Richard Schneeman

November 12, 2012
Tweet

Transcript

  1. 2013 Richard Schneeman @schneems Millions of Apps

  2. Hello

  3. @schneems

  4. Schnauser

  5. None
  6. Ruby Me

  7. Hans Peter Von Wolfe (the 5th)

  8. Sextant Gem

  9. Wicked ‘ ‘ Gem

  10. Triage Code codetriage.com

  11. None
  12. Adjunct Professor

  13. Good News Everyone! schneems.com/ut-rails

  14. None
  15. Ruby Task Force

  16. Ruby Task Force Member

  17. What did we learn?

  18. Twelve Factor • Can apply to any language • Speeds

    up deployment, makes scaling easier & keeps apps clean • Developed over direct exposure to the deployment of hundreds of thousands of apps
  19. 12factor.net • Codebase • One codebase tracked in revision control,

    many deploys • Dependencies • Explicitly declare and isolate dependencies • Config • Store config in the environment • Backing Services • Treat backing services as attached resources
  20. 12factor.net • Build, Release, Run • Strictly separate build and

    run stages • Process • Execute the app as one or more stateless processes • Port Binding • Export services via port binding • Concurrency • Scale out via the process model
  21. 12factor.net • Disposability • Maximize robustness with fast startup and

    graceful shutdown • Dev/Prod Parity • Keep development, staging, and production as similar as possible • Logs • Treat logs as event streams • Admin Process • Run admin/management tasks as one-off processes
  22. Questions? @schneems

  23. Rails Gets A lot right

  24. Skip the numbers, focus on the takeaways

  25. Close your Laptops

  26. Unless you’re commenting on rails/rails issues

  27. Security Security Security

  28. CSRF

  29. Cross Site Request Forgery

  30. None
  31. config.security_token

  32. the key to your digital kingdom

  33. Would you give your Car key copies to:

  34. Interns? Your

  35. Contractors? Your

  36. Your Open Source Contributors?

  37. If secrets are in your source, you’ve already given them

    your digital kingdom
  38. Protect Your Code

  39. Secure keys in source control aren’t secure

  40. What’s an alternative?

  41. Environment Variables

  42. $ rake db:migrate RAILS_ENV=test

  43. $ rake db:migrate RAILS_ENV=test

  44. In Development

  45. Use a .env file

  46. $ cat .env SECRET_TOKEN=d59c2a439f

  47. Use dotenv gem

  48. $ irb > Dotenv.load > puts ENV[‘SECRET_TOKEN’] > “d59c2a439f”

  49. Use foreman gem

  50. $ foreman run irb > puts ENV[‘SECRET_TOKEN’] > “d59c2a439f”

  51. In Production

  52. $ heroku config:add SECRET_TOKEN=d59c2a439

  53. VPS • Use Foreman/Dotenv • Add to bashrc • Add

    values directly to command $ SECRET_TOKEN=asd123 rails console ruby-1.9.3> puts ENV[‘SECRET_TOKEN’] ruby-1.9.3> “asd123”
  54. What if...

  55. Someone Can read my ENV Variables?

  56. Then they can read your files too

  57. Is your app secure?

  58. Is your app open source- able?

  59. SECRET_TOKEN is just one example of Config

  60. Define: Config

  61. Config • What varies between deploys • resource strings to

    databases • credentials to S3, twitter, facebook, etc. • canonical values, hostname • security tokens
  62. Can you deploy your app to change your S3 Bucket?

  63. Do you NEED to deploy your app to change your

    S3 bucket?
  64. Don’t Do This

  65. Environment Variables! Use

  66. Config

  67. The interface between your platform and your code

  68. But I like storing my credentials in git!

  69. What is Config? Just because it works...

  70. Keep Config Seperate from Code

  71. Gives us Release Managment

  72. $ heroku releases === issuetriage Releases v102 Add SECRET_TOKEN config

    v101 Deploy 0e66245
  73. $ heroku releases:rollback V101

  74. Keep Config Seperate from Code

  75. Gives us Add-ons

  76. None
  77. $ heroku addons:add cdn_sumo

  78. config/production.rb config.action_controller.asset_host = ENV["CDN_SUMO_URL"]

  79. None
  80. We’re treating add-ons as attached resources

  81. development vs. production

  82. Using Postgres in Production?

  83. You wouldn’t develop in mongo

  84. Don’t develop on sqlite3 and deploy on Postgres

  85. Dev/Prod Parity

  86. Development • As close to production as possible • Same

    data-stores (postgres, memcache) • Same language versions (Ruby 1.9) • Real/consistent data
  87. Development • Real/consistent data $ heroku pgbackups:capture

  88. Dev/Dev Parity

  89. README.md • Living document • Standardize dev environment • Instructions

    for external dependencies • Instructions for starting processes • Problem with dev environment? • Put the fix in the readme $ brew install memcache $ foreman start
  90. Use a Readme to scale your Devs

  91. This is my README There are many like it, but

    this one is MINE
  92. You could use a script...

  93. Do you have performance problems?

  94. WRONG!

  95. there are no performance problems, only visibility problems “ -

    Ryan.Smith
  96. Application Visability

  97. What we need:

  98. Distributed

  99. Fault Tolerant

  100. Low Overhead

  101. Streams of data

  102. Solution:

  103. None
  104. None
  105. None
  106. ????????

  107. ????????

  108. Introducing

  109. logs

  110. As streams of data

  111. Measure Metrics:

  112. None
  113. Track Errors:

  114. $ heroku logs --tail

  115. What about when i’m not looking?

  116. Papertrail

  117. None
  118. Error Notification

  119. Error Notification • Record Logs & Errors • New Relic

    (rpm) • Airbrake (hoptoad) • HoneyBadger
  120. New Relic

  121. Protip: Admin flavored error pages

  122. Error Pages • Admins get error + Backtrace Couldn't find

    Course with ID=chunkybacon Details Params: {"action"=>"show", "controller"=>"courses", "id"=>"chunkybacon"} Backtrace: lib/active_record/relation/finder_methods.rb:304:in `find_one'
  123. Admin Error Pages + Backtrace Couldn't find Course with ID=chunkybacon

    Details Params: {"action"=>"show", "controller"=>"courses", "id"=>"chunkybacon"} Backtrace: lib/active_record/relation/finder_methods.rb:304:in `find_one'
  124. Questions? @schneems (for real this time)