Engineering
- Engineering
- Last Updated: March 29, 2024
- Jonan Scheffler
I sat down with some Ruby friends in Hiroshima last year to have a conversation about just-in-time compilation for Ruby, specifically the new MJIT method-based implementation. Those of you who are already familiar with JITs and how they work might want to skip directly to the interview, the rest of us are going to hang out for a minute and learn about how things presently work in Ruby, and what it is exactly that …
- Engineering
- Last Updated: June 03, 2024
- Etienne Stalmans
At Heroku we consistently monitor vulnerability feeds for new issues. Once a new vulnerability drops, we jump into action to triage and determine how our platform and customers may be affected. Part of this process involves evaluating possible attack scenarios not included in the original vulnerability report. We also spend time looking for “adjacent” and similar bugs in other products. The following Ruby vulnerability was identified during this process.
A vulnerability, CVE-2017-8817, …
- Engineering
- Last Updated: March 13, 2018
- Ryan Townsend
Editor’s Note: One of the joys of building Heroku is hearing about the exciting applications our customers are crafting. SHIFT Commerce – a platform helping retailers optimize their e-commerce strategy – is a proud and active user of Heroku in building its technology stack. Today, we’re clearing the stage for Ryan Townsend, CTO of SHIFT, as he provides an overview of SHIFT’s journey into building microservices architecture with the support of Apache Kafka on Heroku.
Software architecture has been a continual debate since software first came into existence. The latest iteration of this long-running discussion is between monoliths and microservices – large self-contained applications vs multiple smaller applications integrated together – but an even bigger question lies under the surface of our architecture philosophy: why does this even matter?
- Engineering
- Last Updated: May 30, 2024
- Etienne Stalmans
Containers, specifically Docker, are all the rage. Most DevOps setups feature Docker somewhere in the CI pipeline. This likely means that any build environment you look at, will be using a container solution such as Docker. These build environments need to take untrusted user-supplied code and execute it. It makes sense to try and securely containerize this to minimize risk.
In this post, we’re going to explore how a small misconfiguration in a build environment …
- Engineering
- Last Updated: April 02, 2024
- Caleb Hearth
Observatory by Mozilla helps websites by teaching developers, system administrators, and security professionals how to configure their sites safely and securely.
Let's take a look at the scores Observatory gives for a fairly straightforward Static Buildpack app, https://2017.keeprubyweird.com.
Test Pass Score Explanation Content Security Policy ✗ -25 Content Security Policy (CSP) header not implemented Cookies ― 0 No cookies detected Cross-origin Resource Sharing ✔ 0 Content is not visible via cross-origin resource…- Engineering
- Last Updated: May 16, 2024
- Damien Mathieu
Kubernetes is a container orchestration system that originated at Google, and is now being maintained by the Cloud Native Computing Foundation. In this post, I am going to dissect some Kubernetes internals—especially, Deployments and how gradual rollouts of new containers are handled.
This is how the Kubernetes documentation describes Deployments:
A Deployment controller provides declarative updates for Pods and ReplicaSets.
A Pod is a group of one or more containers …
- Engineering
- Last Updated: June 03, 2024
- Randall Degges
The following is the story of how Randall Degges created a simple API to solve the common problem of external IP address lookup and how he scaled it from zero to over 10 thousand requests per second (30B/month!) using Node.js and Go on Heroku.
Several years ago I created a free web service, ipify. It is a highly scalable IP address lookup service. When you make a GET request against it, it returns your …
- Engineering
- Last Updated: December 19, 2017
- Jeff Chao
Designing scalable, fault tolerant, and maintainable stream processing systems is not trivial. The Kafka Streams Java library paired with an Apache Kafka cluster simplifies the amount and complexity of the code you have to write for your stream processing system.
Unlike other stream processing systems, Kafka Streams frees you from having to worry about building and maintaining separate infrastructural dependencies alongside your Kafka clusters. However, you still need to worry about provisioning, orchestrating, and monitoring …
- Engineering
- Last Updated: December 13, 2017
- Caleb Hearth
Jekyll, the static website generator written in Ruby and popularized by GitHub, is a great candidate for being run on Heroku. Originally built to run on GitHub Pages, running Jekyll on Heroku allows you to take advantage of Jekyll’s powerful plugin system to do more than convert Markdown to HTML. On my blog, I have plugins to download my Goodreads current and recently read books and to generate Open Graph images for posts. That …
- Engineering
- Last Updated: October 02, 2017
- Joe Kutner
Pushing an app to the cloud can feel like launching a probe into space. Once your project is thousands of miles away you can't bang on it with a hammer or replace broken parts when there's a problem. Your debugging efforts must rely on the instrumentation, telemetry, and remote controls included with the app when it was deployed. On Heroku, we've gladly done some of that prep work for you.
Two new Heroku features, Heroku …
Subscribe to the full-text RSS feed for Engineering.