Search overlay panel for performing site-wide searches
Salesforce (Heroku) Named a Leader. Learn More!

Engineering

SHIFT Commerce’s Journey: Deconstructing Monolithic Applications into Services

Editor’s Note: One of the joys of building Heroku is hearing about the exciting applications our customers are crafting. SHIFT Commerce – a platform helping retailers optimize their e-commerce strategy – is a proud and active user of Heroku in building its technology stack. Today, we’re clearing the stage for Ryan Townsend, CTO of SHIFT, as he provides an overview of SHIFT’s journey into building microservices architecture with the support of Apache Kafka on Heroku. Software architecture has been a continual debate since software first came into existence. The latest iteration of this long-running discussion is between monoliths and microservices…

A House of Cards: An Exploration of Security When Building Docker Containers

Containers, specifically Docker, are all the rage. Most DevOps setups feature Docker somewhere in the CI pipeline. This likely means that any build environment you look at, will be using a container solution such as Docker. These build environments need to take untrusted user-supplied code and execute it. It makes sense to try and securely containerize this to minimize risk. In this post, we’re going to explore how a small misconfiguration in a build environment can create a severe security risk. It's important to note that this post does not describe any inherent vulnerability in Heroku, Docker, AWS CodeBuild, or…

Using HTTP Headers to Secure Your Site

Observatory by Mozilla helps websites by teaching developers, system administrators, and security professionals how to configure their sites safely and securely. Let's take a look at the scores Observatory gives for a fairly straightforward Static Buildpack app, https://2017.keeprubyweird.com. Test Scores Test Pass Score Explanation Content Security Policy ✗ -25 Content Security Policy (CSP) header not implemented Cookies ― 0 No cookies detected Cross-origin Resource Sharing ✔ 0 Content is not visible via cross-origin resource sharing (CORS) files or headers HTTP Public Key Pinning ― 0 HTTP Public Key Pinning (HPKP) header not implemented (optional) HTTP Strict Transport Security ✗ -20…

Dissecting Kubernetes Deployments

Kubernetes is a container orchestration system that originated at Google, and is now being maintained by the Cloud Native Computing Foundation. In this post, I am going to dissect some Kubernetes internals—especially, Deployments and how gradual rollouts of new containers are handled. What Is a Deployment? This is how the Kubernetes documentation describes Deployments: A Deployment controller provides declarative updates for Pods and ReplicaSets. A Pod is a group of one or more containers which can be started inside a cluster. A pod started manually is not going to be very useful though, as it won't automatically be restarted if…

Scaling ipify to 30 Billion Requests and Beyond on Heroku

The following is the story of how Randall Degges created a simple API to solve the common problem of external IP address lookup and how he scaled it from zero to over 10 thousand requests per second (30B/month!) using Node.js and Go on Heroku. Several years ago I created a free web service, ipify. It is a highly scalable IP address lookup service. When you make a GET request against it, it returns your public-facing IP address. Try it out yourself! I created ipify because, at the time, I was building complex infrastructure management software and needed to dynamically discover…

Kafka Streams on Heroku

Designing scalable, fault tolerant, and maintainable stream processing systems is not trivial. The Kafka Streams Java library paired with an Apache Kafka cluster simplifies the amount and complexity of the code you have to write for your stream processing system. Unlike other stream processing systems, Kafka Streams frees you from having to worry about building and maintaining separate infrastructural dependencies alongside your Kafka clusters. However, you still need to worry about provisioning, orchestrating, and monitoring infrastructure for your Kafka Streams applications. Heroku makes it easy for you to deploy, run, and scale your Kafka Streams applications by using supported buildpacks…

Jekyll on Heroku

Jekyll, the static website generator written in Ruby and popularized by GitHub, is a great candidate for being run on Heroku. Originally built to run on GitHub Pages, running Jekyll on Heroku allows you to take advantage of Jekyll’s powerful plugin system to do more than convert Markdown to HTML. On my blog, I have plugins to download my Goodreads current and recently read books and to generate Open Graph images for posts. That said, it’s not straightforward to get up and running on Heroku without using jekyll serve to do the heavy lifting. jekyll serve uses Ruby’s built-in, single…

In the Cloud, No One Can Hear Your OutOfMemoryError

Pushing an app to the cloud can feel like launching a probe into space. Once your project is thousands of miles away you can't bang on it with a hammer or replace broken parts when there's a problem. Your debugging efforts must rely on the instrumentation, telemetry, and remote controls included with the app when it was deployed. On Heroku, we've gladly done some of that prep work for you. Two new Heroku features, Heroku Exec and Language Runtime Metrics, improve your production monitoring, inspecting, and debugging experience on the platform. With Heroku Exec, you can create secure TCP and…

Evolution of the Heroku CLI: 2008-2017

Over the past decade, millions of developers have interacted with the Heroku CLI. In those 10 years, the CLI has gone through many changes. We've changed languages several times; redesigned the plugin architecture; and improved test coverage and the test framework. What follows is the story of our team's journey to build and maintain the Heroku CLI from the early days of Heroku to today. Ruby (CLI v1-v3) Go/Node (CLI v4) Go/Node (CLI v5) Pure Node (CLI v6) What's Next? Ruby (CLI v1-v3) Our original CLI (v1-v3) was written in Ruby and served us well for many years. Ruby is…

Hello RedBeat: A New Celery Beat Scheduler

The Heroku Connect team ran into problems with existing task-scheduling libraries. Because of that, we wrote RedBeat, a Celery scheduler that stores scheduled tasks and runtime metadata in Redis. We’ve also open-sourced it so others can use it. Here is the story of why and how we created RedBeat. Why We Created the RedBeat Celery Scheduler Heroku Connect makes heavy use of Celery to synchronize data between Salesforce and Heroku Postgres. Celery is an asynchronous task queue that lets us schedule and queue jobs for execution by a background worker process. Over time, our usage has grown, and we came…

Subscribe to the full-text RSS feed for Ryan Townsend.