Search overlay panel for performing site-wide searches

Boost Performance & Scale with Postgres Advanced. Join Pilot Now!

Cloud Infrastructure

Making Time to Save You Time: How We Sped Up Time-Related Syscalls on Dynos

I work on Heroku’s Runtime Infrastructure team, which focuses on most of the underlying compute and containerization here at Heroku. Over the years, we’ve tuned our infrastructure in a number of ways to improve performance of customer dynos and harden security.

We recently received a support ticket from a customer inquiring about poor performance in two system calls (more commonly referred to as syscalls) their application was making frequently: clock_gettime(3) and gettimeofday(2).

In this customer’s case, they were using a tool to do transaction tracing to monitor the performance of their application. This tool made many such system calls …

Bring Your Own Key for Heroku Managed Data Services Is Now Generally Available

Security is always top of mind for Heroku customers; COVID-19 has further increased the urgency for enterprises and developers to deliver more mission-critical applications with sensitive and regulated data.

Given the needs of our customers, including those in regulated industries like Health & Life Sciences and Financial Services, we are thrilled to announce that Heroku Private Spaces and Shield customers can now deploy a new Postgres, Redis, or Apache Kafka service with a key created and managed in their private AWS KMS account. With BYOK, enterprises gain full data custody and data access control without taking on the burden of …

Building and Scaling a Global Chatbot using Heroku + Terraform

Text-based communication has a long history weaved into the evolution of the Internet, from IRC and XMPP to Slack and Discord. And where there have been humans, there have also been chatbots: scriptable programs that respond to a user’s commands, like messages in a chat room.

Chatbots don't require much in terms of computational power or disk storage, as they rely heavily on APIs to send actions and receive responses. But as with any kind of software, scaling them to support millions of user’s requests across the world requires a fail-safe operational strategy. Salesforce offers a Live Agent support product

Terrier: Open-Source Tool to Identify and Analyze Container and Image Components

As part of our Blackhat Europe talk “Reverse Engineering and Exploiting Builds in the Cloud” we publicly released a new tool called Terrier.
Announcing Terrier: An open-source tool for identifying and analysing container and image components.
In this blog post, I am going to show you how Terrier can help you identify and verify container and image components for a wide variety of use-cases, be it from a supply-chain perspective or forensics perspective. Terrier can be found on Github.

Containers and images

In this blog post, I am not going to go into too much detail about containers and …

Announcing Heroku Data Services Integrations Using mutual TLS and PrivateLink

Today, we’re thrilled to announce four new trusted data integrations that allow data to flow seamlessly and securely between Heroku and external resources in public clouds and private data centers:

Heroku Postgres via mutual TLS
Heroku Postgres via PrivateLink
Apache Kafka on Heroku via PrivateLink
Heroku Redis via PrivateLink

These integrations expand Heroku's security and trust boundary to cover the connections to external resources and the data that passes through them. They enable true multi-cloud app and data architectures and keep developers focused on delivering value versus managing infrastructure. Data is the driving force in modern app development, and these …

Why Frequent Maintenances Are Essential for Secure Heroku Data Services

There are many reasons to choose Heroku Data services, but keeping the services you use secure and up-to-date rank near the top. This foundation of trust is the most important commitment we make to our customers, and frequent and timely maintenances are one way we deliver on this promise.

We do everything we can to minimize downtime, which is typically between 10 – 60 seconds per maintenance. There are ways for you to minimize disruption too (see the tips and tricks below). The rest of the post explains how we think about Heroku Data maintenances, how we perform them, and …

Puma 4: Hammering Out H13s—A Debugging Story

For quite some time we've received reports from our larger customers about a mysterious H13 – Connection closed error showing up for Ruby applications. Curiously it only ever happened around the time they were deploying or scaling their dynos. Even more peculiar, it only happened to relatively high scale applications. We couldn't reproduce the behavior on an example app. This is a story about distributed coordination, the TCP API, and how we debugged and fixed a bug in Puma that only shows up at scale.

Connection closed

First of all, what even is an H13 error? From our error page …

How Heroku Operates its Multi-Tenant Apache Kafka Services

This blog post is adapted from a talk given by Ali Hamidi at Data Council SF ’19 titled “Operating Multi-Tenant Kafka Services for Developers on Heroku.”

https://www.youtube.com/embed/-AtHKoTNR1k

Thousands of developers use Heroku’s Apache Kafka service to process millions of transactions on our platform—and many of them do so through our multi-tenant Kafka service. Operating Kafka clusters at this scale requires careful planning to ensure capacity and uptime across a wide range of customer use cases. With significant automation and test suites, we’re able to do this without a massive operations team.

In this post, we’re going to talk …

Six Strategies for Deploying to Heroku

There are many ways of deploying your applications to Heroku—so many, in fact, that we would like to offer some advice on which to choose. Each strategy provides different benefits based on your current deployment process, team size, and app. Choosing an optimal strategy can lead to faster deployments, increased automation, and improved developer productivity.

The question is: How do you know which method is the "best" method for your team? In this post, we'll present six of the most common ways to deploy apps to Heroku and how they fit into your deployment strategy. These strategies are not mutually …

Heroku Postgres via PrivateLink Is Now Generally Available

Today, we're thrilled to announce Heroku Postgres via PrivateLink, a new integration that enables customers to seamlessly and securely connect Heroku Postgres databases in Private Spaces to resources in one or more Amazon VPCs. Heroku Postgres via PrivateLink connections are secure and stable by default because traffic to and from Heroku Postgres stays on the Amazon private network; once a PrivateLink is set up, there is no brittle networking configuration to manage. As always, security and trust are top of mind with everything we do at Heroku.

The ability to configure Heroku Postgres via PrivateLink is already enabled on all …

Subscribe to the full-text RSS feed for Cloud Infrastructure.