Cogini Blog Articles in the DevOps category
Featured articles
Deploying an Elixir app to Digital Ocean with mix_deploy Port forwarding with iptables
Deploying Elixir apps without sudo
We normally deploy Elixir apps as releases, supervised by systemd. After we have deployed the new release, we restart the app to make it live: sudo /bin/systemctl restart foo The user account needs sufficient permissions to restart the app, though. Instead of giving the deploy account full sudo permissions … Read more…
Getting the client public IP address in Phoenix
When your app is running behind a proxy like Nginx or a CDN, then the requests will all look like they are coming from the proxy. Use the X-Forwarded-For header to set the remote_ip correctly. Read more…
Port forwarding with iptables
In order to listen on a TCP port less than 1024, an app traditionally needs to be started as root. Over the years this has resulted in many security problems. A better solution is to run the application on a normal port such as 4000, and redirect traffic in the … Read more…
Rate limiting Nginx requests
Any popular service may be the unfortunate recipient of a DDOS attack. We find that DDOS load ends up driving capacity planning, as it can easily be 10x the normal load. You can rate limit at multiple levels. You might use a service such as CloudFlare, filtering provided by your … Read more…
Serving your Phoenix app with Nginx
It's common to run web apps behind a proxy such as Nginx or HAProxy. Nginx listens on port 80, then forwards traffic to the app on another port, e.g. 4000. Following is an example nginx.conf config: user nginx; worker_processes auto; error_log /var/log/nginx/error.log warn; pid … Read more…
Serving Phoenix static assets from a CDN
Phoenix is fast, but you can improve performance by serving requests for static files like images, CSS and JS from Nginx or a content delivery network (CDN). This allows your app to focus on dynamic content. Serving static assets from Nginx If you are running your app behind Nginx, configure … Read more…
Setting Ansible variables based on the environment
When deploying applications, we we usually have the same basic architecture in different environments (dev, test, prod), but settings differ. Some settings are common to all the machines in the environment, e.g. the db server connection string. We need to vary the size of instances depending on the environment … Read more…
Is it time for Lisp in DevOps?
We have been working on a project migrating a big Rails app from physical hardware to AWS, and I have been doing a lot of automation work. It strikes me how we are doing the same thing over and over with different tools: reading variables, templating files and running semi-declarative … Read more…
90 percent immutable
After a fair amount of debugging, I got an app running in an AWS Auto Scaling Group (ASG), pulling its config on startup from S3 and code from Amazon CodeDeploy. On the way I found out some annoying parts of the cloud initialization process in AWS. The idea is that … Read more…