-
First Things First, on AWS
I was chatting with a buddy who was moving his web sites from dedicated hosting to AWS. Let’s just say the FTUE isn’t great. That triggered a quick brain-dump of what you should do when you first get started with AWS.
- understand pets v cattle. In aws all resources should be “cattle”, not pets. Periodically terminate instances to test this.
- activate cloudtrail (in all regions). Use Loggly to index cloudtrail (free or ~$20/mo)
- create restricted IAM users. Never use your root acct. Activate MFA.
- Use IAM ec2-instance roles instead of stored credentials whenever possible.
- Get familiar with IAM management ( use managed policies, groups & the policy tool) .
- Start using opsworks. Avoid launching EC2 instances directly through the console–quickly becomes a management nightmare.
- activate trusted advisor (and pay for the $100/mo upgrade)
- start creating cloudwatch alerts.
- Activate librato ($30/mo) and send cloudwatch to librato
- use loggly or cloudwatch logs
- get familiar VPC & security groups . Use POLP when creating Security groups
- understand regions & AZs – get familiar with cross-region latency.
- use multi-AZ RDS and extend the backup retention
- use the AWS forums – activate your forum account
-
On Software Scaffolding
A new lightrail line is being built in my city with bridges passing over the major boulevards. Seeing the elaborate scaffolding evoked comparisons to software engineering. What does scaffolding look like in software? Does software need to be erected like a bridge via scaffolding? Without a doubt: yes.
Here are some elements of software “scaffolding”:
- Error log instrumentation with a formal error log schema (i.e. errors are uniquely identifiable in a MECE schema)
- Operational instrumentation with reports , dashboards and alerts
- Performance profiling on methods, database calls, rest calls, system calls and any blocking IO.
- Client-side performance instrumentation and sampling of the population.
- Benchmarks established for datasource SLA, server SLA and client time-to-interactivity, among others.
- Unit tests
- Functional Tests
- Client-side tracking of passive (view), positive ( click, message, follow) and negative (cancel, close-window) behaviors
This scaffolding gives you the resolution needed to understand your application and your audience. Moreover, it empowers you make well-informed decisions and the agility to move quickly.
-
Opsworks before-migrate.rb
Opsworks is a convenient, powerful and free service provided by AWS to simplify the management of EC2 nodes. The real power of the system is exposed through customizing various stages of the instance lifecycle by creating custom-tailored chef-solo recipes.
While Amazon provides a powerful deployment layer for PHP applications, it stops short once the PHP code has been checked out of git. For Laravel or other composer apps, you’ll have to customize your deployment. The most elegant and straightforward method is through custom deployment hooks. Here’s how to build a before_migration.rb script to build a Laravel app.