Static assets in an eventually consistent webapp deployment

The Problem

Deploying a high traffic website with zero downtime is a challenge – there’s a natural tradeoff between:

  • Performance and cacheability.
  • Getting updates versions of the application live.

The approach you use to manage your static assets plays a big role in this.

This post explains how we dealt with the challenges in our move from the data centre to a multi region highly available cloud-based architecture.

Continue reading

Enter the Pact Matrix. Or, how to decouple the release cycles of your microservices

So, you’re writing microservices! You’re feeling pretty smug, because microservices are all the rage. All the cool kids are doing it. You’re breaking up your sprawling monoliths into small services that Do One Thing Well. You’re even using consumer driven contract testing to ensure that all your services are compatible.

Then… you discover that your consumer’s requirements have changed, and you need to make a change to your provider. You coordinate the consumer and provider codebases so that the contract tests still pass, and then, because you’re Deploying Early and Often, you release the provider. Immediately, your monitoring system goes red – the production consumer still expects the provider’s old interface. You realise that when you make a change, you need to deploy your consumer and your provider together. You think to yourself, screw this microservices thing, if I have to deploy them together anyway, they may as well go in the one codebase.

Continue reading

Protecting your AWS keys with Credulous

Every week, AWS credentials leak into the wild and are used to mine bitcoins or worse.

In April 2014, DrawQuest closed down after a security breach in which their Amazon Web Services credentials were used to create hundreds of EC2 instances, probably for mining bitcoins. DrawQuest decided they could no longer trust that their core data wasn’t compromised, and closed their doors.

Wouldn’t it be great if there was a tool that could help prevent this sort of thing happening? Well, now there is — enter Credulous.

Continue reading