[TL;DR: To supplement Heroku-managed app servers, we launched custom EC2 instances to host Delayed Job worker processes. See the satellite_setup github repo for rake tasks and Chef recipes that make it easy.]

Artsy engineers are big users and abusers of Heroku. It’s a neat abstraction of server resources, so we were conflicted when parts of our application started to bump into Heroku’s limitations. While we weren’t eager to start managing additional infrastructure, we found that–with a few good tools–we could migrate some components away from Heroku without fragmenting the codebase or over-complicating our development environments.

There are a number of reasons your app might need to go beyond Heroku. It might rely on a locally installed tool (not possible on Heroku’s locked-down servers), or require heavy file-system usage (limited to tmp/ and log/, and not permanent or shared). In our case, the culprit was Heroku’s 512 MB RAM limit–reasonable for most web processes, but quickly exceeded by the image-processing tasks of our delayed_job workers. We considered building a specialized image-processing service, but decided instead to supplement our web apps with a custom EC2 instance dedicated to processing background tasks. We call these servers “satellites.”

We’ll walk through the pertinent sections here, but you can find Rake tasks that correspond with these scripts, plus all of the necessary cookbooks, in the satellite_setup github repo. Now, on to the code!

First, generate a key-pair from Amazon’s AWS Management Console. Then we’ll use Fog to spawn the EC2 instance.

require 'fog'

# Update these values according to your environment...
S3_SECRET_ACCESS_KEY = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
KEY_NAME = 'satellite_keypair'
KEY_PATH = "#{ENV['HOME']}/.ssh/#{KEY_NAME}.pem"
IMAGE_ID = 'ami-c162a9a8'  # 64-bit Ubuntu 11.10
FLAVOR_ID = 'm1.large'

connection = Fog::Compute.new(provider: 'AWS',
  aws_access_key_id: S3_ACCESS_KEY_ID,
  aws_secret_access_key: S3_SECRET_ACCESS_KEY)

server = connection.servers.bootstrap(
  key_name: KEY_NAME,
  private_key_path: KEY_PATH,
  image_id: IMAGE_ID,
  flavor_id: FLAVOR_ID)

Next, we’ll do some basic server prep and install our preferred Ruby version. We’ll again use Fog, this time to SSH into the new instance and run the following commands:

[ %{sudo sh -c "grep '^[^#].*us-east-1\.ec2' /etc/apt/sources.list | sed 's/us-east-1\.ec2/us/g' > /etc/apt/sources.list.d/better.list"},
  %{sudo apt-get update; sudo apt-get install -y make gcc rsync curl zlib1g-dev libssl-dev libreadline-dev libreadline5},
  %{mkdir -p /tmp/bootstrap},
  %{cd /tmp/bootstrap && curl -L 'ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.2-p290.tar.gz' | tar xvzf - && cd ruby-1.9.2-p290 && ./configure && make && sudo make install},
  %{cd /tmp/bootstrap && curl -L 'http://production.cf.rubygems.org/rubygems/rubygems-1.6.2.tgz' | tar xvzf - && cd rubygems* && sudo ruby setup.rb --no-ri --no-rdoc},
  %{sudo gem install rdoc chef ohai --no-ri --no-rdoc --source http://gems.rubyforge.org}
].each do |command|
  server.ssh command

The first command replaces some broken links in the AMI’s /etc/apt/sources.list, so that the later package installation commands have a chance. We then install a few necessary packages, download and install Ruby 1.9.2 from source, and install RubyGems. Finally, we install Chef so we can let chef-solo drive the remainder of the configuration (and manage it going forward).

Chef deserves a few blog posts of its own, but know that it provides a platform-independent DSL for specifying an environment’s configuration. Opscode supplies a deep set of related tools, but for our purposes, chef-solo–which applies a local set of configuration “cookbooks” to an individual server–will be plenty. These lines copy our local cookbooks folder (originally in config/satellite) up to a temporary location on the server, then execute the chef-solo command via SSH:

system "rsync -rlP --rsh=\"ssh -i #{KEY_PATH}\" --delete --exclude '.*' ./config/satellite ubuntu@#{server.dns_name}:/tmp/chef/"
server.ssh "cd /tmp/chef/satellite; RAILS_ENV=staging sudo -H -E chef-solo -c solo.rb -j configure.json -l info"

The first file referenced in that command simply declares where cookbooks will be found. In our case, they’re stored alongside solo.rb in the temporary directory.

```ruby config/satellite/solo.rb cookbook_path File.expand_path(File.join(File.dirname(FILE), “cookbooks”))

The next file, `configure.json`, specifies that Chef should apply the `configure` recipe found in the `example_app` cookbook.

```javascript config/satellite/configure.json
{"recipes": ["example_app::configure"]}

Finally, let’s look at the example_app::configure recipe. First it will make sure necessary packages and gems are installed. These, of course, might be different for your app.

```ruby config/satellite/cookbooks/example_app/recipes/configure.rb [ ‘build-essential’, ‘binutils-doc’, ‘autoconf’, ‘flex’, ‘bison’, ‘openssl’, ‘libreadline5’, ‘libreadline-dev’, ‘git-core’, ‘zlib1g’, ‘zlib1g-dev’, ‘libssl-dev’, ‘libxml2-dev’, ‘autoconf’, ‘libxslt-dev’, ‘imagemagick’, ‘libmagick9-dev’ ].each do |pkg| package(pkg) end

gem_package ‘bundler’ do version ‘1.0.10’ end

Next, it will ensure that a user and group (named for `example_app`) are created and configured:

``` ruby config/satellite/cookbooks/example_app/recipes/configure.rb (cont'd)
group 'example_app'

user 'example_app' do
  gid 'example_app'
  home '/home/example_app'
  shell '/bin/bash'
  supports :manage_home => true

directory '/home/example_app/.ssh' do
  owner 'example_app'
  group 'example_app'
  mode 0700

# Ensure example_app can sudo
cookbook_file '/etc/sudoers.d/example_app' do
  mode 0440

[ 'authorized_keys',  # place the keys you want to authorize for SSH in this file
  'id_dsa',  # a new private key file, authorized to pull from your git repo
   'config'  # avoid prompt when pulling from github
].each do |config_file|
  cookbook_file "/home/example_app/.ssh/#{config_file}" do
    owner 'example_app'
    group 'example_app'
    mode 0600

# Allow other developers to SSH as primary ubuntu account as well.
cookbook_file "/home/ubuntu/.ssh/authorized_keys" do
  owner 'ubuntu'
  group 'ubuntu'
  mode 0600

Next, it creates supporting directories.

``` ruby config/satellite/cookbooks/example_app/recipes/configure.rb (cont’d) [ ‘/app’, ‘/app/example_app’, ‘/app/example_app/shared’, ‘/app/example_app/shared/log’, ‘/app/example_app/shared/pids’, ‘/app/example_app/shared/config’ ].each do |dir| directory dir do owner ‘example_app’ group ‘example_app’ mode 0755 end end

We rely heavily on the [New Relic](http://newrelic.com/) plug-in, and want to enable it in our custom environment as well. Heroku usually takes care of injecting a `newrelic.yml` configuration file into our app servers, so we'll have to replicate that in our custom environment. Depending on what plug-ins you've enabled (e.g., [Sendgrid](http://sendgrid.com)), you might need to replicate other configuration files or initializers.

``` ruby config/satellite/cookbooks/example_app/recipes/configure.rb (cont'd)
cookbook_file "/app/example_app/shared/config/newrelic.yml" do
  owner 'example_app'
  group 'example_app'
  mode 0755

Monit is a great tool for starting, managing, and monitoring long-running processes. It can be configured with all sorts of thresholds and alerting. (We’ve included only a simple configuration in the github repo for now.) Let’s include the monit recipe, to ensure that monit is installed and running, and then add the necessary configuration for monit to start and monitor our delayed_job worker process.

``` ruby config/satellite/cookbooks/example_app/recipes/configure.rb (cont’d) include_recipe ‘monit’ monitrc ‘delayed_job’, {}, :immediately

To keep disk space from becoming a problem, we'll automatically rotate all of the logs in our app's shared `log/` directory.

``` ruby config/satellite/cookbooks/example_app/recipes/configure.rb (cont'd)
logrotate_app "example_app" do
  path "/app/example_app/shared/log/*.log"
  frequency "daily"
  rotate 30

include_recipe 'example_app::deploy'

That last line loads up the neighboring deploy.rb recipe, which is responsible for checking out the appropriate version of the codebase to the server and [re]starting the delayed_job worker:

```ruby config/satellite/cookbooks/example_app/deploy.rb deploy “/app/example_app” do

repo “git@github.com:my_org/example_app.git” # update this! branch node[‘rails_env’] # assumes a branch named for this RAILS_ENV (e.g., staging, production) shallow_clone true environment node[‘rails_env’] symlinks ‘pids’ => ‘tmp/pids’, ‘log’ => ‘log’, ‘config/newrelic.yml’ => ‘config/newrelic.yml’ before_restart do current_release = release_path execute(“bundle install –without development test”) do cwd current_release user ‘example_app’ group ‘example_app’ environment ‘HOME’ => ‘/home/example_app’ end end restart_command { execute “monit restart delayed_job” } user ‘example_app’ group ‘example_app’


The `deploy` Chef command creates a new timestamped directory under `/app/example_app/releases` and cleans up any older release directories, leaving the most recent 5 (much in the style of [Capistrano](https://github.com/capistrano/capistrano)). It also symlinks necessary directories and files and restarts the delayed_job worker.

Did you notice how we ensure that Heroku and the satellite use the same version of the codebase? We've formalized `staging` and `production` branches and update them with the commits we intend to deploy. Of course, we can't simply `git push heroku master` anymore. Instead, we push to the appropriate branch, then push that to heroku and re-run the satellite's `deploy` recipe. Here, we've wrapped the process up into a single `deploy:[staging|production]` rake task. (The precise branches might vary depending on your development workflow.)

``` ruby lib/tasks/deploy.rake
namespace :deploy do
  desc 'Merge master into a staging branch and deploy it to example_app-staging.'
  task :staging => 'git:tag:staging' do
    puts `git push git@heroku.com:example_app-staging.git origin/staging:master`
    ENV['RAILS_ENV'] = 'staging'

  desc 'Merge staging into a production branch and deploy it to example_app-production.'
  task :production => 'git:tag:production' do
    puts `git push git@heroku.com:example_app-production.git origin/production:master`
    ENV['RAILS_ENV'] = 'production'

namespace :git do
  task :tag, [:from, :to] => :confirm_clean do |t, args|
    raise "Must specify 'from' and 'to' branches" unless args[:from] && args[:to]
    `git fetch`
    `git branch -f #{args[:to]} origin/#{args[:to]}`
    `git checkout #{args[:to]}`
    `git reset --hard origin/#{args[:from]}`
    puts "Updating #{args[:to]} with these commits:"
    puts `git log origin/#{args[:to]}..#{args[:to]} --format=format:"%h  %s  (%an)"`
    `git push -f origin #{args[:to]}`
    `git checkout master`
    `git branch -D #{args[:to]}`

  task :confirm_clean do
    raise "Must have clean working directory" unless `git status` =~ /working directory clean/

  namespace :tag do
    task :staging do
      task('git:tag').invoke('master',  'staging')
    task :production do
      task('git:tag').invoke('staging', 'production')

Our satellite requires access to some of the same environment variables as our Heroku web apps (such as a database host or mail server credentials). To keep these synchronized, we rely on a config/heroku.yml file. (This duplication is an obvious hazard and deserves improvement, but we’ve actually found it convenient to have these locally for easy access from Rake tasks, etc.)

In the satellite_setup github repo, we’ve simplified this set-up into a few tasks that we use on an ongoing basis:

$ rake satellite:spawn RAILS_ENV=staging
$ rake satellite:configure RAILS_ENV=staging
$ rake satellite:info RAILS_ENV=staging
	1 satellite server(s)
		state: running (1)
			i-f4583196	staging	ec2-170-179-113-159.compute-1.amazonaws.com	2012-01-03 14:48:11 UTC
$ rake satellite:deploy RAILS_ENV=staging
$ rake satellite:destroy RAILS_ENV=staging

This arrangement has worked for us so far. Satellite servers cost a little more, but can benefit from arbitrary customization and are served out of the same data-centers as our Heroku-based web apps and S3 storage. Since the same app is running transparently in 2 different environments, our developers’ workflow has hardly needed modification. In fact, the portability enforced by Heroku’s design (elaborated in The Twelve-Factor App) made this transition relatively straightforward.

Some worthy enhancements might be:

  • Improving monitoring and notifications
  • Extending the recipes to manage multiple parallel workers
  • Using Chef attributes to replace uses of example_app with a parameter
  • Cleaning up the duplication of Heroku configuration values in heroku.yml

Categories: Chef, EC2, Fog, Heroku