For startups & SMBs

Docs


Careers

Blog

Pricing

Terms of Use

Privacy policy

Contact us

Sign up

Getting your apps production-ready

Simon Obetko, Dev @ Stacktape

March 15, 2024

Going to production? You'll need to tighten things up. That means making sure your app can scale, your resources are secure, and you're alerted if something goes wrong. Stacktape is here to help with all of that. Here’s a look at getting your app ready for the big leagues, focusing on scalability, security, and monitoring with Stacktape.

Scale Easily Based on Your Needs

Developers who haven't dealt with Ops might overlook scaling. It's crucial for handling more users without crashing. With some components such as Lambda functions, you get scaling out of the box. For container services such as web-service, a small configuration is required.

So let's take an example application containing: web-service, function and relational-database

resources:
# handles requests and main application logic
web:
type: web-service
properties:
packaging:
type: stacktape-image-buildpack
properties:
entryfilePath: src/index.ts
resources:
cpu: 1
memory: 1024
# generates report every two hours
generateReport:
type: function
properties:
packaging:
type: stacktape-lambda-buildpack
properties:
entryfilePath: src/lambdas/generate-report.ts
events:
- type: schedule
properties:
scheduleRate: rate(2 hours)
# database for storage
database:
type: relational-database
properties:
engine:
type: postgres
properties:
primaryInstance:
instanceSize: db.m6g.large
credentials:
masterUserPassword: my_secret_pass_123

With Stacktape, scaling becomes simple. You won't have to dive deep into Ops to get it right.

By simply specifying lower and upper thresholds for the number of instances, Stacktape sets up autoscaling for you. Optionally, you can define conditions for when to scale. This means your app adjusts automatically to the traffic it receives, ensuring smooth performance without manual intervention.

resources:
# handles requests and main application logic
web:
type: web-service
properties:
packaging:
type: stacktape-image-buildpack
properties:
entryfilePath: src/index.ts
resources:
cpu: 1
memory: 1024
scaling:
minInstances: 1
maxInstances: 5
scalingPolicy:
keepAvgCpuUtilizationUnder: 70
# ... rest of the resources

Another trick is to use a CDN (Content Delivery Network) for your compute resources, like a web-service. By caching content with a CDN, you reduce the load on your web-service. Fewer requests hit your server, and your app speeds up. Content from a CDN is stored at edge locations near your users, making your app faster for them. Stacktape makes setting this up easy.

Using CDN helps you in two ways:

  • reduces load on your compute resources
  • increases the speed of your app for users

resources:
# handles requests and main application logic
web:
type: web-service
properties:
packaging:
type: stacktape-image-buildpack
properties:
entryfilePath: src/index.ts
resources:
cpu: 1
memory: 1024
scaling:
minInstances: 1
maxInstances: 5
scalingPolicy:
keepAvgCpuUtilizationUnder: 70
cdn:
enabled: true
# ... rest of the resources

Securing Your Infrastructure: From Passwords to Networks

When it comes to production readiness, securing your infrastructure is important. Let's explore how Stacktape simplifies this key step.

First off, handling sensitive information like passwords securely is a must. Using secrets to store passwords ensures that sensitive data is encrypted and managed safely. Stacktape enables you to easily create secrets in Stacktape console or using CLI. Secrets are securely stored in your AWS account and you can reference them in your config for straightforward integration.

Using secrets to store sensitive information is a must.

Create secret in you AWS account

For database security, the goal is to shield it from unauthorized access. Making your database accessible only within a Virtual Private Cloud (VPC) is a common practice. This setup limits access to your database, protecting it from external threats. However, if you need external access, Stacktape offers a solution. By utilizing a bastion resource, you can establish a secure tunnel to your database. This allows for safe external connections without exposing your database to the wider internet.

resources:
# database for storage
database:
type: relational-database
properties:
accessibility:
accessibilityMode: vpc
engine:
type: postgres
properties:
primaryInstance:
instanceSize: db.m6g.large
credentials:
masterUserPassword: $Secret('my-db-pass')
# adding bastion to enable access outside of VPC
bastion:
type: bastion
# ... rest of the resources

Securing your web-service CDN is just as important. The web application firewall (WAF) resource in Stacktape provides a defense against common internet exploits. By filtering traffic before it reaches your service, the WAF helps to prevent attacks and keep your application safe.

resources:
# handles requests and main application logic
web:
type: web-service
properties:
packaging:
type: stacktape-image-buildpack
properties:
entryfilePath: src/index.ts
resources:
cpu: 1
memory: 1024
scaling:
minInstances: 1
maxInstances: 5
scalingPolicy:
keepAvgCpuUtilizationUnder: 70
cdn:
enabled: true
useFirewall: waf
waf:
type: web-app-firewall
properties:
scope: cdn
# ... rest of the resources

Setting Up Alarms for Proactive Monitoring

Monitoring your application’s health and performance is crucial, especially in production. Stacktape offers flexible alarm configurations to keep you informed and ready to react. You can set up alarms directly on specific resources or create them globally through the Stacktape console. Global alarms are then automatically applied to your chosen resources during deployment, based on your predefined rules.

    Create alarm in console

Alarms aren’t just about monitoring; they’re also about immediate, actionable notifications. Stacktape allows you to receive alarm notifications through Slack, MS Teams, or email. For more customized responses, you can integrate alarms with a Lambda function to execute specific logic when an alarm is triggered.

Stacktape allows you to receive alarm notifications through Slack, MS Teams, or email.

For example, if you want to be notified into Slack whenever your generateReport function fails, you can set up an alarm like this

resources:
# generates report every two hours
generateReport:
type: function
properties:
packaging:
type: stacktape-lambda-buildpack
properties:
entryfilePath: src/lambdas/generate-report.ts
events:
- type: schedule
properties:
scheduleRate: rate(2 hours)
alarms:
- trigger:
type: lambda-error-rate
properties:
thresholdPercent: 0
notificationTargets:
- type: slack
properties:
accessToken: $Secret('slack-access-token')
conversationId: CXXXXXXX
# ... rest of the resources

After your function encounters a failure, a notification will be sent directly to your configured Slack channel, ensuring you’re instantly aware of any issues.

Slack alarm notification

Wrapping Up

Wrapping up, we've walked through scaling, securing your infrastructure, and setting up alarms with Stacktape. These steps significantly improve your app's readiness for production. Stacktape makes this straightforward, letting you focus on what you do best: building great software.

We have made a few changes to improve the security and robustness of our app, so here is a complete config:

resources:
# handles requests and main application logic
web:
type: web-service
properties:
packaging:
type: stacktape-image-buildpack
properties:
entryfilePath: src/index.ts
resources:
cpu: 1
memory: 1024
scaling:
minInstances: 1
maxInstances: 5
scalingPolicy:
keepAvgCpuUtilizationUnder: 70
cdn:
enabled: true
useFirewall: waf
waf:
type: web-app-firewall
properties:
scope: cdn
# generates report every two hours
generateReport:
type: function
properties:
packaging:
type: stacktape-lambda-buildpack
properties:
entryfilePath: src/lambdas/generate-report.ts
events:
- type: schedule
properties:
scheduleRate: rate(2 hours)
alarms:
- trigger:
type: lambda-error-rate
properties:
thresholdPercent: 0
notificationTargets:
- type: slack
properties:
accessToken: $Secret('slack-access-token')
conversationId: CXXXXXXX
# database for storage
database:
type: relational-database
properties:
accessibility:
accessibilityMode: vpc
engine:
type: postgres
properties:
primaryInstance:
instanceSize: db.m6g.large
credentials:
masterUserPassword: $Secret('my-db-pass')
# adding bastion to enable access outside of VPC
bastion:
type: bastion



We are looking forward to seeing what you build with Stacktape, and your feedback to make it even better.

More on Launch Week #1 & how to support us:

Want to deploy production-grade apps to AWS in less than 20 minutes?

Let Stacktape transform your AWS into a developer-friendly platform.

Learn more

Stay in touch

Join our monthly product updates.

input icon

Copyright © Stacktape 2024