At Aptible, we’re always focused on making it easier for engineering teams to manage their cloud infrastructure. This month, we’re excited to introduce a new set of features designed to accelerate automation.

Accessing operation logs just got a whole lot easier.

We released support for downloading logs for completed operations from the Aptible Dashboard or CLI, and also for attaching to real-time logs via Aptible CLI by providing the operation ID. This feature is great for Terraform users!

A new disaster recovery option unlocked 🔓.

With our new S3 Log Archiving functionality, you can now configure log archiving to an Amazon S3 bucket owned by you! This feature is designed to be an important complement to Log Drains, so you can retain logs for compliance in the event your primary logging provider experiences delivery or availability issues.

This month, we’re excited to introduce a new set of features designed to accelerate automation.

What’s New With Aptible: September 2022

With Aptible’s Dedicated Stacks, your infrastructure resources are already dedicated to you and protected from noisy neighbors—by default, 

 run on single-tenant host machines with network segregation. Now, when Enforced Resource Allocation is enabled, you can ensure that the individual services you have deployed within that single stack don’t negatively impact one another.

In the past, Dedicated Stacks on Aptible have not enforced CPU Limits, which provides surge capacity for the individual services within your Dedicated Stack. With a lack of CPU Limit enforcement, if there was excess CPU capacity on the host machines where the stack was deployed, any service deployed in that stack could take advantage of those unused resources.

However, without enforced CPU Limits, a container from one of your services can be starved of CPU by other containers deployed to the same stack and allocated to the same host, causing timeouts, errors, and alerts that don’t even reflect an issue with the app that’s generating these errors! Moreover, the underlying events that trigger these errors may not even be visible to you—such as an ephemeral SSH session causing CPU starvation of the stack’s NAT Gateway, negatively impacting all outbound traffic from your app.

Enforced Resource Allocation—meaning CPU Limits and Memory Limits are enabled and enforced for a Stack—prevents 

 by ensuring your containers do not use more resources than they are allocated.

Because there is a risk that Apps without enforced CPU Limits are presently relying on resources beyond their nominal allocation, transitioning your Dedicated Stacks to Enforced Resource Allocation is not trivial. Before enabling CPU Limits on your existing Dedicated Stacks, ensure that you don’t have any critical Apps which rely on CPU beyond their current nominal allocation.

New, Flexible Deployment Options to Optimize Costs

To make it easier to ensure your containers have the memory and processing resources they need, we are also excited to introduce a variety of new Container Profiles. These profiles can help you optimize your resource allocation and per-service costs by providing various ratios of CPU to RAM across a large range of sizes. The three types of Container Profiles currently available are as follows:

 about these new Container Profiles and how they use Enforced Resource Allocation to ensure your services have the resources they need.

How do I enable Container Profiles and Enforced Resource Allocation?

On all Shared Stacks and new Dedicated Stacks, Enforced Resource Allocation is already enabled by default. To enable Enforced Resource Allocation features on an existing Dedicated Stack, you can make a request to 

 has everything you need to know about these new features!

We are excited to announce that Container Profiles and Enforced Resource Allocation are now generally available on Aptible!

Optimize your resource usage with Container Profiles and Enforced Resource Allocation

5 Ways to Reduce Costs and Optimize Spend on Aptible

Cloud infrastructure costs can naturally grow over time as you scale to meet demands. Aptible helps organizations save on infrastructure costs by managing and maintaining secure, compliant infrastructure that would otherwise require hiring additional engineers.

I'm not sure what we would do without Aptible. We would have to hire 3 more people and we still would not have the high level of support and tooling that Aptible provides.

Mark Siemers, Software Engineering Manager @ 

Beyond helping our customers save on salary costs, we provide flexibility and support to effectively manage ongoing cloud infrastructure costs. That’s why we’ve outlined our top tips for reducing costs on Aptible.

Before you start, we recommend reviewing your monthly invoices to determine what resources you are currently consuming; this will help you identify the biggest areas for savings.

1. Review Your Container Usage and Rightsize Where Possible

Right-sizing resources is typically the most impactful way to reduce costs. You can review your usage within your 

. This report will provide you with scaling recommendations based on your usage patterns of the past two weeks.

 can only be scaled down by performing a dump and restore to a smaller database.

To ensure there are no performance issues as a result of scaling downward, it’s recommended to set up alerts and monitoring using data from your Metric Drains.

2. Review You Backup Retention and Reduce Where Possible

A quick way to reduce your backup costs is by customizing your 

. By default, all Aptible environments have the following backup retention policy:

Reducing the total number of retained daily backups will have the most significant impact to your costs (even more so than disabling cross-region copies). For staging/testing environments, you may want to consider generously reducing the backups retained (e.g. 7 dailies, 0 monthlies, disabling cross-region copying, and disabling final backup retention).

Reducing the backup retention policy will purge all backups that fall outside of the set policy.

3. Use RAM- and CPU-Optimized Container Profiles for More Accurate Scaling

As of July 2022, Container Profiles are now 

Aptible is offering a new limited-release feature called Enforced Resource Allocation, which is designed to enhance your ability to control your containers by offering:

To learn more about Enforced Resource Allocation and our new Container Profiles, have a 

4. Consider a Volume Pricing Agreement for Discounted Pricing

Aptible provides discounted pricing by offering volume pricing agreements for all customers. Volume agreements require a commitment to a monthly spend level:

5. Add a Secured by Aptible Badge to Your Website for $100/month Discount

Build trust with customers (and grow your business!) by deploying your application on Aptible, then sharing your security and compliance posture with a Secured by Aptible Badge on your website. 

Whether you are an early-stage startup or a large enterprise company, Aptible can help you maintain the costs of cloud infrastructure. 

 to talk more about how Aptible can help you with cost optimization.

If you are considering Platform as a Service (PaaS) alternatives to Heroku and have regulatory or compliance requirements—or you are just generally concerned with the security of your infrastructure and the privacy of your users’ data—Aptible should be at the top of your list.

While you focus on building out your app, Aptible accelerates your dev workflow by handling the hard parts of deploying secure, compliant infrastructure. Here’s why you should consider using a security-focused PaaS for your next deployment.

We help you deploy safe-by-default infrastructure

Aptible handles the hardest parts of implementing rigorous infrastructure security controls and lets you focus on building applications.

In the context of regulation-compliant deployments, the bulk of Aptible’s 

 is operating the infrastructure security controls required to comply with those regulatory frameworks.

Of course, the controls we implement are not unique to securing healthcare data under HIPAA regulations! While protected health information (PHI) has rigorous minimum standards for security controls, a dedicated stack that enforces rigorous security controls helps keep all private user data private.

Some of the most important infrastructure security controls are also the most difficult to implement. We take care of those hard things:

All of these security controls, critical for maintaining secure infrastructure, are provided by default with 

We help you understand how your infrastructure is secured

It’s difficult to understand the many pieces you need to have in place to have secure, compliant infrastructure. As a developer advocate, I believe it’s important to understand the challenges developers face. At Aptible, developing that understanding has meant spending significant time broadening my knowledge of HIPAA and other compliance requirements.

It’s not fun. But understanding how to deploy applications that satisfy the requirements of the HIPAA Security Rule is, however, the exact area where Aptible excels.

When your resources are deployed to a Dedicated Stack on Aptible, you’ll have access to 

 , which surface the necessary security controls in a single dashboard.

Every 24 hours, Aptible automatically performs hundreds of checks to ensure that critical security and availability requirements have been configured correctly.

When you deploy with Aptible, you’ll have peace of mind that your application’s infrastructure is free of misconfigurations that put your users’ data at risk.

We provide a more secure platform with less friction

Our fully Docker-based app deployments can integrate into your existing workflow as the destination for CI/CD processes. Likewise, our managed open-source database offerings expose the database to your application with end-to-end encryption in transit, with no proprietary wrappers needed to connect.

Aptible is built on open-source tools and well-adopted workflows, so you don't need to learn a new paradigm to deploy secure infrastructure.

It can be hard to determine which risks you may even face when using a PaaS, because a PaaS, by definition, is an abstraction of more generalized infrastructure. In fact, this abstraction can increase the attack surface for a given vulnerability, because it naturally increases the underlying complexity of a system.

That's why it's critical for security to be a fundamental part of any PaaS product, rather than an add-on service or enterprise offering. We're building a security-focused platform that makes security more convenient for everyone—because secure infrastructure and a developer-friendly workflow aren't mutually exclusive!

 loaded with $500 in credits and deploy securely in 5 minutes or less.

You need a security-focused platform

Heroku's varied and often platform-specific ways of deploying your application can make it difficult to understand the best way to migrate to another Platform as a Service. We're offering this guide to help you understand the flexible options you have for migrating an application from Heroku to Aptible.

Not only does Aptible make managing application infrastructure easier, but it also unlocks turnkey security & compliance benefits. When you’re ready to launch your application, you can deploy a dedicated stack with configuration monitoring and recommendations for further improvement surfaced directly in the Aptible Dashboard.

The guide will help you migrate your Heroku app and Postgres database to Aptible, and we'll provide specific advice for migrating from each of Heroku's deployment options.

Migrating your application from Heroku to Aptible by deploying via Git is the simplest method, but it only works for some deployment scenarios. Let's have a look at the changes that need to be made to Heroku's 

 sample application to deploy it on Aptible.

There are a few files in that repository that control how the application is deployed to Heroku:

When you push your application to Heroku, it uses the information in the runtime.txt file to determine which Buildpack to use (or, if a runtime is not specified, guesses which Buildpack to use based on the repo contents). The Buildpack then builds your app with Docker and deploys it on Heroku.

In contrast, Aptible allows you to have direct control over how your application is built and deployed. Compare the files above with the values defined in this example Dockerfile for deploying Django sites to Aptible:

The Dockerfile above takes over the responsibilities of the Procfile, app.json, and runtime.txt files:

It's important to note that while a Procfile is not needed to deploy to Aptible, they are still supported. Have a look at 

 to understand the difference between running an implicit service with Docker's CMD instruction and declaring an explicit service with Procfiles.

Also note that while Heroku uses Profiles to define releases phases, you can accomplish similar results by the addition of an 

 file to define a before_release configuration.

The only thing from Heroku's set of configuration files that is not handled by this Dockerfile is environment variable generators. However, Aptible does give you full control over the 

 as environment variables, which can help you accomplish the same goal.

Once you understand the relationship between Heroku's configuration files and Aptible's Dockerfile deployments, you can follow our 

, and you can review the database migration section below to understand how to get your data out of Heroku.

If you are using GitHub Actions to deploy your application on Heroku, you can continue to use this type of deployment to run your application on Aptible. Have a look at the configuration differences between the GitHub Actions offered by Heroku and Aptible, respectively.

This is Heroku's sample configuration for their GitHub Action. To use the Action, you must have a Dockerfile in your project containing a CMD instruction, which Heroku uses to build the image and deploy the web server to their platform.

In contrast, Aptible's GitHub Action deploys a container image that you have already published to a Docker registry. You can find a comparison guide of the steps to do so on Aptible and Heroku in the next section. Once your container image is published, the following configuration can deploy the container using Aptible's GitHub Action!

If you are using a private registry, you can set up 

As you can see from the examples above, the usage of each GitHub Action is quite similar. The primary difference between them today is that Aptible requires your Docker image to be built beforehand, something which can 

If you're used to deploying your application directly with Docker via the Heroku container registry, the process for deploying Docker applications on Aptible will probably feel familiar to you.

This section will walk you through how your existing Heroku deployment workflow translates to 

 as the starting point of the application we want to migrate to Aptible.

To deploy a Docker image to Heroku, you can run the commands below, assuming that you have properly configured your app.json file containing the name of the app:

Migrating to Aptible's Direct Docker Deployment

To deploy a Docker image to Aptible, you may choose any registry to host your container images. In this example, we will use 

There are subtle differences between the two platforms. Aptible does not have an app.json equivalent that specifies the app's name, instead specifying this as a command-line argument. We also do not host our own Docker registry directly, but you may host your container images in any registry, such as Docker Hub or the 

If you would like to use a private image registry, we have special flags to support that use case.

 for more information about our options.

If your app is normally deployed using Heroku's Terraform provider, there are some key differences to keep in mind when migrating an app from Heroku to Aptible.

Aptible's Terraform provider implementation is focused on the functions necessary for managing the lifecycle of your deployment, so you will need to set up users and provision your environment through other methods. Your provisioned environment is then exposed to Terraform via the 

The Aptible Terraform provider requires 

, so you must first build and push your app's image to a Docker registry.

As the starting point for the application we want to migrate from Heroku, let's look at the example application from HashiCorp's "

An application can be deployed in the same way on Aptible with a similar configuration:

Let's walk through a bit of what is happening here.

First, we're defining an environment variable with the name of the Docker image to use (see the 

 for information about using private registries).

Next, to scale the application, we define a 

 block which specifies the scaling and memory limits per container (

 - comparable to the Heroku domain. Note that the endpoint should point (via container_port) to a 

. The process_type should match either your 

 or be set to "cmd" if using the Dockerfile's CMD instruction directly.

Next, let's look at the database configuration. The Heroku configuration adds the following:

This automatically injects a DATABASE_URL environment variable into the application with the properly formatted connection URL. On the Aptible side, we require more explicit configuration:

 for more information on using the Aptible Terraform provider.

Migrating a PostgreSQL Database from Heroku

 on Aptible, and this is most commonly done via the web interface or the command line. When creating your satabase, remember to allocate enough space for the database you want to restore—the backup itself doesn't include the database's indexes (which will be generated upon restoration), so ensure that you select enough space to have a solid margin for new data.

We need three command-line tools before we can begin:

On MacOS these can all be installed using Homebrew:

You also need to be logged in to both Heroku and Aptible.

We can begin by creating a basic database deployment using the db:create CLI command.

We built aptstract to simplify the process of migrating data to Aptible from other services.

 and download the aptstract.pex file. Then open a terminal in the same folder as aptstract.pex and run the following commands.

Now you can use the aptstract utility while inside of this folder.

For applications with a single database, provide the name of the Heroku App:

If your application has multiple databases, they can be retrieved by name:

Database files will be placed inside the backups folder of your current working directory.

Now we're ready to restore the backup to the Aptible database we created earlier:

Here's an example with all the pieces put together:

You can run the entire process above with a single interactive command.

Heroku to Aptible Migration Guide

In today’s security conscious B2C and B2B markets, companies, especially those operating in high compliance industries like healthcare, have to be mindful of planning, implementing and maintaining good-practice security. This can quickly prove daunting for teams unfamiliar with the intricacies of interpreting regulations and frameworks like HIPAA, HITRUST and SOC 2 into meaningful implementation, maintenance and monitoring details in their software development lifecycle and infrastructure. Add to this the ever-changing security expectations of customers and auditors on what it means to be secure and compliant, and software engineers spend more time maintaining and proving their security posture and less time building value for their target market. 

Aptible was built to solve just this, abstracting away infrastructure security considerations and providing a platform-as-a-service that allows teams to quickly launch containerized apps and databases that instantly comply with a wide variety of regulations and frameworks like HIPAA and HITRUST. 

But we also recognize that a vast number of teams would benefit from not just having greater visibility into the security safeguards Aptible has in place across different aspects of the infrastructure, but do so in a way that helps them understand what they need to do to further improve their posture to reach a compliance goals, and provide them with any artifacts in the process to pass security audits.

To help with this, we’re excited to be showcasing the newest Aptible feature - the Compliance Visibility dashboard. 

Introducing the Compliance Visibility Dashboard 

The Compliance Visibility dashboard provides a unified view of all the technical security controls in place Aptible fully enforces and manages on your behalf, as well as security configurations you have controls over in the platform. 

Think of security controls as safeguards implemented to protect various forms of data and infrastructure, important both for compliance satisfaction as well as best-practice security.

The new Compliance Visibility dashboard is a welcome addition to gain an in-depth understanding of the different areas of infrastructure security that Aptible abstracts for us, as well as learn of other ways to improve the overall security of our hosted resources through tailored recommendations provided to us in the UI. We're going through a SOC 2 Type 2 audit at the moment, and are already starting to see the benefits of the dashboard, including the detailed, auditor-friendly descriptions provided for each security control, to efficiently gain the confidence of our auditors in our infrastructure security"

With this feature, Aptible customers can not only see in detail the many infrastructure security controls Aptible automatically enforces on their behalf, but also get actionable recommendations around safeguards they can configure on the platform (for example, enabling cross-region backup creation) to improve their overall security posture and accelerate compliance with frameworks like HIPAA and HITRUST. Apart from being visualized in the main Aptible dashboard, these controls along with their descriptions can be exported as a print-friendly PDF for sharing externally with prospects and auditors to gain their trust and confidence faster. 

You can access the Compliance Visibility dashboard by clicking on the Security and Compliance tab in the navigation bar. 

 to learn more about using the dashboard in greater detail.

With the Compliance Visibility dashboard, Aptible customers can see efficiency-gains for the following outcomes.

The dashboard clearly outlines the various security controls in place across all of your environments. These security controls are grouped by different categories that pertain to various pieces of an organization’s overall security posture. These categories include:

Each control is continuously checked for how they’re performing against the resources in scope. Every security control is currently mapped to the required and addressable requirements of HIPAA, as well as the compliance requirements of the HITRUST-CSF framework. The dashboard provides you with compliance readiness scores for these frameworks based on how well all the controls are performing, providing you with a quick view of your current security posture.

Making Informed Decisions to Improve Security

Your security controls can be sorted to identify resources that aren’t meeting the expected implementation of the control. Clicking into each control should reveal to you and your teams what the control is checking for, the resources in scope, and any supporting documentation to help you implement the control correctly. This also helps you prioritize any configuration changes you have to make on your end in order to improve your security posture and accelerate compliance. For example, the Mulli-factor Authentication control tests for the activation and enforcement of 

 on the account level, whereas a control like Cross-region backups is applied on the Database level, testing whether or not you’ve enabled the auto-creation of 

You can also choose to ignore the control implementation, thereby no longer seeing the notification in the UI as well as ensuring it does not affect your overall compliance readiness score.

Each control comes with a description to give your teams an overview of what the safeguard entails, as well an auditor-friendly description to share externally during compliance audits. These descriptions can be quickly copied and shared in any vendor or auditor security questionnaires that come your way.

You can also generate a shareable PDF of your overall security and compliance posture based on the controls implemented. This allows you to quickly provide various internal stakeholders and external auditors and customers with an in-depth understanding of your infrastructure compliance posture, thereby building trust in your organization’s security early on in any compliance and security audit process.

The Compliance Visibility dashboard is your go-to resource to deeply understand the various safeguards Aptible has in place across the infrastructure, learn of controls that are in your wheelhouse to configure, and use this information to quickly pass audits.

All new security features Aptible will be releasing in the future, like managed Network Intrusion Detection and Remediation, will be appropriately visualized in the dashboard. If you have any pointed questions, 

Improve Your Security Posture and Pass Audits with Aptible's New Compliance Visibility Dashboard

, a customer trust platform born out of the insights obtained building Aptible Comply. Conveyor is a new company spun out of Aptible whose mission is to build a more trustworthy internet by creating a network of customers and vendors that makes it simple to build trust through data security.

Aptible will continue to exist and Deploy will operate unchanged. Customers of Aptible who only use Deploy will experience no change (other than even greater focus on improving the Deploy product). Comply will become the foundation of the compliance management functionality available in Conveyor. Customers of Aptible who used Comply will be contacted by a success manager to help you understand how this change may impact you and how to proceed.

In the decade since Marc Andreessen wrote his op-ed for the Wall Street Journal, “Why Software Is Eating the World,” his predictions about the effects of lowered startup costs and a massively expanded global market for software services have largely come true. It’s even more true today than in 2011 that more and more major businesses and industries are being run on software and delivered as online services.

At the same time, the old joke about how “the cloud is just someone else’s computer” also rings true in a different way, with terms like “supply chain attacks” coming into the mainstream from repeated large breaches like SolarWinds. With more businesses sharing more data with more cloud vendors, it’s never been more important to build trust with customers around data security.

So why is building trust more difficult than ever? Ten years ago, only a few enterprise SaaS vendors would have a SOC 2 or ISO 27001 certification, but today customers routinely subject vendors to scrutiny based on the data they process, regardless of the size of the vendor. Even small B2B SaaS companies are now required to provide compliance certifications, pen test results, and answers to lengthy security questionnaires to close deals. Larger SaaS vendors find their teams replying to dozens or even hundreds of security questionnaires per month.

For deals that proceed to vendor risk assessment, the ways customers and vendors build trust together are deeply broken and painful for both sides. Sales deals crawl as customers and vendors go back and forth proving trust. Signing NDAs, getting documents watermarked, and responding to questions are actions that happen with every deal but are not standardized. Sharing security documents in cloud folders and completing questionnaires in spreadsheets creates an unmanageable sprawl of files. Companies have sales teams and security/compliance teams, but no one focused on proving data security trustworthiness to customers. The sales team doesn’t know enough about security and the security team has bigger priorities than “selling.”

So far, the compliance software industry has only responded with ever-more complex ways to determine trustworthiness; Conveyor exists to make it more simple. Previously, the team behind Conveyor was building Aptible Comply, a GRC automation tool. Over and over again customers said the underlying reason to achieve compliance certifications, respond to questionnaires, share security reports, and perform all the other work around trust building were motivated by the desire to answer a simple customer question: Is it safe for us to do business together?

Conveyor believes there is a better way. Providing security information should be as easy as sharing a link. Questionnaires should be answered before questions are even asked. Building trust with customers should be fast and effortless. By enabling customers to connect with their vendors on Conveyor it’s possible for customers to instantly access security documents, get answers to questions, and build trust in their vendors, without vendors having to do extra work.

Many of the most trusted companies in the SaaS world are already using Conveyor to build trust with their customers. For example, Datadog, PagerDuty, and Sift each have thousands of customers and are all using Conveyor to streamline responding to security questionnaires and provide customers self-serve access to their security documents.

Conveyor exists to fix the broken process and speed up building trust around data security. It’s a customer trust platform that makes it easy for companies to build trust with their customers (and for customers to determine the trustworthiness of their vendors). Sign up today and join some of the most trusted SaaS companies in the world, as we make the internet more trustworthy, together!

Today, we’re excited to introduce Conveyor, a customer trust platform born out of the insights obtained building Aptible Comply. Conveyor is a new company spun out of Aptible whose mission is to build a more trustworthy internet by creating a network of customers and vendors that makes it simple to build trust through data security.

Greater focus on Deploy as Comply becomes Conveyor

Announcing Log Drain Improvements for High-Performant, Reliable Delivery to External Destinations

Designing and developing applications is hard. Maintaining applications and ensuring they’re secure, available and work as intended? Even harder. Without sounding pessimistic, we know that eventually things may not go as planned - an application could crash, a server could go down, a bug may slip through our tests and negatively affect functionality, or worse, a data breach occurs.   Auditing and monitoring are critical to prepare for the above events. Establishing an audit trail and maintaining an audit log are important for a variety of development, operational and compliance oriented reasons. They help DevOps teams troubleshoot availability and performance-related concerns, developers debug functional issues as they arise, security teams quickly detect and contain breaches, and compliance teams adhere to a minimum, necessary standard based on market and regulatory demands. 

Aptible Deploy comes with built-in support for easily aggregating your 

 and routing them to your destinations of choice for record-keeping and future analysis, be it in popular external destinations like Datadog, SumoLogic and PaperTrail, or to a self-hosted ElasticSearch database. 

Since 2014, Aptible log drains have been used by customers to send hundreds of millions of log lines to various destinations. While the majority of our customers were able to aggregate their logs without hiccup, we also heard a few of them experience issues when the volume of logs being generated were extremely high. These issues ranged from inconvenient delays in receiving logs in their destinations to packet losses during periods of high throughput. 

Such issues weren’t just frustrating for our customers when trying to debug their production issues, but also for our reliability engineers troubleshooting them across a wide variety of use cases and destinations. 

Engineering a solution for the above problems involved accounting for the varying logging volume across different customer use cases, optimizing around throughput limitations of third party destinations, and ensuring we could provide maintainable, scalable support on an on-going basis. We had to take a close look at the engineering choices we made for the past versions of Aptible log drains, and decide if we want to add on to it, or re-architect it from the ground up.  The log processing and delivery engine we used in previous versions was Logstash, an open-source ingest pipeline from Elastic. While we found Logstash’s parsing and output configuration options acceptable for our needs, over time, we realized that not only was performance lacking, but that Logstash was opaque and limited in monitoring metrics for the customer use-cases we cared about. One such example was the Aptible engineering team being limited to using CPU usage as a leading metric for monitoring the reliability of log drains. The problem with this is that high CPU isn't always a symptom of a drain not working, leading to cases of false-alarms, and having insufficient data to dig in further and remediate when there really was a drain issue.  As our customers grew with Aptible, this logging engine became harder to maintain, monitor and scale efficiently. Based on this, we made the decision to use an alternative provider and re-design our logging engine. During our exploration of alternatives to Logstash, we quickly found that FluentD, another open source data collector, gave us everything our previous logging collector provided and more, namely better performance and more robust metrics.   Using FluentD, we’ve developed and released the next version of log drains. 

What customers can expect with this new version of log drains

“I've been watching our logs since the new version of log drains was released to our production environment, and the improvements have been substantial. I'm seeing no drift in log timestamps between when they were generated and when they were received by PaperTrail, which used to be off by about 30 minutes before this release. Everything I've seen has looked sequential as well. I can make an HTTP request to an app and see it come through PaperTrail within seconds. If log performance stays this way, it's a huge win! "- James Dempsey, Software Developer at Aidin The log drains of all Aptible accounts have been updated to the latest version, requiring no additional setup from customers. Customers can expect the following from the latest version. 

With this update, users can see a noticeable improvement in the reliability and speed of their log drains. Customers may experience minimal to no lag when generating and sending their logs, even at very high volumes due to the work we put in to increase throughput in the new version of our drains. 

It used to take about 15 minutes for logs to show up in the Datadog UI, but now it takes just about a minute on average. Big improvement!” - Darryn Campbell, Principal Software Engineer at CarePort

Better internal observability for faster remediation

Using a combination of FluentD data, and visualizing and graphing this data into metrics of importance in Grafana, we’ve been able to set up alerts to monitor for issues based on the the the number of logs waiting to be sent , the number of times customer drains retry sending logs, failed output writes to different destinations, and others. We believe these metrics allow our reliability engineers to quickly identify root-causes, be it on Aptible’s side or the customer's side as issues arise, and remediate them more efficiently.  Over time, we’ll evolve these metrics as we learn how our newest version of log drains performs in a wider variety of real world scenarios. Depending on how well these metrics perform, we may also choose to expose them to customers to enable more proactive, self-service remediation of log drain issues.  

We’re excited to release the latest iteration of log drains to Aptible. Do let us know how this is doing and if you have any questions or concerns, we’re always happy to help. If you want to understand what we’re working on currently, vote on features you care about or suggest new ideas for Aptible to work on, you can do so in 

Announcing Log Drain Improvements for High-Performant, Reliable Delivery to External Destinations.

Aptible’s UX Engineering team has recently launched version 1.0 of our in-house design system, 

 (Arrow DS for short). In this post, I’m going to walk you through some of the frameworks and tools we use and show off one of our more complicated components.

At Aptible, we place a lot of emphasis on creating high-quality and consistent experiences for our users. Each page, dropdown, tooltip, and modal should feel like they are part of a cohesive system. Building with a design system helps our users recognize and understand patterns throughout our products. Having a consistent, high-quality front-end experience makes our software easier to use and gives users more reason to trust our products.

We also want to be able to build and learn quickly. A design system gives engineers the building blocks they need to assemble pages and features at a quick pace, taking some of the more repeatable, tedious UI work out of their hands.

The reason for building Arrow as a standalone repository is that it creates a definitive line of separation between the product (owned by Product Managers and Engineering) and the design system (owned by Product Designers and UX Engineers). Product Managers and Engineering primarily control the direction of our user-facing product while Product Designers and UX Engineers control the direction of Arrow. By treating the design system as a separate, standalone service, we are able to properly invest in it independently of product feature requests.

Side note: If you aren’t sure what a UX Engineer is, check out our 

Arrow DS is a big library with a lot of moving parts. Aptible’s UX Engineering team leveraged many different frameworks, tools, and libraries to construct version 1.0. Here are a few of the most important.

 listed React.js as the second most popular web framework. It has widespread adoption, is great for single-page applications, and has an excellent ecosystem of libraries and other tooling to help us build our products.

 is a CSS framework that comes with lots of utility classes that can be leveraged in Arrow’s CSS (using the `@apply` directive with PostCSS) or used directly on elements. These utility classes are generated from a configuration file within Arrow that we can customize. For example, the class `m-2` will add a margin level 2 (which we currently have defined as `8px`) to the element. Most styling in our front-end applications can be done with these utility classes, resulting in very little actual CSS being written outside of Arrow.

 is an open-source tool for developing components outside of any application. It also serves as a documentation platform with the 

. Storybook is a dev dependency of our core `arrow-ds` repository and is automatically published with every new release. Check out our published 

 is a library we use to fully automate our Arrow DS releases. Each commit to `arrow-ds` is labeled with the type of changes contained within. Some examples are “fix” for a bug fix, “feat” for a new feature, and “chore” for changes related to the build process. A full list of the types of commits can be found within 

 (which Semantic Release uses by default). When changes are merged to the master branch, Semantic Release looks at what types of changes are involved, determines what type of release to make (major, minor, patch, if any at all), and puts the new version of our package onto 

 is a tool that gives UX Engineers the ability to link the arrow-ds package to another repository locally. This is helpful for testing new features before publishing a new version of the `arrow-ds` library.

The Drawer component is one of our most complex components. It slides a menu of filters in and out of the viewport from the edge of the page while pushing over existing page content (usually a Table with as many as 250 rows), and it has to do this as close to 60 frames per second as possible. Before digging into some of the details, 

The biggest challenge with this component was achieving high animation performance. As you can see from the demo, there’s a lot going on as the Drawer slides in from the left side of the page. The TopBar component above the Table shrinks to accommodate the Drawer, but the Table does not. Animating the width of a complex component like a Table isn’t possible without significant performance issues. This is because the browser is having to repaint the entire Table with each animation frame, and the machine just can’t keep up, leading to low animation frames per second (FPS).

Blog

What’s New With Aptible: September 2022

Optimize your resource usage with Container Profiles and Enforced Resource Allocation

5 Ways to Reduce Costs and Optimize Spend on Aptible

You need a security-focused platform

Heroku to Aptible Migration Guide

Improve Your Security Posture and Pass Audits with Aptible's New Compliance Visibility Dashboard

Greater focus on Deploy as Comply becomes Conveyor

Announcing Log Drain Improvements for High-Performant, Reliable Delivery to External Destinations

Building Aptible’s Design System

Building a developer
platform is a thing of
the past.

Product

Resources

Support