I need to connect to an API with my Heroku/Rails app where I need to have a static IP.
I know about the add-on proximo - https://devcenter.heroku.com/articles/proximo - but it is insanely priced, so that's out of the question.
Most people in my situation ends up deploying to EC2 instead and using a an Elastic IP as their static IP. I've also tried this and it works, but I find the whole flow of playing around with EC2 really cumbersome.
I've read in some answers that it is possible to set up an EC2 server and use it as a proxy for your Heroku/Rails app - Heroku Static IP for SFTP - but it sounds very cryptic for a person who is not very server-savvy.
Can someone give a step-to-step tutorial on how to set up your Heroku/Rails app to use your EC2 instance as a proxy?
In short: I would just switch to AWS. There is a little bit of a learning curve but it's not too difficult. Here is a presentation I gave on it geared toward front-end devs:
https://speakerdeck.com/krunkosaurus/intro-to-scaling-your-web-app-on-the-cloud-with-aws-for-frontend-developers-part-1
Amazon has 9 regions each with 3-5 "Availability Zones". I know that Heroku uses AWS but am not sure if you get to decide (or know) which AWS region and AZ your actual server is hosted.
Whatever it is, you should host your proxy server in the same Region (better yet, even the same Availability Zone). Setting up an EC2 there is easy just use the web console and be sure to give it an Elastic IP so the adress doesn't ever change. Then point your DNS away from your Heroku instance (dyno?) to this EC2 instance. From there you can either install Nginx or HAProxy.
I've just setup QuotaGuard Static as a more robust, better value static IP service that can be used by Heroku apps.
It's hosted on EC2 so you get the low latency benefits without having to start managing servers.
Hello you can use this answer to see how to use NGINX as a reverse proxy.
https://stackoverflow.com/a/27874505/1345865
http://blog.talenox.com/post/107675614745/how-to-setup-static-ip-on-heroku
Fixie is very affordable option for getting static IP address on Heroku. The documentation section has a lot of examples for different languages and frameworks, including Ruby.
Related
We currently have an RoR app hosted at Heroku, with an AWS RDS backend. Currently, the RDS instance is available to all inbound traffic. To only allow traffic from my Heroku app, can I whitelist the applicable IP blocks here:
https://ip-ranges.amazonaws.com/ip-ranges.json
...or is an add-on like Proximo or QuotaGuard my only option?
Additionally, are there security concerns for having an RDS instance available to all incoming traffic, given that the RDS instance is password protected?
As Jarmod’s comment suggests, it’s not advised to expose your database to the world, even if it’s password protected and the communication is encrypted. It’s not that your data is entirely exposed, but when dealing with sensitive information, it’s advised to control who can request access to the data in addition to the user/password authorization.
Unfortunately, when you run on Heroku you don’t have too many options. Even Heroku’s own Postgresql database is publically accessible if you know it’s url/endpoint.
If you want to improve security, you’ve two options:
1) Use an outbound proxy addon
As you suggested, you can use a proxy addon such as Proximo or Fixie and configure AWS security groups to only accepts connections from the proxy's static IPs.
I’ve detailed the downsides of this approach in my reply to: “How to properly determine Amazon AWS Heroku subnets?”
2) Migrate your application from Heroku to AWS
Depending on your company size and product maturity, it might be a good idea to consider a migration from Heroku to AWS.
When your application’s stack is run entirely from within AWS, you’ll have much more control over security and can decide how far you want to go to protect your data.
I helped a few clients with similar migrations and security was one of the top 3 reasons to migrate from Heroku to AWS.
Hope that helps.
I've been coding on iOS for awhile. I'm getting started to use AWS as a cloud backend to store my user's data for my iOS app as well as a server that can handle real time event in multiplayer mode. I understand that there are many services like Amazon Cognito that allows user login via public providers, Dynamo DB that provides noSQL storage, EC2 that help me create server instances. However, I'm really confuse on how I can actually get started.
Here's some stuff that I really need help on:
I don't really want to use public providers like facebook for my users to sign in/sign up. I'd really prefer it if there could be relational database that is similar to how I cache data on local sqlite files using core data.
And I also need some help on getting my ID tokens for those services if I choose not to use cognito, or must I?
I would really appreciate it if you guys can give me some clues on how I can get started on these. Thank you so much! :D
Depending on how you expect your app to evolve there are several approaches you can take.
Option 1: Minimal scalability / low cost
All you really need is a single free EC2 micro instance. On the instance you can build a full LAMP stack in seconds. Once you have built it you can start writing an application to handle your app in your preferred language. Ruby is a la mode but any language will work. Your database will be stored on the actual instance. If you go with this route, one thing you should do is use an elastic IP address so that if your server ever goes down you can point the elastic IP to another instance. You should also periodically backup your server.
Option 2: Maximum scalability / variable cost
Use RDS to store your database. This will mean that any EC2 instance will be able to reach your data so you can have an unlimited number of servers. Then build an EC2 instance just like in option 1 but point your application to the RDS instance. Use a load balancer in front of your EC2 instance to scale up in response to changes in utilisation. And the elastic IP address should point to the load balancer.
Building a LAMP stack on EC2
Open the EC2 console
Select launch instance
Pick the Linux AMI offered by Amazon and a micro instance
Create a .pem key (keep is safe on your system or you will not be able to access your instance)
Select the default security group
Open your terminal window and type: ssh -i path_to_pem ec2-user#your_instance_public_address
In the EC2 instance type sudo yum update
Then type sudo yum install httpd24 php55 php55-mysqlnd mysql55
sudo apachectl start
You now can navigate to the public address of your instance in safari and assuming I did not forget any steps you should see the apache welcome page.
So I host with company X and have my domain on there. I deployed my app to heroku and pointed my domain at it. I can't wrap my head around if I am hosting my site on heroku now or if I am hosting it on company X's servers.
I would assume I'm hosting on herokus server because that is the most logical, but just keep having this brainfart.
Could someone please explain this to me?
Your application is on Heroku's server. All company X has done is perform the DNS magic necessary to map the friendly URL (www.yoursite.com) to your Heroku deployment.
Amazon
You should also be aware that Heroku doesn't actually "store" the app on its own servers - it uses Amazon's ec2 cloud to create instances of your app
So although you have your domain with company X, your app handled through heroku, it will actually be running in one of Amazon's data centers
Keep that in mind when you start to grow (you may find benefits of using Amazon directly)
Hi I have successfully deployed my app to amazon aws using this railscast
http://railscasts.com/episodes/347-rubber-and-amazon-ec2
my app shows up here on this url http://web01.foo.com/
on my local machine only.
I am slightly confused, if I deployed it why can't other people see it. How do you make it live for all to see?
if anyone is familiar with this rails cast please enlighten me, I am still trying to learn about the architectures of amazon aws hosting.
Thank You
Judy
Rubber automatically sets up your /etc/hosts file for you. In order to make it publicly viewable you need to have the DNS servers point to that address in your /etc/hosts file.
So basically, go to your DNS host provider, and add an entry that points the domain name you own to the ip address of web01.foo.com and it should load okay.
In your amazon EC2 dashboard click on the instance. You will get the public domian of your server. Use PUBLIC domain not private one
I have just deployed my Grails app on public cloudfoundry(myApp.cloudfoundry.me) and i need my domain to point to it. How is this accomplished? or what are the alternatives?
Problem: deploy Grails app via cloudfoundry on cloud with my own domain name instead something.cloudfoundry.me
Resources: i have a virtual server Ubuntu with static public IP available.
Goal: have a way to deploy many of my apps each with their own domain names
If you don't mind sharing how you do it today and, perhaps, if you can reference tutorial that would be very helpful
Thank You,
Cloud Foundry does not currently support custom domain mapping. However, this feature is high on the priority list and development is currently under way. If you do a search at Cloud Foundry Support
you will find a series of posting regarding this issue and some short term workarounds that could be helpful for you and your particular situation.
Thank you eightyoctan! I accepted your replay as answer, however. i wanted share what i end up doing to have my domain point to cloud foundry hosted app
Option 1. i used GoDaddies Forward+Masking to push app on myapp.cloudfoundry.com and then forward+masking on godaddy to have mydomain.com point my app on cloudfoundry....i am sure i am penalized from SEO aspect to some extent but it works so far
Option 2. I also believe the same goal - have my custom domain point to cloud foundry app via Elastic Ip of EC2 as described in the following blog:
http://www.cloudsoftcorp.com/blog/first-steps-with-cloud-foundry-on-amazon-ec2/
Or use Stakato with EC2 that runs on top of cloud foundry from what i can tell. For more:
http://docs.stackato.com/server/ec2.html#vm-ec2
Either way, I hope cloud foundry does get this feature soon so we don't have to make extra steps to accomplish this