-
Create solutions that bring maximum success and value under our expert product management guidance
Ensure your product idea viability and get the right market and development strategies to succeed
Get a product that directly addresses your customer needs and matches the goals of your business
Bring your customers an exceptional user experience and make your product stand out with our design
Get designs that amplify your product features with clear, intuitive, and sales-boosting user experience
Nurture customer loyalty, boost sales, and expand your market presence with a stand-out mobile app
Get higher customer satisfaction, more conversions, and better competitiveness with our UX audit
Create a custom software solution to unlimit your business capabilities
Start and grow your startup fast or effectively renovate your existing solution with our RoR experts
Extend your product line quicker and cheaper by creating a secure, reliable, and flexible API solution
Get expert technical assistance in building real-time React-based web applications and SPAs
Build a high-performing web application with our Vue.js development company.
Create robust native or cross-platform mobile apps for your business with our expert assistance
Get native-like mobile apps for both Android and iOS using the best cross-platform technologies
Create native iOS, iPadOS, and tvOS applications to cover any of the desired Apple user segments
Create 99.9% crash-free native Android applications for any available device and screen types
Ensure the top quality and bug-free performance of your products by fixing all issues at early stages
Consult our experts to build an efficient quality assurance strategy for your product
Enable full lifecycle software testing services to detect and fix all product issues at the earliest stage
Reveal all non-typical performance, security, and usability issues with our manual QA services
Boost your overall software development velocity with our robust automation testing solution
Ensure the usability, security, performance, compliance, and compatibility of your web apps
Provide your customers with mobile apps free from any usability, security, and performance issues
Use our functional testing services to ensure every product feature works as expected in all scenarios.
Ensure a seamless user experience across all digital environments with our compatibility testing services
Make technologies work for your business growth and choose the right ones to achieve specific goals
Improve app performance, setup continuous delivery, cut infrastructure costs with our DevOps services
Keep your product stably up, running and get timely feature upgrades with our maintenance services
Clean your software from code issues and uncover possible improvements to boost its performance
Ensure security of your healthcare products and achieve HIPAA compliance with our expert assistance -
Multi-Vendor Marketplace Online Store Custom Marketplace Telemedicine Software Chat App Custom Booking System Video Conferencing For Enterprise For Startups
Build a custom multi-vendor marketplace fast and cost-efficiently using our MarketAge solution
Launch a custom B2B marketplace for any type of products with MarketAge
Launch a unique, custom-functional B2C marketplace at minimum effort with MarketAge white-lable product
Reduce costs to build an easy-to-use and reliable C2C marketplace using our MarketAge solution
Create an online store with unique design and features at minimal cost using our MarketAge solution
Get a unique, scalable, and cost-effective online marketplace with minimum time to market
Get a cost-efficient, HIPAA-compliant telemedicine solution tailored to your facility's requirements
Get a customizable chat solution to connect users across multiple apps and platforms
Improve your business operations and expand to new markets with our appointment booking solution
Adjust our video conferencing solution for your business needs
Scale, automate, and improve business processes in your enterprise with our custom software solutions
Turn your startup ideas into viable, value-driven, and commercially successful software solutions -
Streamline and scale your e-commerce business with a custom platform tailored to your product segments
Automate, scale, secure your financial business or launch innovative Fintech products with our help
Cut paperwork, lower operating costs, and expand yout market with a custom e-learning platform
Upgrade your workflow, enter e-health market, and increase marketability with the right custom software -
Discover our software engineering culture, what principles we follow to make our clients succeed
Our BA office helps clients choose the right development strategy and get maximum value at minimum risk
Find out how we manage development risks, ensure on-time delivery, and prevent budget overruns
We create clear, intuitive, and functional designs to solve specific business problems of our clients
See what techniques and principles we follow to engineer top-tier software products at RubyGarage
See how our QA office ensures zero usability and functional issues in every product we deliver to clients
Discover more of RubyGarage’s culture, values, and strengths
Develop your product in a clear workflow aimed to save your time and budget and boost the quality
Join our team to build a successful career in software development. See open positions at RubyGarage - Case Studies
- Blog
The Ultimate Guide to Configuring a Rails App on Amazon EC2 with Chef: Part 3
This article ends a series of posts we wrote about configuring Rails apps with the Chef automation platform and Amazon EC2. Gained knowledge in previous parts, we’ll finish writing cookbooks and secure our server. We’ll also go through the whole process of deployment of the Spree application on Ruby on Rails to EC2 instance we set up earlier.
Security setup
At this stage, you need to secure your app by installing and configuring OpenSSH.
OpenSSH
To enable authentication via SSH, install OpenSSH using the openssh cookbook.
Add the necessary dependencies in the Berksfile.
Create a cookbook.
Set the metadata for the cookbook.
Create default attributes for the cookbook.
Cancel authentication with the password_authentication password and disable print_motd, which determines whether the SSH daemon should print the contents of the /etc/motd file when the user logs on to the server.
Create a default recipe for the cookbook.
Then you need to connect an external cookbook to install Redis.
Finally, add all these cookbooks to the security role.
In roles/security.rb
Also add the security role to the run list of the YOUR_IP_ADDRESS.json node.
Managing and monitoring system processes
At this stage, you need to monitor the state of the processes for the following installed software:
- PostgreSQL
- Redis
- Nginx
- Puma
To monitor the state of these processes, use Monit. To install and configure Monit, use chef-monit.
Add the necessary dependencies in the Berksfile.
Create a cookbook.
Set the metadata for the cookbook.
To make it more convenient to support app attributes in future, move the Monit username and password attributes to app-attributes:
Replace USERNAME and PASSWORD with your own values. Later (in the part about application deployment), we’ll show you a way to store this kind of information more securely using encrypted_data_bags.
Now create default attributes for the cookbook.
Define the following attributes:
Now you can write recipes and templates of the Monit configuration for the software listed above.
PostgreSQL
Let’s create a recipe to connect Monit to PostgreSQL.
Сonnect an external cookbook and a PostgreSQL template with configurations.
Then create a template.
Write the following:
Next, update the run list for the database role.
Redis
Create a recipe to connect Monit to Redis.
You need to connect an external cookbook and connect the Redis template to your configurations.
Create a template.
Add the following to this template:
Now, add this recipe to the web role.
Nginx
Let’s create a recipe to integrate Monit with Nginx.
Сonnect an external cookbook and integrate the Nginx template with configurations.
Now create a template.
In this template, write the following:
You also need to add this recipe, which has also been added to the web role.
Puma
Create a recipe to integrate Monit with Puma.
You need to connect an external cookbook and integrate the Puma template with configurations.
Next, create a template.
Write the following in this template:
Then add this recipe to the web role.
Deployment
Setup
We’ll look at how you can deploy an app using Chef in this section of our tutorial.
The basics
Let’s start from creating the app-deploy cookbook where you’ll describe the recipe for app deployment.
First, add dependencies to the metadata.
Use encrypted_data_bags to store confidential project information like the password from the database or keys from external services (AWS and others).
Why do we use encrypted_data_bags?
The main reason is security. With encrypted_data_bags, all data is stored in an encrypted form. So even if an attacker gets access to the repository with scripts, they won’t be able to use the confidential information.
To be able to use encrypted data bags, you need to create a file where the encryption and decryption keys will be stored. Use OpenSSL to generate the private key and put it in the file encrypted_data_bag_secret.
Warning!!! If you overwrite the existing encrypted_data_bag_secret file or delete it, you won’t be able to decrypt previously encrypted data.
In the terminal, run this command to create a key:
Warning!!! You shouldn’t store the created file in the repository. You should, however, share this file with your team members. Therefore, you need to add it to .gitignore.
Next, indicate the encrypted_data_bag_secret add-on for knife solo.
Using knife solo, create a configuration file for the dev environment with the private key.
In the text editor opened by terminal, enter the database credentials, secret application keys, and Monit credentials.
Once you’ve saved your data to /data_bags/configs/dev.json, you’ll see that this data is now encrypted.
You can edit data from encrypted data bags using the following command:
And you can read this data with this command:
Since your keys and credentials are now stored in an encrypted_data_bag, you can remove the explicit definition of Monit credentials from app-attributes.
Set up SSH
The application is in the private repository. Therefore, to shrink the project, use an SSH wrapper. To do this, you’ll need to have SSH keys which you’ll put in your cookbook.
If you don’t have an SSH key, you can generate one using the command below. You must not set a password on the private key as this password will block the chef-client during the launch of deployment scripts. You’ll also need to specify your email address instead of [email protected]il.com.
Then, create a directory – site-cookbooks/app-deploy/files – where you’ll put the private and public keys.
Afterward, put the keys in the created files.
Warning!!! You should add the site-cookbooks/app-deploy/files/default directory to .gitignore since no one should know your private key.
Next, create a default recipe where you’ll further describe the deployment process.
At the top of this file, define the variables you’ll be working with in the recipe:
Now we’ll start to describe the recipe for deploying the application.
The recipe will consist of several stages:
- Using SSH keys
- Creating shared directories
- Creating a database and Puma configuration
Using SSH keys
First, we’ll describe the usage of SSH keys:
Create shared directories
Create database and PUMA configurations
1. Database configuration
Let’s describe the use of the template with the configuration for database access.
Next we’ll create a template:
2. Application configurations
Here you need to describe the generation of the application.yml file where you’ll be storing the project environment variables.
3. Puma
Now you need to describe how to use the template with configurations:
You also need to create the template with the configuration:
4. Sidekiq configurations
First, describe how to use the template with the Sidekiq configuration:
Next, create a template with the configuration.
Deployment
Now we want to introduce the application deployment. Generally, deployment happens in four stages:
- Checkout ‒ The chef-client uses the Source Code Management (SCM) resource to get the specified application revision and places a clone or checkout in the subdirectory of the deploy directory named cached-copy. Then a copy of the application is placed in this subdirectory.
- Migrate ‒ If the migration is to be run, the chef-client symbolically links the database configuration file into the checkout (config/database.yml by default) and runs the migration command. For a Ruby on Rails application, migration_command is usually set to rake db: migrate.
- Symlink ‒ Directories for shared and temporary files are removed from the checkout (log, tmp/pids, and public/system by default). After that, you need to create any necessary directories (tmp, public, and config by default) if they don’t exist. At the end of this step, you symlink shared directories into the current release, public/system, tmp/pids, and log directories, and then symlink the release directory to current.
- Restart ‒ Restart the app using the restart command set in the recipe.
Here are the tasks for application deployment one by one:
Applying Configurations
Now you need to add the app-deploy cookbook to the deploy role to use this cookbook further in the node.
Describe basic information about the role and its run list.
Next, add this role to the general run list of the nodes/YOUR_IP_ADDRESS.json node.
Now you’re ready to apply the scripts you’ve written to launch the app on the server.
Install Chef and apply all configurations using the following command:
Once you’ve completed the deployment, the Spree application will be available through public DNS. In our example, the address is ec2-18-221-230-71.us-east-2.compute.amazonaws.com.
Now you can log on to the server via SSH as the deployer user:
In future, you can deploy the app to a remote machine with the following command:
On a global scale, Chef allows you to take advantage of dynamic infrastructure, easily start new servers, and safely dispose of servers when they’re replaced by newer configurations or when load decreases.
We hope this tutorial has been helpful for you. Share your experience using Chef in the comments below.
Authors:
Yaroslav B.
Ruby/JS Developer
Daryna P.
Copywriter
Dmytro H.
Backend Development Lead
Subscribe via email and know it all first!
