Home

Awesome

The power of Kubernetes with the ease of Heroku!

<meta name="author" content="Justin Gordon and Sergey Tarasov" /> <meta name="description" content="Instructions on how to migrate from Heroku to Control Plane and a CLI called cpflow to make it easier." /> <meta name="copyright" content="ShakaCode, 2023" /> <meta name="keywords" content="Control Plane, Heroku, Kubernetes, K8, Infrastructure" /> <meta name="google-site-verification" content="dIV4nMplcYl6YOKOaZMqgvdKXhLJ4cdYY6pS6e_YrPU" />

RSpec Rubocop

Gem

Enable the Heroku Flow deployment model with Control Plane using the cpflow gem.


If you need a free demo account for Control Plane (no CC required), you can contact Justin Gordon, CEO of ShakaCode.


Be sure to see the demo app If you would like to see the simple YAML configuration and setup, Also, check how the cpflow gem (this project) is used in the Github actions. Here is a brief video overview.


This playbook shows how to move "Heroku apps" to "Control Plane workloads" via an open-source cpflow CLI on top of Control Plane's cpln CLI.

Heroku provides a UX and CLI that enables easy publishing of Ruby on Rails and other apps. This ease of use comes via many "Heroku" abstractions and naming conventions.

Control Plane, on the other hand, gives you access to raw cloud computing power. However, you need to know precisely how to use it.

To simplify migration to and usage of Control Plane for Heroku users, this repository provides a concept mapping and a helper CLI based on templates to save lots of day-to-day typing (and human errors).

  1. Key Features
  2. Concept Mapping
  3. Installation
  4. Steps to Migrate
  5. Configuration Files
  6. Workflow
  7. Environment
  8. Database
  9. In-memory Databases
  10. Scheduled Jobs
  11. CLI Commands Reference
  12. Mapping of Heroku Commands to cpflow and cpln
  13. Examples
  14. Migrating Postgres Database from Heroku Infrastructure
  15. Migrating Redis Database from Heroku Infrastructure
  16. Tips

Key Features

Concept Mapping

On Heroku, everything runs as an app, which means an entity that:

On Control Plane, we can map a Heroku app to a GVC (Global Virtual Cloud). Such a cloud consists of workloads, which can be anything that can run as a container.

HerokuControl Plane
appGVC (Global Virtual Cloud)
dynoworkload
add-oneither a workload or an external resource
review appGVC (app) in staging organization
staging envGVC (app) in staging organization
production envGVC (app) in production organization

On Heroku, dyno types are specified in the Procfile and configured via the CLI/UI; add-ons are configured only via the CLI/UI.

On Control Plane, workloads are created either by templates (preferred way) or via the CLI/UI.

For the typical Rails app, this means:

FunctionExamplesOn HerokuOn Control Plane
web trafficrails, sinatraweb dynoworkload with app image
background jobssidekiq, resqueworker dynoworkload with app image
dbpostgres, mysqladd-onexternal provider or can be set up for development/testing with Docker image (lacks persistence between restarts)
in-memory dbredis, memcachedadd-onexternal provider or can be set up for development/testing with Docker image (lacks persistence between restarts)
othersmailtrapadd-onexternal provider or can be set up for development/testing with Docker image (lacks persistence between restarts)

Installation

  1. Ensure your Control Plane account is set up. Set up an organization <your-org> for testing in that account and modify the value for aliases.common.cpln_org in .controlplane/controlplane.yml, or you can also set it with the CPLN_ORG environment variable. If you need an organization, please contact Shakacode.

  2. Install Node.js (required for Control Plane CLI).

  3. Install Ruby (required for these helpers).

  4. Install Control Plane CLI, and configure access (docs here).

# Install CLI
npm install -g @controlplane/cli

# Configure access
cpln login

# Update CLI
npm update -g @controlplane/cli
  1. Run cpln image docker-login --org <your-org> to ensure that you have access to the Control Plane Docker registry.

  2. Install Control Plane Flow cpflow CLI as a Ruby gem: gem install cpflow. If you want to use cpflow from Rake tasks in a Rails project, use Bundler.with_unbundled_env { cpflow help} or else you'll get an error thatcpflowcannot be found. While you can addcpflow` to your Gemfile, it's not recommended because it might trigger conflicts with other gems.

  3. You can use this Dockerfile as an example for your project. Ensure that you have Docker running.

Note: Do not confuse the cpflow CLI with the cpln CLI. The cpflow CLI is the Control Plane Flow playbook CLI. The cpln CLI is the Control Plane CLI.

Steps to Migrate

Click here to see the steps to migrate.

Configuration Files

The cpflow gem is based on several configuration files within a /.controlplane top-level directory in your project.

.controlplane/
├─ templates/
│  ├─ app.yml
│  ├─ postgres.yml
│  ├─ rails.yml
├─ controlplane.yml
├─ Dockerfile
├─ entrypoint.sh
  1. controlplane.yml describes the overall application. Be sure to have <your-org> as the value for aliases.common.cpln_org, or set it with the CPLN_ORG environment variable.
  2. Dockerfile builds the production application. entrypoint.sh is an example entrypoint script for the production application, referenced in your Dockerfile.
  3. templates directory contains the templates for the various workloads, such as rails.yml and postgres.yml.
  4. templates/app.yml defines your project's GVC (like a Heroku app). More importantly, it contains ENV values for the app.
  5. templates/rails.yml defines your Rails workload. It may inherit ENV values from the parent GVC, which is populated from the templates/app.yml. This file also configures scaling, sizing, firewalls, and other workload-specific values.
  6. For other workloads (like lines in a Heroku Procfile), you create additional template files. For example, you can base a templates/sidekiq.yml on the templates/rails.yml file.
  7. You can have other files in the templates directory, such as redis.yml and postgres.yml, which could setup Redis and Postgres for a testing application.

Here's a complete example of all supported config keys explained for the controlplane.yml file:

controlplane.yml

# Keys beginning with "cpln_" correspond to your settings in Control Plane.

# Global settings that apply to `cpflow` usage.
# You can opt out of allowing the use of CPLN_ORG and CPLN_APP env vars
# to avoid any accidents with the wrong org / app.
allow_org_override_by_env: true
allow_app_override_by_env: true

aliases:
  common: &common
    # Organization for staging and QA apps is typically set as an alias.
    # Production apps will use a different organization, specified in `apps`, for security.
    # Change this value to your organization name
    # or set the CPLN_ORG env var and it will override this for all `cpflow` commands
    # (provided that `allow_org_override_by_env` is set to `true`).
    cpln_org: my-org-staging

    # Control Plane offers the ability to use multiple locations.
    # default_location is used for commands that require a location
    # including `ps`, `run`, `apply-template`.
    # This can be overridden with option --location=<location> and
    # CPLN_LOCATION environment variable.
    default_location: aws-us-east-2

    # Allows running the command `cpflow setup-app`
    # instead of `cpflow apply-template app redis postgres memcached rails sidekiq`.
    #
    # Note:
    # 1. These names correspond to files in the `./controlplane/templates` directory.
    # 2. Each file can contain many objects, such as in the case of templates that create a resource, like `postgres`.
    # 3. While the naming often corresponds to a workload or other object name, the naming is arbitrary. 
    #    Naming does not need to match anything other than the file name without the `.yml` extension.
    setup_app_templates:
      - app
      - redis
      - postgres
      - memcached
      - rails
      - sidekiq

    # Skips secrets setup when running `cpflow setup-app`.
    skip_secrets_setup: true

    # Only needed if using a custom secrets name.
    # The default is '{APP_PREFIX}-secrets'. For example:
    # - for an app 'my-app-staging' with `match_if_app_name_starts_with` set to `false`,
    #   it would be 'my-app-staging-secrets'
    # - for an app 'my-app-review-1234' with `match_if_app_name_starts_with` set to `true`,
    #   it would be 'my-app-review-secrets'
    secrets_name: my-secrets

    # Only needed if using a custom secrets policy name.
    # The default is '{APP_SECRETS}-policy'. For example:
    # - for an app 'my-app-staging' with `match_if_app_name_starts_with` set to `false`,
    #   it would be 'my-app-staging-secrets-policy'
    # - for an app 'my-app-review-1234' with `match_if_app_name_starts_with` set to `true`,
    #   it would be 'my-app-review-secrets-policy'
    secrets_policy_name: my-secrets-policy

    # Configure the workload name used as a template for one-off scripts, like a Heroku one-off dyno.
    one_off_workload: rails

    # Workloads that are for the application itself and are using application Docker images.
    # These are updated with the new image when running the `deploy-image` command,
    # and are also used by the `info` and `ps:` commands in order to get all of the defined workloads.
    # On the other hand, if you have a workload for Redis, that would NOT use the application Docker image
    # and not be listed here.
    app_workloads:
      - rails
      - sidekiq

    # Additional "service type" workloads, using non-application Docker images.
    # These are only used by the `info` and `ps:` commands in order to get all of the defined workloads.
    additional_workloads:
      - redis
      - postgres
      - memcached

    # Configure the workload name used when maintenance mode is on (defaults to "maintenance").
    maintenance_workload: maintenance

    # Fixes the remote terminal size to match the local terminal size
    # when running `cpflow run`.
    fix_terminal_size: true

    # Sets a default CPU size for `cpflow run` jobs (can be overridden per job through `--cpu`).
    # If not specified, defaults to "1" (1 core).
    runner_job_default_cpu: "2"

    # Sets a default memory size for `cpflow run` jobs (can be overridden per job through `--memory`).
    # If not specified, defaults to "2Gi" (2 gibibytes).
    runner_job_default_memory: "4Gi"

    # Sets the maximum number of seconds that `cpflow run` jobs can execute before being stopped.
    # If not specified, defaults to 21600 (6 hours).
    runner_job_timeout: 1000

    # Apps with a deployed image created before this amount of days will be listed for deletion
    # when running the command `cpflow cleanup-stale-apps`.
    stale_app_image_deployed_days: 5

    # Images that exceed this quantity will be listed for deletion
    # when running the command `cpflow cleanup-images`.
    image_retention_max_qty: 20

    # Images created before this amount of days will be listed for deletion
    # when running the command `cpflow cleanup-images` (`image_retention_max_qty` takes precedence).
    image_retention_days: 5

apps:
  my-app-staging:
    # Use the values from the common section above.
    <<: *common

  my-app-review:
    <<: *common

    # If `match_if_app_name_starts_with` is `true`, then use this config for app names starting with this name,
    # e.g., "my-app-review-pr123", "my-app-review-anything-goes", etc.
    match_if_app_name_starts_with: true

    # Hooks can be either a script path that exists in the app image or a command.
    # They're run in the context of `cpflow run` with the latest image.
    hooks:
      # Used by the command `cpflow setup-app` to run a hook after creating the app.
      post_creation: bundle exec rake db:prepare

      # Used by the command `cpflow delete` to run a hook before deleting the app.
      pre_deletion: bundle exec rake db:drop

  my-app-production:
    <<: *common

    # You can also opt out of allowing the use of CPLN_ORG and CPLN_APP env vars per app.
    # It's recommended to leave this off for production, to avoid any accidents.
    allow_org_override_by_env: false
    allow_app_override_by_env: false

    # Use a different organization for production.
    cpln_org: my-org-production

    # Allows running the command `cpflow promote-app-from-upstream -a my-app-production`
    # to promote the staging app to production.
    upstream: my-app-staging

    # Used by the command `cpflow promote-app-from-upstream` to run a release script before deploying.
    # This is relative to the `.controlplane/` directory.
    release_script: release_script

    # default_domain is used for commands that require a domain
    # including `maintenance`, `maintenance:on`, `maintenance:off`.
    default_domain: domain.com

  my-app-other:
    <<: *common

    # You can specify a different `Dockerfile` relative to the `.controlplane/` directory (defaults to "Dockerfile").
    dockerfile: ../some_other/Dockerfile

Workflow

For a live example, see the react-webpack-rails-tutorial repository.

This example should closely match the below example.

Suppose your app is called tutorial-app. You can run the following commands.

Setup Commands

# Provision all infrastructure on Control Plane.
# `tutorial-app` will be created per definition in .controlplane/controlplane.yml.
cpflow apply-template app postgres redis rails daily-task -a tutorial-app

# Build and push the Docker image to the Control Plane repository.
# Note, it may take many minutes. Be patient.
# Check for error messages, such as forgetting to run `cpln image docker-login --org <your-org>`.
cpflow build-image -a tutorial-app

# Promote the image to the app after running the `cpflow build-image` command.
# Note, the UX of the images may not show the image for up to 5 minutes. However, it's ready.
cpflow deploy-image -a tutorial-app

# See how the app is starting up.
cpflow logs -a tutorial-app

# Open the app in browser (once it has started up).
cpflow open -a tutorial-app

Promoting Code Updates

After committing code, you will update your deployment of tutorial-app with the following commands:

# Build and push a new image with sequential image tagging, e.g. 'tutorial-app:1', then 'tutorial-app:2', etc.
cpflow build-image -a tutorial-app

# Run database migrations (or other release tasks) with the latest image,
# while the app is still running on the previous image.
# This is analogous to the release phase.
cpflow run -a tutorial-app --image latest -- rails db:migrate

# Pomote the latest image to the app.
cpflow deploy-image -a tutorial-app

If you needed to push a new image with a specific commit SHA, you can run the following command:

# Build and push with sequential image tagging and commit SHA, e.g. 'tutorial-app:123_ABCD', etc.
cpflow build-image -a tutorial-app --commit ABCD

Real World

Most companies will configure their CI system to handle the above steps. Please contact Shakacode for examples of how to do this.

You can also join our Slack channel for ShakaCode open source projects.

Environment

There are two main places where we can set up environment variables in Control Plane:

Generally, gvc/env vars are useful for "app" types of workloads, e.g., rails, sidekiq, as they can easily share common configs (the same way as on a Heroku app). They are not needed for non-app workloads, e.g., redis, memcached.

It is ok to keep most of the environment variables for non-production environments in the app templates as, in general, they are not secret and can be committed to the repository.

It is also possible to set up a Secret store (of type Dictionary), which we can reference as, e.g., cpln://secret/MY_SECRET_STORE_NAME/MY_SECRET_VAR_NAME. In such a case, we must set up an app Identity and proper Policy to access the secret.

In templates/app.yml:

spec:
  env:
    - name: MY_GLOBAL_VAR
      value: "value"
    - name: MY_SECRET_GLOBAL_VAR
      value: "cpln://secret/MY_SECRET_STORE_NAME/MY_SECRET_GLOBAL_VAR"

In templates/rails.yml:

spec:
  containers:
    - name: rails
      env:
        - name: MY_LOCAL_VAR
          value: "value"
        - name: MY_SECRET_LOCAL_VAR
          value: "cpln://secret/MY_SECRET_STORE_NAME/MY_SECRET_LOCAL_VAR"
      inheritEnv: true # To enable global env inheritance.

Database

There are several options for a database setup on Control Plane:

Tip: If you are using RDS for development/testing purposes, you might consider running such a database publicly accessible (Heroku actually does that for all of its Postgres databases unless they are within private spaces). Then we can connect to such a database from everywhere with only the correct username/password.

By default, we have structured our templates to accomplish this with only a single free tier or low tier AWS RDS instance that can serve all your development/testing needs for small/medium applications, e.g., as follows:

aws-rds-single-pg-instance
  mydb-staging
  mydb-review-111
  mydb-review-222
  mydb-review-333

Additionally, we provide a default postgres template in this repository optimized for Control Plane and suitable for development purposes.

In-memory Databases

E.g., Redis, Memcached.

For development purposes, it's useful to set those up as Control Plane workloads, as in most cases, they don't keep any valuable data and can be safely restarted, which doesn't affect application performance.

For production purposes or where restarts are not an option, you should use external cloud services.

We provide default redis and memcached templates in this repository optimized for Control Plane and suitable for development purposes.

Scheduled Jobs

Control Plane supports scheduled jobs via cron workloads.

Here's a partial example of a template for a cron workload, using the app image:

kind: workload
name: daily-task
spec:
  type: cron
  job:
    # Run daily job at 2am.
    schedule: "0 2 * * *"
    # "Never" or "OnFailure"
    restartPolicy: Never
  containers:
    - name: daily-task
      args:
        - bundle
        - exec
        - rails
        - db:prepare
      image: "/org/APP_ORG/image/APP_IMAGE"

A complete example can be found at templates/daily-task.yml, optimized for Control Plane and suitable for development purposes.

You can create the cron workload by adding the template for it to the .controlplane/templates/ directory and running cpflow apply-template my-template -a my-app, where my-template is the name of the template file (e.g., my-template.yml).

Then to view the logs of the cron workload, you can run cpflow logs -a my-app -w my-template.

CLI Commands Reference

Click here to see the commands.

You can also run the following command:

cpflow --help

Mapping of Heroku Commands to cpflow and cpln

Heroku Commandcpflow or cpln
heroku pscpflow ps
heroku config?
heroku maintenancecpflow maintenance
heroku logscpflow logs
heroku pg?
heroku pipelines:promotecpflow promote-app-from-upstream
heroku psql?
heroku redis?
heroku releases?

Examples

Resources