This week we talk about our recent migration on Amazon Web Services completely over to their newer VPC service, as we recently announced.
1:07 CodePen runs on servers, as all websites do. We chose AWS very early on. You've probably heard us talk about it on previous episodes.
1:47 We started working with AWS a couple years ago, mainly because they were the dominant player in the server space. They're really good, and they keep getting better and better. They are relentless with their updates.
2:48 100% of our servers are on AWS. When we started, we got set up on EC2, which is now considered "classic". Amazon is in the process of trying to move people off of EC2 servers and onto their new service, VPC (Virtual Private Cloud).
Amazon launched VPC a couple months after we joined, but we ignored it at the time because it seemed really advanced and complicated (it still is).
Recently, there were some changes that made it important for us to get on board with the new service, which is called VPC. If you join AWS today and you aren't paying attention, you'll get setup with VPC by default.
We spent a bunch of time porting our "classic" EC2 setup over to VPC.
Moving Over to VPC
4:48 We were planning on moving our setup over one piece at a time, but ended up just doing it all at once.
7:24 This was the biggest migration we've ever had to run in the history of CodePen. So what was in it for us?
There are some benefits to moving to VPC:
- Internal DNS
- Inbound and outbound security groups (you can treat VPC more like a traditional network, and have firewall rules)
- You can move around the network interfaces (move the interface from one machine to another)
- Cheaper boxes (cost was a big thing for us)
- VPN connectivity
From a security standpoint, the VPN service allows us to use 2 factor authentication for deployment. In the worst case situation, where a computer gets stolen and the 1Password vault is hacked, we'd still be safe because of 2 factor authentication. This extra security is hugely valuable for us.
11:10 We knew we were going to be making the move away from EC2, and we're going to save around $9000 this year moving over to VPC. So that's a big deal, and makes the transition worth the time.
12:19 This comes up in support nearly every week; someone writes some code in a Pen that could be dangerous, and so we have to cut certain keywords to prevent exploits. We're hoping to someday be running preprocessors in a secure way that allows us to avoid these exploits.
Relational Database Services
We've also got some really nice database updates coming soon to create new front-end features that we wouldn't be able to do otherwise. More than anything, making the switch to RDS will keep Tim from getting more gray hairs.
Big Move, but Not the Last
17:20 This move was a big change for us. We currently have 19 servers powering CodePen. Tim created an network diagramming app if you want to see a visual representation of our servers.
This move puts us in a better place, and it for sure upped Tim's skills.
We were lucky that Tim didn't have to re-write all the deployment code, we were able to re-use most of it, since Amazon allows you to create a snapshot of your server and clone a new one.
Support Contracts with AWS
20:40 Amazon offers telephone support for AWS, and it's surprisingly good. You pay 10% of your monthly bill, and you have to wait for up to an hour, but the help Tim got with his server was great.
If you're enjoying this show, please take a minute to leave us a review in iTunes. We really appreciate it, and thanks to everyone who has already left a review!