Heroku :
=========
Heroku is a cloud platform as a service (PaaS).
Heroku is used to build,deliver,monitor and scale applications.
Heroku supports multiple programming languages.
ex: Node.js,Ruby,Java,PHP,Python,Go,Scala,Clojure.
Heroku Architecture Components :
================================
1.Http Router
2.Dynos
3.Dyno Manager
4.API
5.Logplex
6.Add-ons
Http Router :
Router distributes inbound request for application across running dynos.
Dynos :
Dynos are isolated,Linux Containers.
Types of Dynos can be web, worker,or one-off.
Dyno Manager :
Dyno Manager responsible for orchestration of dynos
across all tenants running in a region.
Add-ons :
Add-ons aka Elements are tools and services for extending an app,stack
and workflow on the Heroku Platform.
Add-ons provide services for your apps such as databases,queueing & caching systems,
storage and email.
Logplex :
Logplex collates and routes the log streams generated by apps,Heroku Platform
components, and other backend services.
API :
API used to nteract with Heroku programmatically to perform tasks typically
only done via the Heroku CLI or Dashboard.
Heroku Architectre Components :
==============================
1.Dashboard
2.CLI
3.Postgres(database)
Dashboard :
Dashboard is the primary web UI for interacting with the Heroku platform.
CLI :
CLI is used to perform Heroku-related tasks from a terminal.
Postgres :
Postgres is a SQL database as a service used for hosting a database used by apps
running on Heroku.
Heroku Additional Components :
=============================
1.Regions
2.Config vars
3.Stacks
4.Procfile
5.Buildpacks
6.Slug
Regions :
Regions are geographic locations of Heroku datacenters.
Heroku currently has 7 regions (EU,US,Dublin,Frankfurt,Oregon,Sydney,Tokyo & Virginia).
Config Vars :
Config vars are environment variables for your app containing specific configurations for multiple
environments(i.e. dev,stage,prod).
Stacks :
A Stack is an operating system curated & Maintained by the Heroku ops teams.
Heroku supports two Stacks Heroku-16 & Heroku-18 these are Ubuntu(16.04/18.04)
or Container (Docker).
Slug :
A slug(tarball) is a compressed & Pre-packaged bundle of your app optimized &
ready for distribution to the dyno manager.
Buildpacks :
Buildpacks (bash script) that transform code into a slug to run on Dynos.
Buildpacks run scripts to prep for the correct language & setup any dependencies.
Procfile :
Procfile specify commands that are executed by an app on startup.
Note :
Heroku runs on op of AWS.
Heroku Runtime and Dynos :
==========================
Heroku Runtime :
Heroku provides a runtime that manages the execution and scale of your application.
it takes care of the following.
1.Provisioning & orchestrating Dynos
2.Manages & monitors lifecycle of Dynos
3.Provides network configuration
4.HTTP routing
5.Log Routing
Heroku has two types of Runtimes :
1.Common Runtime
2.Private Spaces Runtime
Common Runtime :
Dynos run in a single multitenant network per region.
Dynos are isolated from each other.
Private Spaces Runtime :
Each Private Space has its own network,routing layer & control plane
not sharing with other Dynos.
Runtime Types :
Runtime for an app has to be set at creation time.The default is Common Runtime.
To use Private Spaces Runtime you must :
1.Have the private space first.
2.Be a Team Administrator.
3.Create app in Heroku Dashboard or CLI.
Dyno Manager :
1.The Heroku Platform uses a container model to run and scale all apps on the platform.
2.Dyno Manager is the orchestration system for Heroku containers.
3.There is Dyno Manager per region for the Common Runtime.
4.Private Spaces Runtime has a Dyno Manager per space.
Dynos :
1.At the heart of the Heroku platform are containers.These containers are called Dynos.
2.Dynos are lightweight Linux based containers designed to run your app processes.
3.These Dyno containers are virtualized and isolated.
Dynos Configurations :
Dynos have 3 flavors
1.Web
2.Worker
3.One-off
Web :
Dynos are defined in the Procfile.Web dynos are designed to accept HTTP/HTTPS traffic.
Worker :
Worker dynos are used for any process you declare typically background jobs,queueing systems & timed jobs.
You can have worker dynos for short-running jobs & for long-running jobs.
One-off :
One-off dynos are often used to handle administrative tasks.
These dynos can run detached and with their input/output in your local
terminal.These dynos are typically temporary.
Dyno Types :
============
Heroku has a variety of Dyno Types.Memory,CPU share, and other differentiating characteristics
for each Common Runtime dyno type are listed below.
FREE
HOBBY
STANDARD-1X
STANDARD-2X
PERFORMANCE-M
PERFORMANCE-L
Dyno Networking :
1.Common Runtime has network isolation via firewalls on dynos.
This stops unwanted communication from one dyno to another.
2.Dynos by default allow incoming web traffic via the Heroku router.
They listen on a specific port.The port is set via $PORT environment variable.
3.Worker & one-off dynos are not able to receive inbound traffic.
4.For Dynos in the common Runtime you are not able to control the originating IP address.
Docker Images on Heroku Runtime :
================================
You can deploy your app in two ways on Heroku:
1.Heroku Container Registry
(registry.heroku.com) allows you to deploy pre-built Docker images to Heroku.
2.Building Docker Images with heroku.yml file
Heroku Data Services :
======================
Majority of apps today are data-driven needing access to data on the backend.
Heroku has several managed data services to support this need.
1.Heroku Postgres
PostgreSQL is general urpose an Open-source relational database management system with a reputation
of a solid proven architecture ,reliability,data integrity and robust feature set.
2.Heroku Redis
Redis is an open source,in-memory data structure store.
It is used for database caching and message brokering.
3.Apache Kafka on Heroku
Kafka is an open-source stream-processing platform that can handle up to trillions of mesaging events per day.
Heroku Enterprise :
===================
Heroku Enterprise brings governance & Management Abilities on top of the Heroku Platform
and developer experience to support large scale app needs.
1.Enterprise Accounts & Teams for collaboration and team management.
2.Enterprise Team app Permissions & Single Sign-on (SSO).
3.Heroku Connect for Salesforce integration.
4.Access to Private Spaces when dedicated environment is needed.
5.Access to Shield Private Spaces when compliance is needed.
Types of Heroku Accounts :
=========================
1.Heroku Hobby
2.Heroku Producton
3.Heroku Advanced
4.Heroku Enterprise
Heroku Hobby :
Free & good for personal projects,Poc's and MVP's.
1.Deploy with Git and Docker.
2.Custom domains
3.Container orchestration.
4.Automatic Os patching.
Heroku Production :
Good for smalller customer-facing apps or API's.
1.Include all Hobby features.
2.Simple horizontal scalability.
3.App metrics and threshold alerts.
4.Preboot and zero downtime deploys.
5.Unlimited background workers.
Heroku Advanced :
Good for mid-sized apps that are mission critical and have complex functionality needs.
1.Include all Standard features.
2.Predictable performance for your highest traffic applications.
3.Dedicated resources.
4.Autoscaling
5.Can mix with Standard dynos.
Heroku Enterprise :
Good for large-scale organizations & apps with enterprise level needs.
Private
1.Network isolation.
2.Dedicated runtime environment.
3.Private network and data services.
Shield
1.Dedicated environment for high compliance apps.
2.PCI,HIPAA,ISO compliance.
3.Keystroke logging.
4.Space level log drains.
5.Strict TLS enforcement.
Heroku Private Spaces :
=======================
Private Spaces have two types :
1.Standard Private Space
2.Shild Private Space
Private Spaces are only available in Heroku Enterprise.
These are dedicated runtime environments with isolated networking.
You can run Dynos and specific add-ons in Private Spaces.
you can have Trusted Connections Between Private Spaces and Salesforce.Traffic can go both ways or be limited to one way.
Private Spaces VPN is compatible with GCP.This can be a Site-to-Site VPN.
Private Spaces VPN is not compatible with Azure.
Private Space peering allows you to have a private network conection between your dynos in a private space and an AWS VPC.
Private Space VPN Connections use IPSec and are based on the managed AWS VPN product.
Heroku Shield :
Has features that suppport apps with high compliance needs in regulated industries,
such as healthcare,life sciences or financial services.
1.Support build of HIPAA,PCI,ISO,SOC compliant apps.
2.Special Dynos of shield type with encrypted ephemeral file system.
3.Special shield Heroku Apache Kafka,Postgres & Redis Plans.
4.Interactive dyno console bash sessions are encrypted with SSH.
5.All input typed into an interactive heroku ssh session is logged to the app or
space log stream for enhanced auditing.
6.All eternal connections for Postgres & Redis are disabled.
7.Shield enforces stricter requirements for TLS termination.
8.Ability for single log drain for all apps in a Shield Private Space.
