Infrastructure Done Right
- What makes BoltOps different?
BoltOps roots are in software development. This gives a unique perspective on how we approach building infrastructure. We purposely try to make the architecture lightweight as possible. By leveraging the massive shoulders of Cloud Providers, there is less maintenance overhead with the infrastructure. Our software philosophy results in a long-term "light-touch" solution. This approach is covered in detail in this blog post: BoltOps Tooling and Software Design Philosophy. We believe that the software development background plus a deep understanding of Cloud infrastructure makes for a more effective and dangerous combination.
We are solely focused on the Cloud and have many built tools that proves it. The tools come from actual use. In other words, we dogfood it. To name a few:
- Terraspace - The Terraform Framework
- Kubes - Kubernetes Deployment Tool
- Jets - The Ruby Serverless Framework
- Ufo - ECS docker deployment tool.
- Lono - The CloudFormation Framework
- Cody - CodeBuild Management Tool.
- PipeDream - CodePipeline Management Tool.
- Sonic - Swiss Army Knife Tool
The tools are allow us to fully leverage Cloud providers.
- What is the BoltOps stack architecture?
The BoltOps stack architecture provides a solid foundation for your infrastructure. It contains a set of best practices, conventions, and lightweight tools that enables us to spin up environments rapidly. It saves you a ton of time from figuring it all out, which is fun, but time probably better spent on building products. Here's a diagram for an example architecture:The stack customizable to fit your needs. It is a simple config change in the infrastructure code to change the number of subnets and or AZs for the network architecture. Years of experience from running large-scale systems goes into the stack. The stack is also improved and updated as the Cloud providers change. We've figured out most of it for you already. Our goal is to give you the full control and power of the Cloud while keeping the ease of that you would normally find with a PaaS.
- Will I be required to use BoltOps in the future?
No. The BoltOps infrastructure is designed with zero lock-in into BoltOps. This covered in detailed in the blog post BoltOps Tooling and Software Design Philosophy. We believe that customers should be empowered to decide what is best for them and then it is up to us to prove that we are the best fit for them.
- How customizable is the stack?
Everyone has different needs and no single stack can accomplish all of them. One way to think about the BoltOps stack, is to think about as a "generator". We initially generate infrastructure code that has set of components that will be a good fit for most requirements. Then it gets customized to fit your exact needs and requirements. So the stack is fully customizable.
- How scalable is the BoltOps stack architecture?
The stack is an AutoScaling stack that can grow and shrink on-demand depending on the traffic levels. Unless your application code has a crazy slow bug like an infinite loop, the stack provides a highly scalable foundation. The architecture is design to run servers as "cows" instead of "pets" and horizontally scale.
The BoltOps stack is built from using years of experience. We wish there were a way to learn how to scale a site from school, books, or a conference. We'd gladly pay for it. But you must learn it from experience. The blood, sweat, and tears from years of experience are built into the BoltOps stack.
- How do I know the stack is robust?
The components are spread across multiple AZs to ensure that in the event of an AWS Availability Zone outage, your application continues to run. AutoScaling will launch servers in the available AZ if the other AZ goes down.
- How do I know the stack is secure? The BoltOps stack's VPC design is based on industry best practices. For AWS, it is based on the Standardized Architecture for PCI DSS on AWS. The VPC has a private and public subnet space to provide more security over resources that do not need to be on a publicly accessible network. A bastion jump host is provided, so ssh access is controlled through a single audit point. The IAM users and roles are set up with best practices, and MFA is set up on your root AWS account. Secrets are encrypted and stored with AES256 standards. Refer to our Security and Compliance page for more information.
- How does BoltOps design the VPC Network?
The VPC network design is based on experience and best practices. We recommended private and public subnets to allow for better security controls at the network level. We recommend Session Manager or Cloud IAP generally. A bastion host can also be set up to provide a single access and audit point. The VPC contains a minimum 2 AZs ensure high availability. You can learn more about how we design in our VPC Design page.
- Why not a PAAS vs AWS?
PAAS providers are fantastic and we are a big fan of what they do. Every PAAS offering always has some inherent constraints though. Some PAAS constraints are control, customization, debugging visbility, ssh ability, security, performance, and cost. These increasingly become a factor when your app starts to scale. With the BoltOps stack, you pay the Cloud provider directly and skip the PAAS as the middleman. The overhead cost of a PAAS can easily be 5x. This blog post provides a pricing comparison between a managed PAAS offering and being directly on AWS: Heroku vs ECS Fargate vs EC2 On-Demand vs EC2 Spot Pricing Comparison. By being directly on AWS, you get more control, save money, and get better performance. Our goal is to allow you to have the full control and power of an IaaS while keeping the ease of a PaaS.
- Will you provide support?
Of course, we are proud to support what we build. We are happy to continue supporting the infrastructure if that is what you decide is best for you. You get hands-on support when you need it. Cloud Providers Support provides world-class support, but understandably, they will not ssh into the server with you. We will. We'll also hop into a Slack room with you and chat in real-time. We are also happy to explain how the nuts and bolts work, so your engineering team gets stronger and better..
- Can you explain the retainer minimum hours?
We work on a retainer model. The initial deposit goes into a retainer account. We bill monthly with credits from that account. The retainer gets re-filled each month.
- Will I be required to use BoltOps in the future?