Fly Answers More Questions

Q: What if I get a large number of malicious TCP connections from around the world that are malicious and cause a large number of apps to be launched in the various datacenters. Are we on the hook for the bill? And is there anything in place to stop

Dj Walker-Morgan
3 min readintermediate
--
View Original

Overview

The article discusses Fly's new feature, Fly Answers Questions, which consolidates answers to common queries about the Fly platform. It addresses concerns regarding malicious TCP connections, GitHub Actions deployment keys, and configuration management for monorepos.

What You'll Learn

1

How to configure protections against malicious TCP connections in Fly apps

2

How to create a dedicated deploy key for GitHub Actions CD workflow

3

How to specify a custom Dockerfile for deployment in Fly

Key Questions Answered

What protections does Fly offer against malicious TCP connections?
Fly apps have configurable constraints to prevent runaway scaling, including per-region and global max instance counts. Incoming requests exceeding these limits are dropped, and protections against malicious connections are integrated into the Fly networking infrastructure. A configurable monthly maximum spend feature is also in preview.
How can I set up a dedicated deploy key for GitHub Actions in Fly?
To set up a dedicated deploy key for GitHub Actions, create a dedicated user for your CD workflow and generate a personal access token. Then, create a Fly organization and invite the user to it, allowing them to deploy to Fly using the configured processes.
How can I specify a different Dockerfile for my Fly deployment?
You can now use the new --dockerfile option with the flyctl deploy command to specify which Dockerfile to use for your build process. This feature is designed for users with more complex build configurations, allowing for greater flexibility in deployment.

Technologies & Tools

Some links below are affiliate links. We may earn a commission if you make a purchase.

Key Actionable Insights

1
Utilize Fly's configurable constraints to manage scaling effectively and prevent unexpected costs from malicious traffic.
By setting per-region and global max counts, you can safeguard your applications from runaway scaling, ensuring that your resources are used efficiently and costs are controlled.
2
Create a dedicated user for CI/CD workflows to improve security and manage access effectively.
This approach allows teams to maintain better control over deployment processes and ensures that sensitive access tokens are not shared across multiple users.
3
Leverage the new --dockerfile option in flyctl to streamline your deployment process in a monorepo setup.
This feature allows you to specify which Dockerfile to use, making it easier to manage multiple projects within a single repository and enhancing your deployment flexibility.

Common Pitfalls

1
Failing to set proper constraints can lead to unexpected costs due to runaway scaling from malicious connections.
Without limits in place, your applications could scale uncontrollably, resulting in significant charges. It's crucial to configure these settings proactively.