Logbook - 2022-06-10

Here’s our latest changelog. This week we’re putting the in-browser UI updates a little closer to all the other ones, to see if they’ll play nicely together. [Feature] Our WireGuard peers sync a lot faster with the kernel’s wg state, by adding only

The Fly.io Balloon
3 min readbeginner
--
View Original

Overview

The article discusses the latest updates and features from Fly.io, a platform that enables easy global application hosting through Firecracker microVMs. Key improvements include faster WireGuard peer synchronization, enhanced proxy performance, and new deployment features that streamline the user experience.

What You'll Learn

1

How to utilize build-time secrets in Docker with Fly.io

2

Why faster WireGuard peer synchronization is important for CI processes

3

How to implement rolling deploys for faster application updates

Key Questions Answered

How does Fly.io improve WireGuard peer synchronization?
Fly.io enhances WireGuard peer synchronization by only adding peers that have changed, which significantly speeds up the process. This improvement is particularly beneficial for users running CI processes like GitHub Actions, where new WireGuard peers may be created frequently.
What are the benefits of the new build-time secrets feature in Fly.io?
The new build-time secrets feature allows users to securely pass secrets during the Docker build process using the --build-secret flag. This method is safer than passing secrets as build arguments, reducing the risk of exposing sensitive information in image layers.
What changes have been made to the Fly.io dashboard for user experience?
Recent updates to the Fly.io dashboard include making the delete button for certificates visible, allowing users to click on an app's status badge to access its Monitoring tab, and requiring users to type the full app name before deletion to prevent accidental removals.

Technologies & Tools

Some links below are affiliate links. We may earn a commission if you make a purchase.

Networking
Wireguard
Used for secure communication between peers in Fly.io's infrastructure.
Containerization
Docker
Used for building and deploying applications on Fly.io.
Virtualization
Firecracker
Enables the running of microVMs for efficient application hosting.

Key Actionable Insights

1
Implement build-time secrets in your Docker workflows to enhance security.
Using build-time secrets prevents sensitive data from being exposed in Docker image layers, which is crucial for maintaining application security, especially in CI/CD environments.
2
Leverage the improved WireGuard synchronization for your CI processes.
This enhancement can significantly reduce API timeout issues, ensuring smoother operations in environments where new peers are frequently created, such as during automated deployments.
3
Utilize rolling deploys to speed up application updates across regions.
By updating more VMs in each batch, rolling deploys can reduce deployment times by 2-5x, which is especially beneficial for applications running in multiple geographic locations.

Common Pitfalls

1
Accidentally deleting an app from the dashboard due to misclicks.
To avoid this, Fly.io now requires users to type the full app name before deletion, which adds an extra layer of confirmation to prevent mistakes.