Skip to main content

Hosted vs. Self-Hosted

This page covers self-hosted deployments, where you run Runlayer on your own infrastructure via Terraform or Helm. On Runlayer-hosted deployments, Runlayer operates the infrastructure and applies updates for you — no action is required on your side. Release notes for every version are published in the changelog; for hosted update timing and policies, contact support@runlayer.com.

Update Process

Runlayer updates are manual and controlled through Terraform. There is no automated update system - you have full control over when and how updates are applied.

How Updates Work

Container Images

Runlayer uses automated semantic versioning with multiple tag options:
# Available image tag formats
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:latest"         # Always latest
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:v1.2.3"         # Stable version
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:20241213-152430" # Timestamp
Available Tag Types:
  • latest: Always points to the most recent release
  • v1.2.3: Semantic version tags for stable deployments
  • 20241213-152430: Timestamp-based tags for specific builds
  • v1.2.3-20241213-152430-a1b2c3d4: Full build traceability (includes commit SHA)

Update Methods

Version Management Strategies

Automated Versioning System

Runlayer uses automated semantic versioning based on conventional commits:
How versions are determined:
  • Patch bump (v1.2.3v1.2.4): Bug fixes, documentation updates
  • Minor bump (v1.2.3v1.3.0): New features (feat: commits)
  • Major bump (v1.2.3v2.0.0): Breaking changes (feat!: or BREAKING CHANGE:)

Deployment Strategies

Always get the newest version:
# Terraform configuration
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:latest"
Benefits:
  • Automatic security patches
  • Latest features and improvements
  • Minimal maintenance overhead
Considerations:
  • Updates happen when you run terraform apply
  • May include breaking changes in major versions
Use stable version tags for production:
# Pin to specific major.minor version
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:v1.2.3"

# Or pin to major version (gets patch updates)
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:v1.2"
Benefits:
  • Predictable deployments
  • Control over when breaking changes are applied
  • Easy rollbacks by changing version tags
Update process:
# Update to newer version
terraform apply -var="backend_version=v1.3.0"
Test versions before production deployment:
# Staging: Use latest for testing
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:latest"

# Production: Pin to tested version
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:v1.2.3"
Workflow:
  1. New version deploys to staging automatically
  2. Test thoroughly in staging environment
  3. Update production to use tested version tag
  4. Rollback easily if issues arise

Finding Available Versions

List all available versions:
# List backend versions
aws ecr describe-images \
  --repository-name backend-production \
  --registry-id 170974506510 \
  --region us-east-1 \
  --query 'imageDetails[*].imageTags' \
  --output table

# List frontend versions
aws ecr describe-images \
  --repository-name frontend-production \
  --registry-id 170974506510 \
  --region us-east-1 \
  --query 'imageDetails[*].imageTags' \
  --output table

Update Monitoring

Health Checks During Updates

The ECS service configuration includes automatic health monitoring:
# Health check configuration
health_check_path = "/api/v1/utils/health-check/"  # Backend
health_check_path = "/"                            # Frontend
Monitor deployment progress:
# Watch service status
aws ecs describe-services \
  --cluster anysource-production \
  --services backend-service frontend-service

# Check target group health
aws elbv2 describe-target-health \
  --target-group-arn <target-group-arn>

# View application logs
aws logs tail /aws/ecs/backend-logs-production --follow

Rollback Procedures

1

Version Rollback (Recommended)

Rollback to a previous semantic version:
# Update your terraform configuration
image = "170974506510.dkr.ecr.us-east-1.amazonaws.com/backend-production:v1.2.2"  # Previous version
# Apply the change
terraform apply -var-file="production.tfvars"
Benefits:
  • Clean rollback to known stable version
  • Maintains deployment history
  • Easy to communicate to team
2

Emergency Service Rollback

If immediate rollback is needed:
# Stop the current deployment
aws ecs update-service \
  --cluster anysource-production \
  --service backend-service \
  --desired-count 0

# Scale back up (will use previous task definition)
aws ecs update-service \
  --cluster anysource-production \
  --service backend-service \
  --desired-count 2
Then update to stable version:
terraform apply -var="backend_version=v1.2.2"

Database Migrations

Database updates require special handling:

Manual Migration Process

# 1. Backup database before migrations
aws rds create-db-cluster-snapshot \
  --db-cluster-identifier anysource-production \
  --db-cluster-snapshot-identifier backup-before-update-$(date +%Y%m%d)

# 2. Run migrations (usually handled by application startup)
# Backend container automatically runs migrations on startup

# 3. Verify migration success
curl https://your-domain.com/api/v1/utils/health-check/

Migration Safety

  • Automated backups: Aurora automatically backs up every 7 days (configurable)
  • Point-in-time recovery: Can restore to any point within backup retention period
  • Cluster snapshots: Manual snapshots before major updates

Security Updates

Critical Security Patches

1

Emergency Updates

For critical security issues:
# 1. Build and push patched images immediately
docker build -t backend:security-patch .
docker tag backend:security-patch ${ECR_URL}:latest
docker push ${ECR_URL}:latest

# 2. Force immediate deployment
aws ecs update-service \
  --cluster anysource-production \
  --service backend-service \
  --force-new-deployment
2

Infrastructure Patches

AWS-managed services are automatically patched:
  • RDS Aurora: Automatic security patches during maintenance windows
  • ECS Fargate: AWS manages underlying infrastructure
  • ALB/VPC: AWS-managed security updates
Configure maintenance windows:
preferred_maintenance_window = "sun:05:00-sun:06:00"

Best Practices

Before Updates

  • Review release notes and breaking changes
  • Backup database with manual snapshot
  • Test in staging environment first
  • Schedule during low-traffic periods
  • Have rollback plan ready

During Updates

  • Monitor health check endpoints
  • Watch ECS service status
  • Check application logs for errors
  • Verify target group health
  • Test critical functionality

After Updates

  • Verify all services are healthy
  • Test key user workflows
  • Monitor error rates and performance
  • Clean up old task definitions
  • Document any issues encountered

Emergency Procedures

  • Know how to quickly rollback
  • Have monitoring dashboards ready
  • Keep communication channels open
  • Document incident response steps
  • Practice rollback procedures

Troubleshooting Updates

Common causes and solutions:
# Check task definition and logs
aws ecs describe-task-definition --task-definition anysource-backend-production
aws logs tail /aws/ecs/backend-logs-production

# Common issues:
# - Environment variable changes
# - Database migration failures
# - Container startup errors
# - Health check failures
ECS deployment issues:
# Check service events
aws ecs describe-services --cluster anysource-production --services backend-service

# Force stop problematic tasks
aws ecs stop-task --cluster anysource-production --task <task-arn>

# Restart deployment
aws ecs update-service --cluster anysource-production --service backend-service --force-new-deployment
Database connectivity problems:
# Check RDS status
aws rds describe-db-clusters --db-cluster-identifier anysource-production

# Check security groups
aws ec2 describe-security-groups --group-ids <db-security-group-id>

# Test connection from ECS task
aws ecs execute-command --cluster anysource-production --task <task-arn> --interactive --command "/bin/bash"
Remember: You have full control over when updates happen. The system will not update automatically - all updates require manual terraform commands.