Considerations for Designing and Running an Application in the Cloud
Page last updated:
Applications written in supported application frameworks often run unmodified on Cloud Foundry, if the application design follows a few simple guidelines. Following these guidelines makes an application cloud-friendly, and facilitates deployment to Cloud Foundry and other cloud platforms.
The following guidelines represent best practices for developing modern applications for cloud platforms. For more detailed reading about good app design for the cloud, see The Twelve-Factor App.
For more information about the features of HTTP routing handled by the Cloud Foundry router, see the HTTP Routing topic. For more information about the lifecycle of application containers, see the Application Container Lifecycle topic.
Applications running on Cloud Foundry should not write files to the local file system for the following reasons:
Local file system storage is short-lived. When an application instance crashes or stops, the resources assigned to that instance are reclaimed by the platform including any local disk changes made since the app started. When the instance is restarted, the application will start with a new disk image. Although your application can write local files while it is running, the files will disappear after the application restarts.
Instances of the same application do not share a local file system. Each application instance runs in its own isolated container. Thus a file written by one instance is not visible to other instances of the same application. If the files are temporary, this should not be a problem. However, if your application needs the data in the files to persist across application restarts, or the data needs to be shared across all running instances of the application, the local file system should not be used. We recommend using a shared data service like a database or blobstore for this purpose.
For example, instead of using the local file system, you can use a Cloud Foundry service such as the MongoDB document database or a relational database like MySQL or Postgres. Another option is to use cloud storage providers such as Amazon S3, Google Cloud Storage, Dropbox, or Box. If your application needs to communicate across different instances of itself, consider a cache like Redis or a messaging-based architecture with RabbitMQ.
If you must use a file system for your application because for example, your application interacts with other applications through a network attached file system, or because your application is based on legacy code that you cannot rewrite, consider using Volume Services to bind a network attached file system to your application.
In an environment with shared domains, cookies might be accessible across applications.
Many tracking tools such as Google Analytics and Mixpanel use the highest available domain to set their cookies. For an application using a shared domain such as
example.com, a cookie set to use the highest domain has a
Domain attribute of
.example.com in its HTTP response header. For example, an application at
my-app.shared-domain.example.com might be able to access the cookies for an application at
Clients connect to applications running on Cloud Foundry by making requests to URLs associated with the application. Cloud Foundry allows HTTP requests to applications on ports 80 and 443. For more information, see the Routes and Domains topic.
Cloud Foundry also supports WebSocket handshake requests over HTTP containing the
Upgrade header. The Cloud Foundry router handles the upgrade and initiates a TCP connection to the application to form a WebSocket connection.
To support WebSockets, the operator must configure the load balancer correctly. Depending on the configuration, clients may have to use a different port for WebSocket connections, such as port 4443, or a different domain name. For more information, see the Supporting WebSockets topic.
For application management purposes, Cloud Foundry may need to stop and restart your application instances. If this occurs, Cloud Foundry performs the following steps:
Cloud Foundry sends a single
termination signalto the root process that your start command invokes.
Cloud Foundry waits 10 seconds to allow your application to cleanly shut down any child processes and handle any open connections.
After 10 seconds, Cloud Foundry forcibly shuts down your application.
Your application should accept and handle the termination signal to ensure that it shuts down gracefully. To achieve this, the application is expected to follow the steps below when shutting down:
- Application receives termination signal
- Application closes listener so that it stops accepting new connections
- Application finishes serving in-flight requests
- Application closes existing connections as their requests complete
- Application shuts down or is killed
See the Sample HTTP Application GitHub repository for an implementation of the expected shutdown behavior in Golang.
By default, when you push an application, all files in the application’s project directory tree are uploaded to your Cloud Foundry instance, except version control and configuration files or folders with the following names:
In addition to these, if API request diagnostics are directed to a log file and the file is within the project directory tree, it is excluded from the upload. You can direct these API request diagnostics to a log file using
cf config --trace or the
CF_TRACE environment variable.
If the application directory contains other files, such as
files, or complete subdirectories that are not required to build and run your
application, you might want to add them to a
.cfignore file to exclude them from upload. Especially with a large application, uploading unnecessary files can slow application deployment.
To use a
.cfignore file, create a text file named
.cfignore in the root of your application directory structure. In this file, specify the files or file types you wish to exclude from upload. For example, these lines in a
.cfignore file exclude the “tmp” and “log” directories.
The file types you will want to exclude vary, based on the application
frameworks you use. For examples of commonly-used
.gitignore files, see https://github.com/github/gitignore.
Singleton apps may become temporarily unavailable for reasons that include:
During an upgrade, Pivotal Cloud Foundry (PCF) gracefully shuts down the apps running on each Diego cell and then restarts them on another Diego cell. Single app instances may become temporarily unavailable if the replacement instance does not become healthy within the cell’s evacuation timeout, which defaults to 10 minutes.
Unexpected faults in PCF system components or underlying infrastructure, such as container-host VMs or IaaS Availability Zones, may cause lone app instances to disappear or become unroutable for a minute or two.
To avoid the risk of an app becoming temporarily unavailable, developers can run more than one instance of the app.
A buildpack consists of bundles of detection and configuration scripts that provide framework and runtime support for your applications. When you deploy an application that needs a buildpack, Cloud Foundry installs the buildpack on the Diego cell where the application runs.
For more information, see the Buildpacks topic.