Open-source PaaS. Built entirely on AWS cloud services for maximum privacy and minimum upkeep.
Go Shell Other
Switch branches/tags
Clone or download
Failed to load latest commit information.
api add support for rack update logs Jul 30, 2018
bin fix up ci scripts Jul 11, 2018
cache fix local tests Jan 8, 2018
changes refactor api directory Dec 4, 2017
ci clean up lambda enis inside the resource handler Aug 14, 2018
cmd allow dev racks to update with internal template Aug 13, 2018
crypt refactor api directory Dec 4, 2017
dist http/https port assignments Jan 8, 2018
examples/httpd ci Jul 11, 2018
generate fix resource commands against older racks Jul 11, 2018
helpers evaluate symlinks after resolving dir Jul 26, 2018
manifest add init option for services Jul 30, 2018
manifest1 run health checks on local apps May 4, 2018
options fix tests Jul 11, 2018
provider fix service autoscaling reference name Aug 14, 2018
router applying dns changes for ubuntu 18 compatibility Aug 2, 2018
sdk allow logs to close and stop polling Aug 11, 2018
start fetch release id after build Jul 11, 2018
stdcli add manifest v2 Nov 2, 2017
structs allow logs to close and stop polling Aug 11, 2018
sync upgrade lambda functions to nodejs 8.10 May 16, 2018
test remove unused property Jul 23, 2018
types add manifest v2 Nov 2, 2017
vendor update stdcli, windows ansi support Jul 24, 2018
.dockerignore optionally specify timeout for attached runs Mar 7, 2018
.gitignore refactor api directory Dec 4, 2017
.hound.yml new top-level manifest package Jul 20, 2016
.travis.yml fix for travis Dec 13, 2017 switch to convox.yml Apr 16, 2018
Dockerfile standardize api Jul 11, 2018
Gopkg.lock update stdcli, windows ansi support Jul 24, 2018
Gopkg.toml standardize api Jul 11, 2018
LICENSE license file Jul 16, 2015
Makefile standardize api Jul 11, 2018 update outdated rack install instructions Aug 9, 2018
REGIONS update amis, add ap-south-1 and sa-east-1 Jan 5, 2018
circle.yml restore timeout Jul 23, 2018
convox.yml handle changing processes with local logs Aug 2, 2018
main.go proper error for unknown provider, fixes #2764 Jul 17, 2018

Convox Rack

Build Status

Convox Rack is open source PaaS built on top of expert infrastructure automation and devops best practices.

Rack gives you a simple developer-focused API that lets you build, deploy, scale and manage apps on private infrastructure with ease.

Private and Secure

Rack runs in an isolated VPC that only you and your team have access to. Application builds take place in a single-tenant build service, and the resulting Docker images are stored in a private ECS Container Registry. Application secrets are stored in S3, encrypted with KMS, a hardware security module. Application logs are archived in CloudWatch LogsGroups.

Your network is isolated, your platform is single-tenant, and your application data never leaves your AWS account.

Simple and Reliable

Apps run as Docker containers on ECS with HTTP access through ELBs. This architecture is modern, simple, provably reliable and scalable.

Container Logs are extracted from Docker with its native APIs and log drivers. Docker daemon options are minimally changed to avoid observed log rotation problems.

Logs are stored in CloudWatch Logs for archival, search, and streaming. Lambda subscribers extract metrics and forward to 3rd party systems. This is simple and cost effective for any volume of logs.

Complex and experimental things like overlay networking, persistent container volumes, and distributed file systems are simply not supported at the moment.

All throughout the stack we aim to leverage managed services and mature systems to accomplish tasks at hand. AWS offers the vast majority of infrastructure services and Docker the vast majority of runtime functionality.

Easy to Maintain

Platform updates are automatically applied with the convox rack update command.

Updates are executed with CloudFormation, so you can be confident that they will be safely executed.

Some updates are simple Rack API changes that will roll out in seconds.

Some updates are base security updates like a new AMI, Linux Kernel, or Docker engine. These are rolled out one instance at a time and are guaranteed to not cause application downtime.

Some updates are infrastructure migrations. For example, ECR is still in limited availability. When it does become available, a future convox rack update will safely migrate your clouds over to it.

Open Source

Rack is open source and free (as in beer and in speech) to use. You can look at the source code to audit how it configures your AWS account. You fork it and modify. You can contribute your ideas and patches back to the project so we can all share.


The Convox team and the Rack project have a strong philosophy about how to manage cloud services. Some choices we frequently consider:

  • Open over Closed
  • Integration over Invention
  • Services over Software
  • Robots over Humans
  • Shared Expertise vs Bespoke
  • Porcelain over Plumbing

Installation Quick Start

You need an AWS account and access credentials, the Convox CLI, and 10 minutes.

# Create and pass AWS access keys to the installer. These should be temporary keys and can be deleted after the install.


# You may also want to set a region for your rack:

$ export AWS REGION=us-west-2

# Download and install the convox CLI for your platform

$ curl -Ls > /tmp/
$ unzip /tmp/ -d /usr/local/bin

# Install Rack.

$ convox rack install aws

Success, try `convox apps`

See the Getting Started Guide for more instructions.

Development Quick Start

You need a Rack installed on AWS, a laptop with the Convox CLI, Go, and Docker, jq, and the Rack repo to run and develop the Rack API locally.

# Copy Rack AWS credentials and resource names to your development environment

$ STACK_NAME=$(convox api get /system | jq -r .name)
$ WEB_PID=$(convox api get /apps/$STACK_NAME/processes | jq -r '.[] | select(.name == "web") | .id' | head -1)
$ convox exec $WEB_PID env --app $STACK_NAME > .env

# Check out the Rack golang package

$ go get
$ cd $GOPATH/src/

# Start Rack locally in Docker

$ docker-machine start default
$ convox start
RUNNING: docker build -t convox-icytafnqqb /Users/noah/go/src/
web      | running: docker run -i --name rack-web...
web      | [negroni] listening on :3000

# Log into the development server

$ convox login ($docker-machine ip default)

See the Development Guide for more instructions to develop, contribute and release changes for Rack and related components.



Apache 2.0 © 2015 Convox, Inc.