Pinterest Improves iOS Build Pipeline Reliability by 80.5% Using Amazon EC2 Mac Instances

As a visual discovery engine that people use to find inspiration in categories like home, food, style, and beauty, Pinterest has grown to become a global platform. To build, test, and deploy applications for its iOS users, Pinterest developers used on-premises computers, which the company needed to procure, configure, and upgrade manually. “Having to manage physical machines was very difficult,” says Oliver Koo, senior software engineer at Pinterest. “We needed staff to configure all the laptops and monitor and upgrade them continually. If one machine had an issue, we would experience service disruptions and higher latency.” This on-premises environment lengthened development, affecting Pinterest’s time to market for iOS features.

Pinterest needed a scalable, efficient way to build, test, and deploy iOS features and upgrades. Having used AWS services since it first launched in 2010, the company turned to AWS and learned about Amazon EC2 Mac Instances. Pinterest realized that it could use this service to provision and access macOS environments within minutes, scale capacity as needed, and optimize its computing costs. “We found that migrating to AWS would streamline the development experience,” says Koo. “Amazon EC2 Mac Instances is the first service that lets users run on-demand macOS environments in the cloud, which is a game changer.” In March 2021, Pinterest began migrating its CI/CD pipeline to Amazon EC2 Mac Instances.

By August 2021, Pinterest had completed its migration to Amazon EC2 Mac Instances. With this solution, the company has streamlined its CI/CD pipeline and can now scale its iOS build environment on demand. “On AWS, we can now increase the number of build machines by 400 percent at peak demand instead of managing a static group of machines,” says Koo. Pinterest uses Buildkite Agent Scaler, which runs as a function on AWS Lambda—a serverless, event-driven compute service—to efficiently scale the company’s CI/CD infrastructure by tracking the number of jobs that need to run and adjusting Pinterest’s Amazon EC2 Mac Instance fleet size accordingly. “During periods of low demand, we can easily scale them down,” says Koo. Developers no longer need to wait for capacity to become available during peak demand, improving development speeds. It only takes a few minutes for Pinterest to spin up a new Amazon EC2 Mac Instance, compared to the hours or days it could take to procure a new machine. Compared to running builds with on-premises machines, Pinterest can build and release iOS applications 18.4 percent faster using Amazon EC2 Mac Instances. Because it no longer needs to procure machines and only pays for the macOS compute capacity it uses, Pinterest has significantly reduced its development costs.

Pinterest has also simplified its build processes using Amazon EC2 Mac Instances. Testing new features and upgrades is now faster and more straightforward. “The process of upgrading, patching, and deploying security fixes to our CI/CD pipeline was quite complex,” says Koo. “But Amazon EC2 Mac Instances and the new processes we’ve built are really simple to understand.” To launch an Amazon EC2 instance, Pinterest builds an Amazon Machine Image (AMI), which contains information like permissions that control which AWS accounts can use the AMI. Because its developers now have the ability to create an AMI and quickly configure these rules, Pinterest’s development speed increased by 42 percent. The streamlined infrastructure also makes it simpler for Pinterest to onboard new employees. As a result, developers can start work sooner and innovate faster.

To keep its CI/CD pipeline secure, Pinterest relies on AWS services like AWS Identity and Access Management (AWS IAM), which provides fine-grained access control across all of AWS. Each cluster of Amazon EC2 Mac Instances uses a different AWS IAM role with different permissions assigned to it. When a user tries to access the cluster, the system automatically grants or denies access based on the security policies that Pinterest has configured. The company also uses AWS Secrets Manager, which helps developers easily rotate, manage, and retrieve database credentials and API keys throughout their life cycles. Pinterest relies on AWS Secrets Manager to centralize macOS authentication, further preventing unauthorized users from accessing its iOS build environment.

Pinterest uses Amazon EC2 Mac Instances to improve the stability of its CI/CD pipeline so that its developers can release new features at a faster pace. Previously, developers had to frequently restart the on-premises machines after lengthy uptimes, which interrupted development. Now, they always have access to reliable CI/CD infrastructure. As a result, Pinterest developers can build better features and avoid delays while submitting updates to the Apple App Store. “Using Amazon EC2 Mac Instances, we decreased the number of machine-related build failures by 80.5 percent, which is huge.” By using Amazon EC2 Mac Instances, Pinterest developers no longer need to spend time resolving issues and managing infrastructure, freeing them to focus on creating innovative new features to better support Pinterest’s users.

Using Amazon EC2 Mac Instances, Pinterest has significantly improved its development times, time to market, and CI/CD pipeline stability. In the future, it plans to use Amazon Relational Database Service (Amazon RDS)—which makes it simple to set up, operate, and scale a relational database in the cloud—to log and monitor build failures. Using these insights, Pinterest can better understand how often certain errors occur and deploy solutions to resolve them. “AWS is the first to provide on-demand macOS environments in the cloud,” says Koo. “Using Amazon EC2 Mac Instances, we make iOS build environments and Mac machines much more readily available and accessible to developers.”