There and back again

My experience migrating my infrastructure from Terraform to Pulumi

Erik Näslund — Wed, 26 May 2021 16:13:22 GMT

I always intended this blog to contain a mix of technical and business posts. Here's the first technical piece. If that's not your cup of tea then you should probably stop reading right here, and go for a nice walk outside instead :).

Still here? Cool! Today we're talking about IaC (Infrastructure as Code), and a relative newcomer on the scene called Pulumi .

I've been using Terraform for a couple of years and overall I've been quite happy with it. However there's a few things that started to bother me more and more recently.

Terraform uses a language called Hashicorp HCL to define the infrastructure. It's a relatively simple declarative language, but it's something I had to learn along the way. Just like any language it has it's little quirks, and I often found myself spending more time than I wanted to figure out how to do certain things. As I'm doing all the infrastructure myself I really wanted to be able to use a language I'm familiar with, to make things simple.

I had written my own Terraform modules to organize my code. Modules are a great help when it comes to organizing your code in a logical way, and I strongly recommend it if you haven't tried using them already. However, after using it for a while I reliazed that the Terraform type system left something to be desired. There are a few basic types available, but not much more than that. This caused bad "micro interactions" between me and Terraform. It was commonplace for me to submit an MR to my Gitlab CI where I passed in a security group name instead of an arn or id.

The third and perhaps most important point is that I think a custom language like HCL is the wrong way to go long term. Don't get me wrong - I love the people at Hashicorp and I'm forever grateful for Terraform because it's the first product that made me enjoy writing IaC. That being said, I think it's a better choice to write libraries for existing languages, instead of trying to create a configuration language of your own. There's a lot of constructs that I'm used to having in Python that I sorely miss having available in Terraform. In my opinion there's no reason to develop your own configuration language since it's a time consuming task, and I don't find it better than a general purpose language anyways.

Why did I choose Pulumi?

I have this thing called "Fun time Friday" where I spend the first half day on Fridays exploring new things I've heard about. Most of the things I look at during that time end up being scrapped, and there's zero pressure to push things into production.

However after exploring Pulumi I felt that it might be significantly better for me than Terraform. I decided to take a day to see if I could migrate my infrastructure.

Could I have used something else, like AWS CDK? I most probably could. The nice thing about running a company of one is that there's no need for analysis paralysis! At this point I believed that Pulumi was a better choice for me than Terraform, so I went for it.

Personally I struggle a bit with CDK being mostly Amazon-centric. I sometimes use my IaC to configure things outside of AWS as well. The other issue for me is that CDK by default uses AWS CloudFormation to provision resources. I've been bitten a few times by CF. Some times it's been because of buggy behavior, e.g. a stack that refused to terminate. Other times it's been the fact that CF often lags behind in capabilities, so it's common to have to wait a few months for a new feature to be usable through CF.

Sure, I could use CDK for Terraform to have CDK genererate Terraform HCL for me. However, now we're quickly getting away from the simple system I wanted in the first place.

Apologies to those of you who are screaming "FFS - CDK is the best thing ever!" at your monitors right now. You might be 100% right! From what I've seen CDK seems pretty awesome for the most part. I didn't end up with Pulumi because CDK seemed bad. I ended up with Pulumi because it seemed like a slightly better fit for my needs :).

Pulumi in 3 minutes

You might already know a bit of Pulumi, but here's a very quick overview plus some advice on where to go from here.

Pulumi allows you to write your IaC using TypeScript, Javascript, Python, Go or C#.
You define resources which have inputs and outputs. As an example, a resource could be an RDS database Instance. One of it's inputs would be the database version to use. One of the outputs would be the hostname / address of the server.
The outputs are lazily evaluated, and their exact value is often not known until after you've executed your code. I.e. you wouldn't have the db_instance.address until the instance had been created. Think of outputs as promises / futures.
You can use component resources to group your resources into logical groups - similar to how Terraform modules work. If you don't do this there's a high risk you'll end up with a very messy setup further down the line.
Read Pulumi's own overview and naming docs before attempting to use Pulumi yourself. I'd say that's the most important bit to know about.
Pulumi are using the open core model where most features are free, but some extra goodies are on a paid tier. You can use the open source version and do state management yourself, but you miss out on certain features.

So what does Pulumi code look like? Below is a minimal extract of some of the Python code I've written (slightly altered).

# __main__.py
...
prod_redis_server = RedisServer(
    identifier='redis-prod',
    route53_zone=example_com_route53_zone,
    route53_name='redis-prod.example.com',
    security_groups=[my_ecs_service.task_security_group]
)
...

# components/redis_server.py
class RedisServer(ComponentResource):    
    def __init__(
        self,
        identifier: str,
        route53_zone: aws.route53.Zone,  # Route53 Zome where the DNS record will be created.
        route53_name: str,  # Full DNS name of the CNAME record, e.g. 'redis.example.com'.
        security_groups: List[aws.ec2.SecurityGroup],  # Security groups which should be granted access to the server.
        opts=None
    ):    
        super().__init__('vt:RedisServer', identifier, None, opts)

        # Prefix with `self.` if you want to access the security group from outside this component.
        security_group = aws.ec2.SecurityGroup(
            identifier,
            ingress=[
                aws.ec2.SecurityGroupIngressArgs(
                    from_port=6379,
                    to_port=6379,
                    protocol='tcp',
                    security_groups=[sg.id for sg in security_groups],
                )
            ],
            opts=ResourceOptions(parent=self),
        )

        # Create all the other sub resources needed.
        ...

As you can see it's really simple and clean for me to set up a Redis server now.

There's also the fact that I can use the Pulumi Console (web interface) to check the state of my infrastructure really quickly. I found myself doing this instead of logging in to the AWS console or using the AWS cli.

How I went about the migration

After reading the migration guide I immediately tried out what seemed to be the obvious option - tf2pulumi. This is supposed to be able to convert Terraform code directly to Pulumi. In my case it simply errored out and was not able to convert my Terraform code. To be fair my TF code was using slightly more "advanced" features like custom written modules, so it wasn't the easiest thing to handle for tf2pulumi. I recommend you try it out, because it sounds great in theory. However it wasn't an option for me, so I had to go for a more manual approach. In retrospect I'm actually quite happy I did, because it gave me the opportunity to organise my code in a way that I preferred.

Don't worry though - "manual" imports using Pulumi is still rather easy to perform, albeit a bit time consuming. Here's how I did it.

I started by testing out the AWS getting started guide to get a feel for how Pulumi worked. This was a great move and I recommend everyone else to do the same.

I was then ready to start importing my existing resources. The general workflow was to look at my existing Terraform code, rewrite it using Pulumi, and then import the existing resources. It was a bit time consuming in the beginning, but I got a lot faster at it after a few hours.

Since Pulumi starts out "empty" you can rewrite and import a piece at a time. I'd recommend doing this because you will most probably do some mistakes initially, and it's good to get early feedback.

You can check the API reference for details on how to import each specific resource. The instructions on how to do it is usually at the bottom of the reference page for each resource type.

Once I had everything migrated to Pulumi I set up a Gitlab CI/CD flow which allowed me to preview and apply the infrastructure changes. Up until then I'd been doing it locally from my own computer. If possible, I recommend doing it that way. The extra time taken by involving a separate CI/CD pipeline would make your migration take a lot longer. It's perfectly fine when everything is done and dusted, however when learning Pulumi you'll often need to use the pulumi command to look at the resources.

Issues, workarounds and general tips

Use component resources to group resources

When your infrastructure starts growing it becomes hard to manage unless you group your resources. Pulumi's solution to this are the so called component resources. They are "logical components" which you define yourself.

$ pulumi stack
...
─ vt:RedisServer                                                          vt-redis-prod
    │  ├─ aws:elasticache/parameterGroup:ParameterGroup                        vt-redis-prod
    │  ├─ aws:ec2/securityGroup:SecurityGroup                                  vt-redis-prod
    │  └─ aws:elasticache/cluster:Cluster                                      vt-redis-prod
...

As you can see I've defined a component called "vt:RedisServer" which I use to group all the resources associated with my Redis server. You'll get a graph representation of your whole infrastructure in the Pulumi Web Console .

It might seem like a small thing, but it really helps to have a logical grouping of your resources as your infrastructure grows. It also help because you can suddenly decide which resources your component exposes and which ones are "internal" to the component. Check out the code sample from earlier in the article to see how to do this using self..

Importing a resource that has a parent was a bit confusing at first

Each resource in pulumi has a globally unique URN. You can show the URNs for the infrastructure you've codeified in pulumi by issuing pulumi stack --show-urns

$ pulumi stack --show-urns
...
├─ vt:RedisServer                                                          vt-redis-prod
    │  │  URN: urn:pulumi:prod::VT::vt:RedisServer::vt-redis-prod
    │  ├─ aws:elasticache/parameterGroup:ParameterGroup                        vt-redis-prod
    │  │     URN: urn:pulumi:prod::VT::vt:RedisServer$aws:elasticache/parameterGroup:ParameterGroup::vt-redis-prod
    │  ├─ aws:ec2/securityGroup:SecurityGroup                                  vt-redis-prod
    │  │     URN: urn:pulumi:prod::VT::vt:RedisServer$aws:ec2/securityGroup:SecurityGroup::vt-redis-prod
    │  └─ aws:elasticache/cluster:Cluster                                      vt-redis-prod
    │        URN: urn:pulumi:prod::VT::vt:RedisServer$aws:elasticache/cluster:Cluster::vt-redis-prod
...

Let's have a look at one of the URNs in more detail, shall we?

urn:pulumi:prod::VT::vt:RedisServer$aws:elasticache/parameterGroup:ParameterGroup::vt-redis-prod

stack name: prod
project name: VT
parent resource type: vt:RedisServer
resource type: aws:elasticache/parameterGroup:ParameterGroup
resource name: vt-redis-prod

All URNs need to be unique, which means every resource of the same type, with the same parent (in the same stack and project) needs to have a unique resource name.

Normally I would have written and imported my parameter group definition something like this:

# components/redis_server.py
class RedisServer(ComponentResource):
    """
    Redis server running on ElastiCache (single node).
    """
    def __init__(self, identifier: str, opts=None):
        super().__init__('vt:RedisServer', identifier, None, opts)

        ...

       parameter_group = aws.elasticache.ParameterGroup(
            identifier,
            name=identifier,
            family='redis6.x',
            opts=ResourceOptions(parent=self),
        )

# __main__.py
vt_prod_redis_server = RedisServer(
    identifier='vt-redis-prod'
)

And I would then try to import it like this:

# Executing the import (THIS WON'T WORK, DON'T TRY IT)
pulumi import \
    aws:elasticache/parameterGroup:ParameterGroup \
    vt-redis-prod \
    vt-redis-prod

The first vt-redis-prod in the command above is the identifier used by the aws.elasticache.ParameterGroup. This is actually called "resource name" using Pulumi-speak. I prefer to call it identifier in my own code though, because "resource name" is too similar to the actual name it has to AWS for my liking.

The second vt-redis-prod is the actual name of my parameter group on AWS (remember we're importing existing stuff).

However, the above won't work for one simple reason - the URN won't match because we haven't told Pulumi that this parameter group resource we're importing is a child of our RedisServer component. What's the solution? Pretty simple, but somewhat obscure at the same time:

# Executing the import (the right way)
pulumi import \
    --parent vt_prod_redis_server=urn:pulumi:prod::VT::vt:RedisServer::vt-redis-prod \
    aws:elasticache/parameterGroup:ParameterGroup \
    vt-redis-prod \
    vt-redis-prod

You tell Pulumi about the parent by using the --parent argument (this is the simple part). The parent argument is a key=value pair, and the key is actually the python variable name you've used in your code. If you scroll back up you can see that I stored my RedisServer instance in a variable called vt_prod_redis_server. This part took longer than I'd like to admit for me to figure out.

The value is the URN of the parent component, which you can get with pulumi stack --show-urns.

You can't import a child without having the parent in place first

That last one was a bit heavy, let's take a breather and go for something a bit simpler!

When importing a child component you need to import the parent first. If you simply run pulumi up it will try to import all your resources all at once, and it won't work because the parent haven't been created yet.

Instead simply do this first to update just a single resource:

pulumi up --target urn:pulumi:prod::VT::vt:RedisServer::vt-redis-prod

This will cause my vt-redis-prod resource to be created in the Pulumi state. Nothing actually happens on AWS since it's just a logical component. Once this is done you'll be able to import all of it's child resources as you saw above.

Writing IAM (JSON) policies with Pulumi outputs

Imagine having an IAM policy that referenced an ECR repository, just as an example. You might want the policy to grant access only to that particular ECR repository. You might be temped to try something like this:

aws.iam.Policy(
    ...
    policy=json.dumps({
        'Version': '2012-10-17',
        'Statement': [
            {
                'Sid': '1',
                'Effect': 'Allow',
                'Action': [
                    'ecr:GetAuthorizationToken',
                    ...
                ],
                'Resource': ecr_repository.arn
            }
        ]
    }))

While this might look sensible, it won't quite work. Remember early on I sad that Pulumi outputs are futures, and not variables whose values you can access just like that. If you did like the example above your policy would just end up with something similar to 'Resource': in it. Not quite what we wanted.

Instead we have to tell Pulumi to resolve these futures, so we get the actual value for them, like this:

aws.iam.Policy(
    ...
    policy=ecr_repository.arn.apply(lambda arn: json.dumps({
        'Version': '2012-10-17',
        'Statement': [
            {
                'Sid': '1',
                'Effect': 'Allow',
                'Action': [
                    'ecr:GetAuthorizationToken',
                    ...
                ],
                'Resource': arn
            }
        ]
    }))

If you have more than one Output you need to access you can use Output.all, like this:

policy=(
    Output.all(origin_access_identity.iam_arn, self.s3_bucket.arn)
    .apply(
        lambda args: json.dumps({
            'Version': '2008-10-17',
            'Id': 'PolicyForCloudFrontPrivateContent',
            'Statement': [
                {
                    'Sid': '1',
                    'Effect': 'Allow',
                    'Principal': {
                        'AWS': args[0]
                    },
                    'Action': 's3:GetObject',
                    'Resource': f'{args[1]}/*'
                }
            ]
        })
    )
)

The .apply method can also be useful for troubleshooting when you need to access the particular value of an output.

This might seem tricky at first, but digest this for a bit, then have a look at the docs for Inputs and Outputs and I'm sure it'll all make sense.

Don't name resources unless you really have to

Pulumi is pretty smart when it comes to naming the actual resources on AWS. If you don't specify a name when creating a resource Pulumi will use the identifier and append a hex character suffix .

This gives two great advantages. The first is that you can have multiple stacks next to each other, e.g. a "review" and a "production" environment. If you hard coded the names this wouldn't be possible.

The second advantage is that it makes replacement of resources much easier. If you hard code the name you leave Pulumi no choice but to tear down the existing resource before creating the replacement one. This makes a big difference if you are to perform a version update of one of your dependencies. In case you allow Pulumi to handle the naming it can create the new resource before terminating the previous one. This coupled with a DNS entry update can make for updates with virtually zero downtime.

Since I imported existing resources I had to keep hard coded names in a few places. However I've taken the time to get rid of the hard coding as much as possible since then.

Integrating with CI/CD (Gitlab)

I use Gitlab for my Ci/CD, and I'm really happy with it. Let me show you what my very simple Pulumi pipeline looks like right now:

stages:
  - build

preview:
  stage: build
  image:
    name: pulumi/pulumi-python:3.2.1  # Choose the right image for your language
    entrypoint: [""]  # This is important for things to work
  script:
    - pulumi stack select prod
    - pulumi preview --color always --diff  # I added '--diff' to always see more details
  only:
    - merge_requests  # Only run the preview on merge requests

update:
  stage: build
  image:
    name: pulumi/pulumi-python:3.2.1
    entrypoint: [""]
  script:
    - pulumi stack select prod
    - pulumi update --color always --diff --yes  # Answer "yes" when asking to apply the changes
  only:
    - master  # Only run the update on the master branch (post merge)

As you can see my pipeline is very simple for this little project which is still in an Alpha phase. There's just the "production" environment, and changes are automatically applied once the MR is merged.

You'll have to make use of your gitlab-fu (or other-ci-cd-fu) to adapt this to your own needs. Read the docs from Pulumi to get started. It's usually very simple and straight forward!

I did things quite differently from what's described in the Pulumi docs. I used the ready made image from Docker Hub, while they build their own. I did this to make the whole pipeline quicker. It seems to work really well so far, and I haven't found any downsides to my approach (yet).

I couldn't get the Gitlab integration webhooks to work

You are normally able to have Pulumi post a report of the planned changes attached to your merge request .

However I couldn't make this work because of authentication issues. With the help of their support (which was excellent btw) we figured out that it was related to the fact that I was using Gitlab groups to organise my repositories.

As things stand right now you have to create a Pulumi Organization for each Gitlab Group. There's a bit of an issue with Pulumi's pricing right now, because the only way to be able to get more than 1 organisation is to go for their enterprise plan.

I think Pulumi will be fixing this in one way or anotherin the future. For now I'm still pretty happy just checking my changes from the Gitlab job output.

What's the verdict?

So I've been using Pulumi for a few weeks now, and here are my impressions.

It's really fast compared to Terraform. I didn't even expect this one, but for some reason Pulumi manages to at least "feel" a lot faster. I haven't done any measurements to verify this, but it definitely feels much faster.

Their documentation is really good, although it took me a bit to learn to navigate it.

Having type annotations is great! This makes it a lot more friendly to work with as a developer. No more passing around just plain strings in your code. However the type annotations doesn't quite work in PyCharm because of how the Pulumi code is written. I consider this a PyCharm bug though, and I expect it to be fixed in the future. For now I can simply ctrl+b the class in question, and read the type annotations from the source code.

The Pulumi (Web) Console is a neat way to look at your infrastructure. I know there are similar solutions for Terraform, but I hadn't used them personally.

The developer ergonomics are great. Using your language of choice helps a lot. When running a company of one, like myself, it's really important to limit the number of things you need to learn as much as possible. While HCL is simple it's yet another language to remember. If you're working at a larger company it's a great way to encourage developers to do more infrastructure work.

Pulumi is an open core type product, and you will have to pay to access the features on the higher tiers. Their current plans are very fairly priced. I myself is using the free community plan, which works great for me. There's obviously the risk that they will remove the free plan in the future. However even if that happens I could either pay the fee, or transfer to state storage to AWS S3, and retain most of the product functionality. This feels like an acceptable level of risk for me.

My goal was to do the whole migration in one day. In reality it ended up being closer to two days. However, given that I learned Pulumi and migrated ~130 resources in that amount of time I'd say that Pulumi is quite easy to get started with.

All in all, I'm very happy with making the transition to Pulumi! I became way more productive managing my infrastructure. At the same time I ended up enjoying the work of doing so a lot more - which is really important too.

P.S. I'm still a Pulumi n00b, so there's probably better ways to do certain things than what I described here :).

The 3 most important questions to ask yourself when creating a product you plan to sell

Erik Näslund — Sat, 10 Apr 2021 16:16:30 GMT

As I mentioned in my last post I took a break for a few weeks after leaving my last job, to recharge my batteries. I'm terrible at disconnecting from work, and this time was no exception (this is something I need to work on).

After a couple of days, I was itching to do something work-like, so I started playing with FastAPI to see if it could be what I'd use for my next project (I'll tell you all about it in a few weeks).

I even got so excited that I started creating visual prototypes using Figma of what the product would look like. Once I had the prototypes I created backlogs and started brainstorming more ideas with myself. In a matter of days, I had some proof of concept code and a plan, and I felt really pumped to build this!

Is this such a bad way to build a product? I had a good flow going, right?

I honestly think I would have been off sipping Mojito's on the beach for the last couple of weeks. At least I managed to stop myself in time - let me explain...

Since I'm a developer at heart I always tend to focus on the product first. I get overly excited as soon as I think of something cool I could build. My mind starts spiralling down the path of implementation details, and I start building a high-level mental model of how it would all work.

Luckily enough I stopped here and allowed myself some time to think. Eventually, I came up with the three questions below. These are the three most important things you should ask yourself before starting to develop a new product.

Question 1 - "Can I build this?"

How do I build this idea I have in my head? It quickly tends to go into implementation concerns like "what will the product look like", "will it support feature X" and "which language and framework should I use"?

We developers are spoiled with a plethora of excellent technology to help us do rapid application development. It's more likely than not that you can put together the software you need, assuming you are a developer yourself. There might be some struggles along the way, but as long as you know (with reasonable certainty) that you can find a way to build it, then you can tick this box.

Small companies like my own might have to scrap an idea because we can't build it given the people we have available. That's perfectly fine - the idea might not just be for us to execute on.

TIP: Try to go for a "trivial" project to start out with. Things always take longer than we think they do anyway :).

Question 2 - "Can I get others to use this?"

This is where things get interesting, and where I used to have a big blind spot.

Once you've built a product, how do you get other people to use it?

My first ever project operated on the principle of "if you build it they will come" (spoiler alert - that's not how it works). The second time around I had the help of a lot of great marketers, who managed to get the distribution we needed.

But how about this time around when I don't have a group of marketers to help out?

TIP: Expose your product in every way possible as soon as you can. Often earlier than you're comfortable with. If you can't find people to give you feedback, or test your prototypes, then you most likely won't find people to buy the finished product either.

Don't fall into the trap of thinking that you need a finished product. As soon as you have an idea or a screenshot that is something you can show off!

The Sales Safari by Amy Hoy is a great read exploring how to find the "watering holes" where your potential customers hang out.

Question 3 - "Can I get paid for this?"

There's a clear difference between being willing to use something, and willing to pay for it. I for example use a web browser like everyone else, but it's very unlikely I'd be willing to pay for one (unless it was drastically better for some reason).

Depending on your earning goals you might give high or low importance to this question. I believe it's generally less important if you have a company of one, like myself. The reason is simple - you don't have a lot of salaries to pay. People are often willing to pay something (even if it's a small sum) for most products.

If you have an idea in mind where you don't think there's any willingness to pay at all you might want to avoid turning it into a business.

TIP: Think about your financial goals with the product. What would happen if you didn't reach them? Are you OK with just running it as a side business?

Putting it all together

So now that you've asked yourself these three questions you can place your ideas in the Venn diagram above. Do enough research for each question to be able to answer it somewhat confidently. You can never get 100% certain of course, but just asking yourself these questions is a great start!

Can build	Can get others to use	Can get paid for	Product type example
✅	❌	❌	Personal product
✅	✅	❌	Free open source product
✅	✅	✅	Viable business product
❌	✅	✅	Outsourced development product
...	...	...	...

Depending on where your product idea fits within the diagram you can see what type of product it might be. The table above is just an example of some different product types.

For example - If you can build your idea, and you can get others to use it, but don't see a way to get paid - then it might be a great idea for a free open source product. Leverage the community to make it as awesome as it possibly can be!

This is the stage where you might realise that while your idea might be awesome, it might not be the right idea to build a business around.

What am I gonna do next?

There's this quote you might have heard:

First time founders are obsessed with product.

Second time founders are obsessed with distribution.

I can definitely relate to being too obsessed with the product, so this time I'm going to address the distribution ("can I get people to use it?") a bit more before I go full steam ahead on building something.

Next up is scheduling some time to talk with the people I think would be the users of my product, to talk a bit about the issues they're facing in the area.

I won't lie - it's really scary going out of my comfort zone scheduling meetings with people I don't know! I guess that's why I put it off for so long. I recently read The Mom Test and it helped to lessen my fears a tiny bit.

Wish me luck! I'll post an update here on the blog once the meetings are done, with some details about what I learned. Hopefully, that'll make it a bit easier for you when it's your time to schedule those terrifying meetings with potential future users :)

I co-founded one of the biggest behavioural analytics companies in the world

Erik Näslund — Wed, 24 Mar 2021 15:34:39 GMT

Let's rewind a bit and tell you a bit about Hotjar, myself, and how I ended up where I am today.

Moving to Malta

I was born and raised in Sweden but moved to Malta in 2009, so I guess I should call myself Swed-tese by now. I had friends who did the move a few years ahead of me. After visiting just once I knew it was the place where I wanted to be. It had this great atmosphere, and a much more sensible and relaxed approach to life, at least in my opinion.

While living in Sweden I felt trapped in the hamster wheel of life, running towards something I didn't necessarily even know why I was trying to get to. Was I making a significant enough difference? Did what I do really matter?

So eventually I packed my bags and moved to Malta. Being an English-speaking EU country made the move really easy, and in a few weeks I had an apartment contract signed, and ready to start working at this place that was called Uniblue.

Co-founding Hotjar

During the early part of 2014, I got the amazing opportunity to be a co-founder of Hotjar. The other four co-founders were people I got to know from Uniblue. I still don't feel I deserved the chance, but apparently I did something to impress them enough to offer me to be a co-founder.

We built the core product in about six months, and we were off to the races. What happened then is something that still amazes me to this day - we got this incredible traction and today more than 900 000(!) organizations are using Hotjar.

We eventually realized we needed to start hiring a lot of people, and today Hotjar have more than 150 employees.

That sounds like an amazing growth story!

The first few years were super intense, and I think we all learned more than we ever had before about how to run a business.

However, recently I found myself thinking - am I back in the hamster wheel that I escaped from in the first place? After many sessions of discussing this with myself I realized that "yeah, I'm kinda back in the hamster wheel".

I had helped build the coolest company I ever worked at - but personally, I wasn't really happy anymore. I recently realized that I haven't been reflecting enough on important things in my life, and instead I kept myself busy with work. Once the gears started turning it became more and more obvious what I needed to do - leave the company I co-founded.

I don't really enjoy being a cog in a well-oiled machine. I thrive in the more chaotic environment you get in a tiny company, where you always have to wear multiple hats.

// Erik, in one of his late-night conversations with himself

So let's bring out an old classic - It's not you, it's me. In the case of myself and Hotjar it's really how it is though. I had helped to grow an awesome company that I'm so incredibly proud of - but a company that wasn't a place where I did my best work anymore.

So what's next?

I'm going back to doing what I love - creating and running a tiny company from scratch, but all by myself this time.

This book - "Company of One" actually helped me a lot. Much of what I read resonated so well with me, and I was finally able to realize what I wanted out of my work:

Spend my time doing things that I think are a net positive for humanity.
Build my work around my life and not the other way around.
Say no to opportunities that would require the company to grow in a way that wouldn't fit with the life I want to live.

I'm certain I wouldn't be able to pull this off if I tried to before my years with Hotjar. I was simply too naive and lacked a lot of the skills I've gathered over the years. I'll be forever thankful for what I learned at Hotjar, and all the special moments we shared!

If you're up for it, subscribe to my blog and follow my adventure of founding a new company from scratch. If you're interested in doing the same one day you might get a good tip or two. If you just wanna see if I make it that's fine too :)

I plan to write a new post about once a week. However, I'm going to start off by taking a couple of weeks of time off to recharge. The last seven years have been amazing, but demanding - I think I deserve a short break :p