immut able infrastructure
play

Immut able Infrastructure Rise of the Machine Images About Axel - PowerPoint PPT Presentation

Jun 19, 2023 •236 likes •1.17k views

@axelfontaine Immut able Infrastructure Rise of the Machine Images About Axel Fontaine Founder and CEO of Boxfuse Over 15 years industry experience Continuous Delivery expert Regular speaker at tech conferences JavaOne

  1. @axelfontaine Immut able Infrastructure Rise of the Machine Images

  2. About Axel Fontaine • Founder and CEO of Boxfuse • Over 15 years industry experience • Continuous Delivery expert • Regular speaker at tech conferences • JavaOne RockStar @axelfontaine

  3. flywaydb.org

  4. boxfuse.com

  5. about questions

  6. sometime in the 20 th century …

  8. http://en.wikipedia.org/wiki/File:Tdkc60cassette.jpg

  10. Challenges = + + ON PREM  Power  OS Install  Procurement  Network  OS Patching  Vendor Mgmt  Cooling  App Install  Capacity Plan.  Phys. Security  App Updates  Financing  Phys. Space

  11. Challenges = + + ON PREM  Power  OS Install  Procurement  Network  OS Patching  Vendor Mgmt  Cooling  App Install  Capacity Plan.  Phys. Security  App Updates  Financing  Phys. Space

  13. Challenges = + + ON PREM  Power  OS Install  Procurement  Network  OS Patching  Vendor Mgmt  Cooling  App Install  Capacity Plan.  Phys. Security  App Updates  Financing  Phys. Space Hours Days or Weeks Months

  14. Challenges = + + COLO  Power  OS Install  Procurement  Network  OS Patching  Vendor Mgmt  Cooling  App Install  Capacity Plan.  Phys. Security  App Updates  Financing  Phys. Space Hours Days or Weeks Months

  15. Challenges = + + ROOT SERVER  OS Install  Procurement  OS Patching  Vendor Mgmt  App Install  Capacity Plan.  App Updates  Financing Hours Days or Weeks

  16. Let’s talk about software  OS Install  OS Patching  App Install  App Updates

  17. POLL: which level of automation are you at?  Build  Unit Tests  Continuous Integration  Acceptance Tests  Continuous Deployment (Code)  Continuous Deployment (Code + DB + Configuration)  Infrastructure

  18. Test Build

  19. Test Build

  20. • One immutable unit • Regenerated after every change • Promoted from Environment to Environment Classic Mis istake: Build per Environment

  21. App App Server Language Libraries OS Kernel

  22. App App Server Language Libraries OS Kernel

  23. why aren’t we doing the same for the layers this is running on ???

  25. App App Server Language Test Build Libraries OS Kernel

  26. App App App Server Language Test Build Libraries OS Kernel

  27. Any difference is a potential source of errors App App App App Server App Server App Server Language Language Language Libraries Libraries Libraries OS Kernel OS Kernel OS Kernel

  28. Sysadmin Updates Updates Updates App App App App Server App Server App Server Language Language Language Libraries Libraries Libraries OS Kernel OS Kernel OS Kernel

  29. If I had asked my customers what they wanted they would have said a faster horse. Henry Ford

  30. Sysadmin Updates Updates Updates App App App App Server App Server App Server Language Language Language Libraries Libraries Libraries OS Kernel OS Kernel OS Kernel

  31. Automated Sysadmin Updates Updates Updates App App App App Server App Server App Server Language Language Language Libraries Libraries Libraries OS Kernel OS Kernel OS Kernel

  32. fast forward to 2016 …

  33. Every day, AWS adds enough server capacity to power the whole $7B enterprise Amazon.com was in 2004. Weekends included.

  34. Shift to a world of abundance (no more resource scarcity)

  35. Control Plane Data Plane "RIAN archive 341194 Kursk Nuclear Power Plant" by RIA "Advanced Test Reactor" by Argonne National Laboratory - Novosti archive, image #341194 / Sergey Pyatakov / CC-BY-SA originally posted to Flickr as Advanced Test Reactor core, 3.0. Licensed under CC BY-SA 3.0 via Wikimedia Commons - Idaho National LaboratoryUploaded using F2ComButton. http://commons.wikimedia.org/wiki/File:RIAN_archive_341194_ Licensed under CC BY-SA 2.0 via Wikimedia Commons - Kursk_Nuclear_Power_Plant.jpg#mediaviewer/File:RIAN_archi http://commons.wikimedia.org/wiki/File:Advanced_Test_Reac ve_341194_Kursk_Nuclear_Power_Plant.jpg tor.jpg#mediaviewer/File:Advanced_Test_Reactor.jpg

  36. Control Plane Data Plane

  37. Automated Cost-driven Provisioning Architectures

  38. it is time to rethink the faster horse

  39. App App Server Language Test Build Libraries OS Kernel

  40. App App Server Language Test Build Libraries OS Kernel Undifferentiated Heavy lifting

  41. App App Server Language Test Build Libraries OS Kernel

  42. App App Server Machine Machine Language Test Build Image Image Libraries OS Kernel

  43. App App App App Server App Server App Server Machine Machine Machine Language Language Language Image Image Image Libraries Libraries Libraries OS Kernel OS Kernel OS Kernel

  44. Updates Machine Machine Machine Image Image Image

  45. but there is one big problem left …

  46. Machine Network Cable Image

  47. Machine Multiple Network Cable Image GB

  48. Running servers in production should be like going backpacking. You take the bare minimum with you. Anything else is going to hurt. A Wise Man

  49. what is really adding business value ???

  50. Machine Network Cable Image

  51. App Compatibility App Server Man Pages Package Mgr Language Machine Compilers Log Files Network Cable Editors Utilities Image SSH Users Shells Firewall Drivers Libraries Daemons OS Kernel

  52. App App Server Language Bootable App Libraries OS Kernel

  53. 15 MB

  54. Multiple 15 MB GB

  55. Bootable Network Cable App

  56. who is this for ???

  57. App App Server Language Libraries OS Kernel 12-factor app

  58. demo

  59. What are the implications ???

  60. Focus shift Instance Service Individual instances become disposable

  61. Treat servers like cattle instead of pets

  62. for servers is dead!

  63. high uptime is a liability The longer an instance is up, the harder it becomes to recreate exactly (and it will fail eventually!)

  64. How to solve service discovery ? ? Instance Elastic Load Instance Balancer Use a stable Instance entry point with an internal registry

  65. What about security ? When was the last time your toaster got hacked?

  66. What about security ? Complexity is the Enemy of Security

  67. What about security ? • Smallest possible attack surface • Vastly reduced implications due to low Bootable uptime and transient nature of instances App • Very difficult to exploit other systems because essential tooling is missing

  68. what about configuration ??? • Bake as much configuration as possible for all environments directly in the Bootable App • Use environment detection and auto-configuration

  69. what about configuration ??? • Bake as much configuration as Key Value possible for all environments JDBC_URL jdbc :… directly in the Bootable App ENV prod • Use environment detection and auto-configuration • Pass remaining configuration Bootable App at startup and expose it as environment variables

  70. what about the database ??? Instance • Keep all persistent state out of the instance, including the database • Use one of the many good hosted solutions available like Amazon RDS or Google Cloud SQL • Use a database migration tool to update the schema on application startup

  71. what about the logs ??? ssh me@myserver1 LOG tail -f server.log file ssh me@myserver2 LOG tail -f server.log file ssh me@myserver3 LOG tail -f server.log file

  72. LOG file LOG log server file where logs can be • aggregated • stored and backuped LOG • indexed file • searched

  73. what about sessions ??? Instance Keep session in an encrypted and signed cookie • avoids session timeouts • avoids server clustering & session replication • avoids sticky sessions & server affinity

  74. what about rolling out new versions ???

  75. Availability Zone 1 App V1 Load Balancer App V1 Logs Availability Zone 2

  76. Availability Zone 1 App V1 Load Balancer App V1 Logs Availability Zone 2

  77. Availability Zone 1 App V1 App V2 Load Balancer App V1 Logs App V2 Availability Zone 2

  78. Availability Zone 1 App V1 App V2 Load Balancer App V1 Logs App V2 Availability Zone 2

  79. what about containers ??? (as in OS-level virtualization)

  80. understanding modern CPUs Both Intel and AMD have hardware support for virtualization • isolation • performance penalty

  81. on prem Image Image your OS+Container responsibility Hypervisor Runtime Hardware Hardware VM Container

  82. cloud Image OS+Container Image Runtime Hypervisor Hypervisor Hardware Hardware VM Container

  83. cloud your responsibility container container containers container container volumes images networking scheduling clo loud responsibility instance machine instance instance instances volumes images networking scheduling

  84. 1.5 months of t2.nano

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Infrastructure Solutions MSD 2250R Infrastructure Solutions Background: Infrastructure

Infrastructure Solutions MSD 2250R Infrastructure Solutions Background: Infrastructure

Infrastructure Solutions MSD 2250R Infrastructure Solutions Background: Infrastructure Solutions Excavator Trends In 2000: Particularly in demolition, excavators Excavator Weight: PC300 = 67,900lbs are moved regularly to new job sites

1.03k views • 13 slides
Medical Infrastructure in Medical Infrastructure in Medical Infrastructure in Medical

Medical Infrastructure in Medical Infrastructure in Medical Infrastructure in Medical

19-03-2018 Medical Infrastructure in Medical Infrastructure in Medical Infrastructure in Medical Infrastructure in Gujarat Gujarat Gujarat Gujarat Dr N B Dholakia Additional Director, Medical Services Department of Health and Family

657 views • 23 slides
The 5G Infrastructure Association 5G Infrastructure PPP 5G PanEuropean Trials Roadmap Dr.

The 5G Infrastructure Association 5G Infrastructure PPP 5G PanEuropean Trials Roadmap Dr.

The 5G Infrastructure Association 5G Infrastructure PPP 5G PanEuropean Trials Roadmap Dr. Didier Bourse Global 5G Event (G5GE) 2830.11.18 Rio 5G IEEE Summit 30.11.18 Rio 02/12/2018 1 5G Infrastructure PPP PPP Phase 1 /

1k views • 23 slides
U.S. INFRASTRUCTURE Services Underground 807,333 Telecommunica-ons Infrastructure

U.S. INFRASTRUCTURE Services Underground 807,333 Telecommunica-ons Infrastructure

Recent Report YR U-lity Grouping Subgroup Miles Petroleum Infrastructure Transmission Gathering 40,000 Crude 55,000 Product 95,000 Gas Infrastructure Transmission Hazardous 170,000 Gathering

912 views • 47 slides
What can Infrastructure do for you today? Daniel Humbedooh Gruno Infrastructure Architect,

What can Infrastructure do for you today? Daniel Humbedooh Gruno Infrastructure Architect,

What can Infrastructure do for you today? Daniel Humbedooh Gruno Infrastructure Architect, The Apache Software Foundation What is infrastructure? What is infrastructure? The Apache Infrastructure Committee (henceforth

482 views • 23 slides
Strategic Planning of Infrastructure for the Recovery Phase Infrastructure Canada June, 2020

Strategic Planning of Infrastructure for the Recovery Phase Infrastructure Canada June, 2020

Strategic Planning of Infrastructure for the Recovery Phase Infrastructure Canada June, 2020 Context Need to think about infrastructure spending Investment in infrastructure often cited as an essential component of efforts to lift the economy

1.24k views • 4 slides
Infrastructure Ontario (IO) Crown corporation responsible for building, managing, financing,

Infrastructure Ontario (IO) Crown corporation responsible for building, managing, financing,

Infrastructure Ontario 11/1/2014 BSE/CSCE Engineers Conference Nassau, Bahamas Jeffrey Plant MBA, P.Eng., PMP, CVS, CQA Vice President Civil Infrastructure October 31, 2014 www.infrastructureontario.ca 1 Infrastructure Ontario (IO)

95 views • 6 slides
The Future of Sustainable Infrastructure 1 The State of the Worlds Infrastructure The

The Future of Sustainable Infrastructure 1 The State of the Worlds Infrastructure The

The Future of Sustainable Infrastructure 1 The State of the Worlds Infrastructure The worlds infrastructure is desperately in need of investment, according to the American Society of Civil Engineers. The ASCE estimates the just US needs to

511 views • 16 slides
NYC Green Infrastructure Program Newtown Creek CAG Margot Walker, DEP Green Infrastructure in

NYC Green Infrastructure Program Newtown Creek CAG Margot Walker, DEP Green Infrastructure in

NYC Green Infrastructure Program Newtown Creek CAG Margot Walker, DEP Green Infrastructure in New York City Green infrastructure practices are designed and constructed to manage stormwater runoff when it rains. Green Infrastructure also helps

261 views • 14 slides
A Database of Infrastructure Externalities: Estimating the Societal Impacts of Infrastructure

A Database of Infrastructure Externalities: Estimating the Societal Impacts of Infrastructure

A Database of Infrastructure Externalities: Estimating the Societal Impacts of Infrastructure Projects December 2019 Abigail Schlageter IISD has developed a database that compiles available knowledge on the valuation of What? infrastructure

483 views • 22 slides
About the Infrastructure Reference Group process: The Infrastructure Reference Group ( IRG )

About the Infrastructure Reference Group process: The Infrastructure Reference Group ( IRG )

About the Infrastructure Reference Group process: The Infrastructure Reference Group ( IRG ) was established in response to the COVID-19 crisis and its impact on the infrastructure and construction sectors. It was asked to prepare a

331 views • 6 slides
Infrastructure Forum Defining a Net Zero framework for Infrastructure 21 st July 2020 In

Infrastructure Forum Defining a Net Zero framework for Infrastructure 21 st July 2020 In

Infrastructure Forum Defining a Net Zero framework for Infrastructure 21 st July 2020 In collaboration with: UKGBC - Together for a better built environment Net Zero Infrastructure Introductions Coalition UKGBC Team Ross Ra Ro Ramsay

307 views • 27 slides
Using HPC Wales Agenda Infrastructure : An Overview of our Infrastructure Logging in :

Using HPC Wales Agenda Infrastructure : An Overview of our Infrastructure Logging in :

Using HPC Wales Agenda Infrastructure : An Overview of our Infrastructure Logging in : Command Line Interface and File Transfer Linux Basics : Commands and Text Editors Using Modules : Managing Software and the Environment

960 views • 75 slides
Compiler Infrastructure Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1

Compiler Infrastructure Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Compiler Infrastructure Systems and Internet Infrastructure Security

603 views • 23 slides
Bicycle Infrastructure 1st of 2 presentations about Bike Infrastructure This Month: A Picture of

Bicycle Infrastructure 1st of 2 presentations about Bike Infrastructure This Month: A Picture of

Bicycle Infrastructure 1st of 2 presentations about Bike Infrastructure This Month: A Picture of Transportation and Infrastructure in Druid Hills Next Month: A Look at Cycling and Infrastructure Design March 2018 Druid Hills Well use

549 views • 13 slides
Flexible Infrastructure Qualification What Is Flexible Infrastructure/Benefits Flexible

Flexible Infrastructure Qualification What Is Flexible Infrastructure/Benefits Flexible

Flexible Infrastructure Qualification What Is Flexible Infrastructure/Benefits Flexible Infrastructure is a system of systems that will provide capabilities for rapid space changes without the use of hot work. Benefits:

546 views • 8 slides
Atomic dif Atomic diffusion and lithium usion and lithium pr processing in ocessing in old

Atomic dif Atomic diffusion and lithium usion and lithium pr processing in ocessing in old

Atomic dif Atomic diffusion and lithium usion and lithium pr processing in ocessing in old metal poor star old metal poor stars Olivier Richard LUPM UMR5299, Universit Montpellier II, Montpellier, France Main collaborators: Georges

266 views • 22 slides
s r a t s B Marco Pignatari (Basel) G A - r e p Bill Paxton (KITP) u s n i n

s r a t s B Marco Pignatari (Basel) G A - r e p Bill Paxton (KITP) u s n i n

Low- and intermediate mass stellar evolution and recurrent H-ingestion events in super-AGB thermal pulses s r a t s B Marco Pignatari (Basel) G A - r e p Bill Paxton (KITP) u s n i n Paul Woodward (U Minnesota) o i t s u

415 views • 38 slides
PVMD Arno Smets Delft University of Technology Learning objectives How is absorption

PVMD Arno Smets Delft University of Technology Learning objectives How is absorption

Yablonovitch limit PVMD Arno Smets Delft University of Technology Learning objectives How is absorption enhancement limit derived What assumptions underlie this limit Absorption enhancement in a c-Si solar cell Enhancement by

839 views • 14 slides
Vortex shedding past square cylinder Vortex shedding past square cylinder URANS (K-Omega SST with

Vortex shedding past square cylinder Vortex shedding past square cylinder URANS (K-Omega SST with

Vortex shedding past square cylinder Vortex shedding past square cylinder URANS (K-Omega SST with no wall functions) LES (Smagorinsky) Vortices visualized by Q-criterion Vortices visualized by Q-criterion

671 views • 19 slides
Matrices with Integer Eigenvalues 4 1 1 0 1 1 4 0 1 1

Matrices with Integer Eigenvalues 4 1 1 0 1 1 4 0 1 1

Matrices with Integer Eigenvalues 4 1 1 0 1 1 4 0 1 1 1 0 3 0 0 0 1 0 3 0 1 1 0 0 3 Ron Adin Bar-Ilan University

758 views • 27 slides
Laconic Zero Knowledge to Public Key Cryptography Public Key Cryptography Akshay Degwekar

Laconic Zero Knowledge to Public Key Cryptography Public Key Cryptography Akshay Degwekar

Laconic Zero Knowledge to Public Key Cryptography Public Key Cryptography Akshay Degwekar (MIT) Public Key Encryption (PKE) [Diffie-Hellman76, Rivest-Shamir-Adelman78, Goldwasser-Micali82] pk sk Public Key Encryption Public Key Encryption

296 views • 25 slides
Theories of Hyperarithmetic Analysis. Antonio Montalb an. University of Chicago Columbus, OH,

Theories of Hyperarithmetic Analysis. Antonio Montalb an. University of Chicago Columbus, OH,

Hyperarithmetic analysis in the 70s Background Hyperarithmetic analysis in the 00s Known theories Theories of Hyperarithmetic Analysis. Antonio Montalb an. University of Chicago Columbus, OH, May 2009 CONFERENCE IN HONOR OF THE 60th

270 views • 25 slides
Quantum non-malleability and authentication Christian Majenz QMATH, University of Copenhagen

Quantum non-malleability and authentication Christian Majenz QMATH, University of Copenhagen

Quantum non-malleability and authentication Christian Majenz QMATH, University of Copenhagen Joint work with Gorjan Alagic, NIST and University of Maryland CRYPTO 2017, UCSB 24.08.2017 Motivation: a classical story... Crypto for bank

1.01k views • 83 slides

More recommend