SlideShare a Scribd company logo

From Zero To Production (NixOS, Erlang) @ Erlang Factory SF 2016

This talk will introduce the audience to the Nix packaging, NixOS, and related ecosystem tools for Erlang/Elixir developers. By reviewing common development, testing, and deployment problems we will look at what Nix has to offer to aid Erlang/Elixir developers in these areas. From seamless developer environment bootstrapping to consistent CI environments and beyond.

1 of 64
Download to read offline
Zero to Production
Erlang Factory
San Francisco
March 11, 2016
Susan Potter @ Lookout
twitter: @SusanPotter
github: mbbx6spp
InfraEng @ Lookout
1 # finger infraeng
2 Login: infraeng
3 Name: Infra Eng @ Lookout
4 Shell: /run/current -system/sw/bin/bash
5 Last login Mon Mar 11 14:10 (PST) on pts /10
6
7 * Multiple services in prod
8 * 200 -300 hosts monitored already
9 * Internal Nix channel
10 * Internal binary cache
11 * One repository per service
12 * Repository is source of truth
13 * We are hiring! Come talk to me. :)
% whoami
Figure: From backend dev to infrastructure engineering
Reliability
“Those who want really reliable software will discover
that they must find means of avoiding the majority of
bugs to start with, and as a result the programming
process will become cheaper.” – EWD340
From Zero To Production (NixOS, Erlang) @ Erlang Factory SF 2016
Reduce Costs & Frustration
“If you want more effective programmers, you will
discover that they should not waste their time debugging,
they should not introduce the bugs to start with.”–
EWD340

Recommended

Dynamo: Not Just For Datastores
Dynamo: Not Just For DatastoresDynamo: Not Just For Datastores
Dynamo: Not Just For DatastoresSusan Potter
 
From Zero to Application Delivery with NixOS
From Zero to Application Delivery with NixOSFrom Zero to Application Delivery with NixOS
From Zero to Application Delivery with NixOSSusan Potter
 
Ricon/West 2013: Adventures with Riak Pipe
Ricon/West 2013: Adventures with Riak PipeRicon/West 2013: Adventures with Riak Pipe
Ricon/West 2013: Adventures with Riak PipeSusan Potter
 
Functional Operations (Functional Programming at Comcast Labs Connect)
Functional Operations (Functional Programming at Comcast Labs Connect)Functional Operations (Functional Programming at Comcast Labs Connect)
Functional Operations (Functional Programming at Comcast Labs Connect)Susan Potter
 
How and Why Prometheus' New Storage Engine Pushes the Limits of Time Series D...
How and Why Prometheus' New Storage Engine Pushes the Limits of Time Series D...How and Why Prometheus' New Storage Engine Pushes the Limits of Time Series D...
How and Why Prometheus' New Storage Engine Pushes the Limits of Time Series D...Docker, Inc.
 
Behind modern concurrency primitives
Behind modern concurrency primitivesBehind modern concurrency primitives
Behind modern concurrency primitivesBartosz Sypytkowski
 

More Related Content

What's hot

The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...
The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...
The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...CODE BLUE
 
Kqueue : Generic Event notification
Kqueue : Generic Event notificationKqueue : Generic Event notification
Kqueue : Generic Event notificationMahendra M
 
Winter is coming? Not if ZooKeeper is there!
Winter is coming? Not if ZooKeeper is there!Winter is coming? Not if ZooKeeper is there!
Winter is coming? Not if ZooKeeper is there!Joydeep Banik Roy
 
Testing Wi-Fi with OSS Tools
Testing Wi-Fi with OSS ToolsTesting Wi-Fi with OSS Tools
Testing Wi-Fi with OSS ToolsAll Things Open
 
Fluentd - CNCF Paris
Fluentd - CNCF ParisFluentd - CNCF Paris
Fluentd - CNCF ParisHorgix
 
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaTake a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaCODE BLUE
 
From nothing to Prometheus : one year after
From nothing to Prometheus : one year afterFrom nothing to Prometheus : one year after
From nothing to Prometheus : one year afterAntoine Leroyer
 
Ice mini guide
Ice mini guideIce mini guide
Ice mini guideAdy Liu
 
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershellCSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershellCanSecWest
 
Introduction to Apache ZooKeeper | Big Data Hadoop Spark Tutorial | CloudxLab
Introduction to Apache ZooKeeper | Big Data Hadoop Spark Tutorial | CloudxLabIntroduction to Apache ZooKeeper | Big Data Hadoop Spark Tutorial | CloudxLab
Introduction to Apache ZooKeeper | Big Data Hadoop Spark Tutorial | CloudxLabCloudxLab
 
[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network TroubleshootingOpen Source Consulting
 
Running High Performance & Fault-tolerant Elasticsearch Clusters on Docker
Running High Performance & Fault-tolerant Elasticsearch Clusters on DockerRunning High Performance & Fault-tolerant Elasticsearch Clusters on Docker
Running High Performance & Fault-tolerant Elasticsearch Clusters on DockerSematext Group, Inc.
 
Jafka guide
Jafka guideJafka guide
Jafka guideAdy Liu
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerJeff Anderson
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelpurpleocean
 
Packet Walk(s) In Kubernetes
Packet Walk(s) In KubernetesPacket Walk(s) In Kubernetes
Packet Walk(s) In KubernetesDon Jayakody
 
Deep Dive in Docker Overlay Networks
Deep Dive in Docker Overlay NetworksDeep Dive in Docker Overlay Networks
Deep Dive in Docker Overlay NetworksLaurent Bernaille
 
Twisted Introduction
Twisted IntroductionTwisted Introduction
Twisted Introductioncyli
 

What's hot (20)

The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...
The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...
The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel by...
 
Kqueue : Generic Event notification
Kqueue : Generic Event notificationKqueue : Generic Event notification
Kqueue : Generic Event notification
 
Winter is coming? Not if ZooKeeper is there!
Winter is coming? Not if ZooKeeper is there!Winter is coming? Not if ZooKeeper is there!
Winter is coming? Not if ZooKeeper is there!
 
Testing Wi-Fi with OSS Tools
Testing Wi-Fi with OSS ToolsTesting Wi-Fi with OSS Tools
Testing Wi-Fi with OSS Tools
 
Fluentd - CNCF Paris
Fluentd - CNCF ParisFluentd - CNCF Paris
Fluentd - CNCF Paris
 
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaTake a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
 
From nothing to Prometheus : one year after
From nothing to Prometheus : one year afterFrom nothing to Prometheus : one year after
From nothing to Prometheus : one year after
 
Ice mini guide
Ice mini guideIce mini guide
Ice mini guide
 
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershellCSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
CSW2017 Amanda rousseau cansecwest2017_net_hijacking_powershell
 
Introduction to Apache ZooKeeper | Big Data Hadoop Spark Tutorial | CloudxLab
Introduction to Apache ZooKeeper | Big Data Hadoop Spark Tutorial | CloudxLabIntroduction to Apache ZooKeeper | Big Data Hadoop Spark Tutorial | CloudxLab
Introduction to Apache ZooKeeper | Big Data Hadoop Spark Tutorial | CloudxLab
 
[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting
 
Running High Performance & Fault-tolerant Elasticsearch Clusters on Docker
Running High Performance & Fault-tolerant Elasticsearch Clusters on DockerRunning High Performance & Fault-tolerant Elasticsearch Clusters on Docker
Running High Performance & Fault-tolerant Elasticsearch Clusters on Docker
 
Jafka guide
Jafka guideJafka guide
Jafka guide
 
How we use Twisted in Launchpad
How we use Twisted in LaunchpadHow we use Twisted in Launchpad
How we use Twisted in Launchpad
 
Reactive server with netty
Reactive server with nettyReactive server with netty
Reactive server with netty
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support Engineer
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannel
 
Packet Walk(s) In Kubernetes
Packet Walk(s) In KubernetesPacket Walk(s) In Kubernetes
Packet Walk(s) In Kubernetes
 
Deep Dive in Docker Overlay Networks
Deep Dive in Docker Overlay NetworksDeep Dive in Docker Overlay Networks
Deep Dive in Docker Overlay Networks
 
Twisted Introduction
Twisted IntroductionTwisted Introduction
Twisted Introduction
 

Viewers also liked

Writing Bullet-Proof Javascript: By Using CoffeeScript
Writing Bullet-Proof Javascript: By Using CoffeeScriptWriting Bullet-Proof Javascript: By Using CoffeeScript
Writing Bullet-Proof Javascript: By Using CoffeeScriptSusan Potter
 
Link Walking with Riak
Link Walking with RiakLink Walking with Riak
Link Walking with RiakSusan Potter
 
Distributed Developer Workflows using Git
Distributed Developer Workflows using GitDistributed Developer Workflows using Git
Distributed Developer Workflows using GitSusan Potter
 
Functional Algebra: Monoids Applied
Functional Algebra: Monoids AppliedFunctional Algebra: Monoids Applied
Functional Algebra: Monoids AppliedSusan Potter
 
Designing for Concurrency
Designing for ConcurrencyDesigning for Concurrency
Designing for ConcurrencySusan Potter
 
Running Free with the Monads
Running Free with the MonadsRunning Free with the Monads
Running Free with the Monadskenbot
 
Modern Algorithms and Data Structures - 1. Bloom Filters, Merkle Trees
Modern Algorithms and Data Structures - 1. Bloom Filters, Merkle TreesModern Algorithms and Data Structures - 1. Bloom Filters, Merkle Trees
Modern Algorithms and Data Structures - 1. Bloom Filters, Merkle TreesLorenzo Alberton
 
Scaling Teams, Processes and Architectures
Scaling Teams, Processes and ArchitecturesScaling Teams, Processes and Architectures
Scaling Teams, Processes and ArchitecturesLorenzo Alberton
 
Your data structures are made of maths!
Your data structures are made of maths!Your data structures are made of maths!
Your data structures are made of maths!kenbot
 
Scalable Architectures - Taming the Twitter Firehose
Scalable Architectures - Taming the Twitter FirehoseScalable Architectures - Taming the Twitter Firehose
Scalable Architectures - Taming the Twitter FirehoseLorenzo Alberton
 
Scalaz By Example (An IO Taster) -- PDXScala Meetup Jan 2014
Scalaz By Example (An IO Taster) -- PDXScala Meetup Jan 2014Scalaz By Example (An IO Taster) -- PDXScala Meetup Jan 2014
Scalaz By Example (An IO Taster) -- PDXScala Meetup Jan 2014Susan Potter
 
Graphs in the Database: Rdbms In The Social Networks Age
Graphs in the Database: Rdbms In The Social Networks AgeGraphs in the Database: Rdbms In The Social Networks Age
Graphs in the Database: Rdbms In The Social Networks AgeLorenzo Alberton
 
The Art of Scalability - Managing growth
The Art of Scalability - Managing growthThe Art of Scalability - Managing growth
The Art of Scalability - Managing growthLorenzo Alberton
 
NoSQL Databases: Why, what and when
NoSQL Databases: Why, what and whenNoSQL Databases: Why, what and when
NoSQL Databases: Why, what and whenLorenzo Alberton
 
Monitoring at scale - Intuitive dashboard design
Monitoring at scale - Intuitive dashboard designMonitoring at scale - Intuitive dashboard design
Monitoring at scale - Intuitive dashboard designLorenzo Alberton
 
Trees In The Database - Advanced data structures
Trees In The Database - Advanced data structuresTrees In The Database - Advanced data structures
Trees In The Database - Advanced data structuresLorenzo Alberton
 
Category theory for beginners
Category theory for beginnersCategory theory for beginners
Category theory for beginnerskenbot
 
Data made out of functions
Data made out of functionsData made out of functions
Data made out of functionskenbot
 

Viewers also liked (19)

Writing Bullet-Proof Javascript: By Using CoffeeScript
Writing Bullet-Proof Javascript: By Using CoffeeScriptWriting Bullet-Proof Javascript: By Using CoffeeScript
Writing Bullet-Proof Javascript: By Using CoffeeScript
 
Link Walking with Riak
Link Walking with RiakLink Walking with Riak
Link Walking with Riak
 
Distributed Developer Workflows using Git
Distributed Developer Workflows using GitDistributed Developer Workflows using Git
Distributed Developer Workflows using Git
 
Functional Algebra: Monoids Applied
Functional Algebra: Monoids AppliedFunctional Algebra: Monoids Applied
Functional Algebra: Monoids Applied
 
Designing for Concurrency
Designing for ConcurrencyDesigning for Concurrency
Designing for Concurrency
 
Why Haskell
Why HaskellWhy Haskell
Why Haskell
 
Running Free with the Monads
Running Free with the MonadsRunning Free with the Monads
Running Free with the Monads
 
Modern Algorithms and Data Structures - 1. Bloom Filters, Merkle Trees
Modern Algorithms and Data Structures - 1. Bloom Filters, Merkle TreesModern Algorithms and Data Structures - 1. Bloom Filters, Merkle Trees
Modern Algorithms and Data Structures - 1. Bloom Filters, Merkle Trees
 
Scaling Teams, Processes and Architectures
Scaling Teams, Processes and ArchitecturesScaling Teams, Processes and Architectures
Scaling Teams, Processes and Architectures
 
Your data structures are made of maths!
Your data structures are made of maths!Your data structures are made of maths!
Your data structures are made of maths!
 
Scalable Architectures - Taming the Twitter Firehose
Scalable Architectures - Taming the Twitter FirehoseScalable Architectures - Taming the Twitter Firehose
Scalable Architectures - Taming the Twitter Firehose
 
Scalaz By Example (An IO Taster) -- PDXScala Meetup Jan 2014
Scalaz By Example (An IO Taster) -- PDXScala Meetup Jan 2014Scalaz By Example (An IO Taster) -- PDXScala Meetup Jan 2014
Scalaz By Example (An IO Taster) -- PDXScala Meetup Jan 2014
 
Graphs in the Database: Rdbms In The Social Networks Age
Graphs in the Database: Rdbms In The Social Networks AgeGraphs in the Database: Rdbms In The Social Networks Age
Graphs in the Database: Rdbms In The Social Networks Age
 
The Art of Scalability - Managing growth
The Art of Scalability - Managing growthThe Art of Scalability - Managing growth
The Art of Scalability - Managing growth
 
NoSQL Databases: Why, what and when
NoSQL Databases: Why, what and whenNoSQL Databases: Why, what and when
NoSQL Databases: Why, what and when
 
Monitoring at scale - Intuitive dashboard design
Monitoring at scale - Intuitive dashboard designMonitoring at scale - Intuitive dashboard design
Monitoring at scale - Intuitive dashboard design
 
Trees In The Database - Advanced data structures
Trees In The Database - Advanced data structuresTrees In The Database - Advanced data structures
Trees In The Database - Advanced data structures
 
Category theory for beginners
Category theory for beginnersCategory theory for beginners
Category theory for beginners
 
Data made out of functions
Data made out of functionsData made out of functions
Data made out of functions
 

Similar to From Zero To Production (NixOS, Erlang) @ Erlang Factory SF 2016

Infrastructure as code - Python Saati #36
Infrastructure as code - Python Saati #36Infrastructure as code - Python Saati #36
Infrastructure as code - Python Saati #36Halil Kaya
 
Splunk n-box-splunk conf-2017
Splunk n-box-splunk conf-2017Splunk n-box-splunk conf-2017
Splunk n-box-splunk conf-2017Mohamad Hassan
 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Cosimo Streppone
 
(1) cpp introducing the_cpp_programming_language
(1) cpp introducing the_cpp_programming_language(1) cpp introducing the_cpp_programming_language
(1) cpp introducing the_cpp_programming_languageNico Ludwig
 
Toolbox of a Ruby Team
Toolbox of a Ruby TeamToolbox of a Ruby Team
Toolbox of a Ruby TeamArto Artnik
 
Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014biicode
 
Postgres the hardway
Postgres the hardwayPostgres the hardway
Postgres the hardwayDave Pitts
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis OverviewLeo Lorieri
 
Deploying Plone and Volto, the Hard Way
Deploying Plone and Volto, the Hard WayDeploying Plone and Volto, the Hard Way
Deploying Plone and Volto, the Hard WayAsko Soukka
 
ECMAScript 6 and the Node Driver
ECMAScript 6 and the Node DriverECMAScript 6 and the Node Driver
ECMAScript 6 and the Node DriverMongoDB
 
containerit at useR!2017 conference, Brussels
containerit at useR!2017 conference, Brusselscontainerit at useR!2017 conference, Brussels
containerit at useR!2017 conference, BrusselsDaniel Nüst
 
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016Zabbix
 
stackconf 2022: Cluster Management: Heterogeneous, Lightweight, Safe. Pick Three
stackconf 2022: Cluster Management: Heterogeneous, Lightweight, Safe. Pick Threestackconf 2022: Cluster Management: Heterogeneous, Lightweight, Safe. Pick Three
stackconf 2022: Cluster Management: Heterogeneous, Lightweight, Safe. Pick ThreeNETWAYS
 
Create your oracle_apps_r12_lab_with_less_than_us1000
Create your oracle_apps_r12_lab_with_less_than_us1000Create your oracle_apps_r12_lab_with_less_than_us1000
Create your oracle_apps_r12_lab_with_less_than_us1000Ajith Narayanan
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabMichelle Holley
 
Oracle 11g R2 RAC setup on rhel 5.0
Oracle 11g R2 RAC setup on rhel 5.0Oracle 11g R2 RAC setup on rhel 5.0
Oracle 11g R2 RAC setup on rhel 5.0Santosh Kangane
 
Auditing the Opensource Kernels
Auditing the Opensource KernelsAuditing the Opensource Kernels
Auditing the Opensource KernelsSilvio Cesare
 
Infrastructureascode slideshare-160331143725
Infrastructureascode slideshare-160331143725Infrastructureascode slideshare-160331143725
Infrastructureascode slideshare-160331143725miguel dominguez
 

Similar to From Zero To Production (NixOS, Erlang) @ Erlang Factory SF 2016 (20)

Fun with Ruby and Cocoa
Fun with Ruby and CocoaFun with Ruby and Cocoa
Fun with Ruby and Cocoa
 
Infrastructure as code - Python Saati #36
Infrastructure as code - Python Saati #36Infrastructure as code - Python Saati #36
Infrastructure as code - Python Saati #36
 
Splunk n-box-splunk conf-2017
Splunk n-box-splunk conf-2017Splunk n-box-splunk conf-2017
Splunk n-box-splunk conf-2017
 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013Puppet at Opera Sofware - PuppetCamp Oslo 2013
Puppet at Opera Sofware - PuppetCamp Oslo 2013
 
(1) cpp introducing the_cpp_programming_language
(1) cpp introducing the_cpp_programming_language(1) cpp introducing the_cpp_programming_language
(1) cpp introducing the_cpp_programming_language
 
Toolbox of a Ruby Team
Toolbox of a Ruby TeamToolbox of a Ruby Team
Toolbox of a Ruby Team
 
Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014
 
Postgres the hardway
Postgres the hardwayPostgres the hardway
Postgres the hardway
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
 
Deploying Plone and Volto, the Hard Way
Deploying Plone and Volto, the Hard WayDeploying Plone and Volto, the Hard Way
Deploying Plone and Volto, the Hard Way
 
ECMAScript 6 and the Node Driver
ECMAScript 6 and the Node DriverECMAScript 6 and the Node Driver
ECMAScript 6 and the Node Driver
 
Ender
EnderEnder
Ender
 
containerit at useR!2017 conference, Brussels
containerit at useR!2017 conference, Brusselscontainerit at useR!2017 conference, Brussels
containerit at useR!2017 conference, Brussels
 
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
 
stackconf 2022: Cluster Management: Heterogeneous, Lightweight, Safe. Pick Three
stackconf 2022: Cluster Management: Heterogeneous, Lightweight, Safe. Pick Threestackconf 2022: Cluster Management: Heterogeneous, Lightweight, Safe. Pick Three
stackconf 2022: Cluster Management: Heterogeneous, Lightweight, Safe. Pick Three
 
Create your oracle_apps_r12_lab_with_less_than_us1000
Create your oracle_apps_r12_lab_with_less_than_us1000Create your oracle_apps_r12_lab_with_less_than_us1000
Create your oracle_apps_r12_lab_with_less_than_us1000
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on Lab
 
Oracle 11g R2 RAC setup on rhel 5.0
Oracle 11g R2 RAC setup on rhel 5.0Oracle 11g R2 RAC setup on rhel 5.0
Oracle 11g R2 RAC setup on rhel 5.0
 
Auditing the Opensource Kernels
Auditing the Opensource KernelsAuditing the Opensource Kernels
Auditing the Opensource Kernels
 
Infrastructureascode slideshare-160331143725
Infrastructureascode slideshare-160331143725Infrastructureascode slideshare-160331143725
Infrastructureascode slideshare-160331143725
 

More from Susan Potter

Thinking in Properties
Thinking in PropertiesThinking in Properties
Thinking in PropertiesSusan Potter
 
Champaign-Urbana Javascript Meetup Talk (Jan 2020)
Champaign-Urbana Javascript Meetup Talk (Jan 2020)Champaign-Urbana Javascript Meetup Talk (Jan 2020)
Champaign-Urbana Javascript Meetup Talk (Jan 2020)Susan Potter
 
From Zero to Haskell: Lessons Learned
From Zero to Haskell: Lessons LearnedFrom Zero to Haskell: Lessons Learned
From Zero to Haskell: Lessons LearnedSusan Potter
 
Dynamically scaling a political news and activism hub (up to 5x the traffic i...
Dynamically scaling a political news and activism hub (up to 5x the traffic i...Dynamically scaling a political news and activism hub (up to 5x the traffic i...
Dynamically scaling a political news and activism hub (up to 5x the traffic i...Susan Potter
 
Deploying distributed software services to the cloud without breaking a sweat
Deploying distributed software services to the cloud without breaking a sweatDeploying distributed software services to the cloud without breaking a sweat
Deploying distributed software services to the cloud without breaking a sweatSusan Potter
 

More from Susan Potter (6)

Thinking in Properties
Thinking in PropertiesThinking in Properties
Thinking in Properties
 
Champaign-Urbana Javascript Meetup Talk (Jan 2020)
Champaign-Urbana Javascript Meetup Talk (Jan 2020)Champaign-Urbana Javascript Meetup Talk (Jan 2020)
Champaign-Urbana Javascript Meetup Talk (Jan 2020)
 
From Zero to Haskell: Lessons Learned
From Zero to Haskell: Lessons LearnedFrom Zero to Haskell: Lessons Learned
From Zero to Haskell: Lessons Learned
 
Dynamically scaling a political news and activism hub (up to 5x the traffic i...
Dynamically scaling a political news and activism hub (up to 5x the traffic i...Dynamically scaling a political news and activism hub (up to 5x the traffic i...
Dynamically scaling a political news and activism hub (up to 5x the traffic i...
 
Twitter4R OAuth
Twitter4R OAuthTwitter4R OAuth
Twitter4R OAuth
 
Deploying distributed software services to the cloud without breaking a sweat
Deploying distributed software services to the cloud without breaking a sweatDeploying distributed software services to the cloud without breaking a sweat
Deploying distributed software services to the cloud without breaking a sweat
 

Recently uploaded

Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019VICTOR MAESTRE RAMIREZ
 
Workshop híbrido: Stream Processing con Flink
Workshop híbrido: Stream Processing con FlinkWorkshop híbrido: Stream Processing con Flink
Workshop híbrido: Stream Processing con Flinkconfluent
 
killing camp 주차장 나누기-2 topology sort.pdf
killing camp 주차장 나누기-2 topology sort.pdfkilling camp 주차장 나누기-2 topology sort.pdf
killing camp 주차장 나누기-2 topology sort.pdfssuser82c38d
 
Joseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureJoseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureHironori Washizaki
 
Cybersecurity Measures For Remote Workers.pdf
Cybersecurity Measures For Remote Workers.pdfCybersecurity Measures For Remote Workers.pdf
Cybersecurity Measures For Remote Workers.pdfCIOWomenMagazine
 
Passbolt Introduction and Usage for secret managment
Passbolt Introduction and Usage for secret managmentPassbolt Introduction and Usage for secret managment
Passbolt Introduction and Usage for secret managmentThierry Gayet
 
Automation for Bonterra Impact Management (fka Apricot)
Automation for Bonterra Impact Management (fka Apricot)Automation for Bonterra Impact Management (fka Apricot)
Automation for Bonterra Impact Management (fka Apricot)Jeffrey Haguewood
 
killingcamp longest common subsequence.pdf
killingcamp longest common subsequence.pdfkillingcamp longest common subsequence.pdf
killingcamp longest common subsequence.pdfssuser82c38d
 
Design pattern talk by Kaya Weers - 2024
Design pattern talk by Kaya Weers - 2024Design pattern talk by Kaya Weers - 2024
Design pattern talk by Kaya Weers - 2024Kaya Weers
 
No more Dockerfiles? Buildpacks to help you ship your image!
No more Dockerfiles? Buildpacks to help you ship your image!No more Dockerfiles? Buildpacks to help you ship your image!
No more Dockerfiles? Buildpacks to help you ship your image!Anthony Dahanne
 
What are the Reasons for Tracking the Attendance of the Employees?
What are the Reasons for Tracking the Attendance of the Employees?What are the Reasons for Tracking the Attendance of the Employees?
What are the Reasons for Tracking the Attendance of the Employees?NYGGS Automation Suite
 
CSS Notes in PDF, Easy to understand. For beginner to advanced. ...
CSS Notes in PDF, Easy to understand. For beginner to advanced.              ...CSS Notes in PDF, Easy to understand. For beginner to advanced.              ...
CSS Notes in PDF, Easy to understand. For beginner to advanced. ...syedfaisal759877
 
LLMOps with Azure Machine Learning prompt flow
LLMOps with Azure Machine Learning prompt flowLLMOps with Azure Machine Learning prompt flow
LLMOps with Azure Machine Learning prompt flowNaoki (Neo) SATO
 
Orion Context Broker introduction 20240227
Orion Context Broker introduction 20240227Orion Context Broker introduction 20240227
Orion Context Broker introduction 20240227Fermin Galan
 
Welcome to AltTask - the nexus where innovation converges with empowerment!
Welcome to AltTask - the nexus where innovation converges with empowerment!Welcome to AltTask - the nexus where innovation converges with empowerment!
Welcome to AltTask - the nexus where innovation converges with empowerment!alttaskcom
 
How AI is preventing account fraud at web scale
How AI is preventing account fraud at web scaleHow AI is preventing account fraud at web scale
How AI is preventing account fraud at web scaleAmir Moghimi
 
The Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and TakeawaysThe Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and TakeawaysThousandEyes
 
Role of DevOps in SaaS product Development.pdf.pptx
Role of DevOps in SaaS product Development.pdf.pptxRole of DevOps in SaaS product Development.pdf.pptx
Role of DevOps in SaaS product Development.pdf.pptxMindInventory
 
Open Source vs Closed Source LLMs. Pros and Cons
Open Source vs Closed Source LLMs. Pros and ConsOpen Source vs Closed Source LLMs. Pros and Cons
Open Source vs Closed Source LLMs. Pros and ConsSprings
 

Recently uploaded (20)

2024 Trends Transforming Enterprise Resource Planning
2024 Trends Transforming Enterprise Resource Planning2024 Trends Transforming Enterprise Resource Planning
2024 Trends Transforming Enterprise Resource Planning
 
Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019Implementing Docker Containers with Windows Server 2019
Implementing Docker Containers with Windows Server 2019
 
Workshop híbrido: Stream Processing con Flink
Workshop híbrido: Stream Processing con FlinkWorkshop híbrido: Stream Processing con Flink
Workshop híbrido: Stream Processing con Flink
 
killing camp 주차장 나누기-2 topology sort.pdf
killing camp 주차장 나누기-2 topology sort.pdfkilling camp 주차장 나누기-2 topology sort.pdf
killing camp 주차장 나누기-2 topology sort.pdf
 
Joseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about ArchitectureJoseph Yoder : Being Agile about Architecture
Joseph Yoder : Being Agile about Architecture
 
Cybersecurity Measures For Remote Workers.pdf
Cybersecurity Measures For Remote Workers.pdfCybersecurity Measures For Remote Workers.pdf
Cybersecurity Measures For Remote Workers.pdf
 
Passbolt Introduction and Usage for secret managment
Passbolt Introduction and Usage for secret managmentPassbolt Introduction and Usage for secret managment
Passbolt Introduction and Usage for secret managment
 
Automation for Bonterra Impact Management (fka Apricot)
Automation for Bonterra Impact Management (fka Apricot)Automation for Bonterra Impact Management (fka Apricot)
Automation for Bonterra Impact Management (fka Apricot)
 
killingcamp longest common subsequence.pdf
killingcamp longest common subsequence.pdfkillingcamp longest common subsequence.pdf
killingcamp longest common subsequence.pdf
 
Design pattern talk by Kaya Weers - 2024
Design pattern talk by Kaya Weers - 2024Design pattern talk by Kaya Weers - 2024
Design pattern talk by Kaya Weers - 2024
 
No more Dockerfiles? Buildpacks to help you ship your image!
No more Dockerfiles? Buildpacks to help you ship your image!No more Dockerfiles? Buildpacks to help you ship your image!
No more Dockerfiles? Buildpacks to help you ship your image!
 
What are the Reasons for Tracking the Attendance of the Employees?
What are the Reasons for Tracking the Attendance of the Employees?What are the Reasons for Tracking the Attendance of the Employees?
What are the Reasons for Tracking the Attendance of the Employees?
 
CSS Notes in PDF, Easy to understand. For beginner to advanced. ...
CSS Notes in PDF, Easy to understand. For beginner to advanced.              ...CSS Notes in PDF, Easy to understand. For beginner to advanced.              ...
CSS Notes in PDF, Easy to understand. For beginner to advanced. ...
 
LLMOps with Azure Machine Learning prompt flow
LLMOps with Azure Machine Learning prompt flowLLMOps with Azure Machine Learning prompt flow
LLMOps with Azure Machine Learning prompt flow
 
Orion Context Broker introduction 20240227
Orion Context Broker introduction 20240227Orion Context Broker introduction 20240227
Orion Context Broker introduction 20240227
 
Welcome to AltTask - the nexus where innovation converges with empowerment!
Welcome to AltTask - the nexus where innovation converges with empowerment!Welcome to AltTask - the nexus where innovation converges with empowerment!
Welcome to AltTask - the nexus where innovation converges with empowerment!
 
How AI is preventing account fraud at web scale
How AI is preventing account fraud at web scaleHow AI is preventing account fraud at web scale
How AI is preventing account fraud at web scale
 
The Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and TakeawaysThe Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and Takeaways
 
Role of DevOps in SaaS product Development.pdf.pptx
Role of DevOps in SaaS product Development.pdf.pptxRole of DevOps in SaaS product Development.pdf.pptx
Role of DevOps in SaaS product Development.pdf.pptx
 
Open Source vs Closed Source LLMs. Pros and Cons
Open Source vs Closed Source LLMs. Pros and ConsOpen Source vs Closed Source LLMs. Pros and Cons
Open Source vs Closed Source LLMs. Pros and Cons
 

From Zero To Production (NixOS, Erlang) @ Erlang Factory SF 2016

  • 1. Zero to Production Erlang Factory San Francisco March 11, 2016 Susan Potter @ Lookout twitter: @SusanPotter github: mbbx6spp
  • 2. InfraEng @ Lookout 1 # finger infraeng 2 Login: infraeng 3 Name: Infra Eng @ Lookout 4 Shell: /run/current -system/sw/bin/bash 5 Last login Mon Mar 11 14:10 (PST) on pts /10 6 7 * Multiple services in prod 8 * 200 -300 hosts monitored already 9 * Internal Nix channel 10 * Internal binary cache 11 * One repository per service 12 * Repository is source of truth 13 * We are hiring! Come talk to me. :)
  • 3. % whoami Figure: From backend dev to infrastructure engineering
  • 4. Reliability “Those who want really reliable software will discover that they must find means of avoiding the majority of bugs to start with, and as a result the programming process will become cheaper.” – EWD340
  • 6. Reduce Costs & Frustration “If you want more effective programmers, you will discover that they should not waste their time debugging, they should not introduce the bugs to start with.”– EWD340
  • 7. Why care now? 1 Economic factors large distributed deployments
  • 8. Why care now? 1 Economic factors large distributed deployments 2 Human factors high churn/turnover, low quality of ops life
  • 9. Why care now? 1 Economic factors large distributed deployments 2 Human factors high churn/turnover, low quality of ops life 3 Technological factors programmable infrastructure & FP no longer just for academics
  • 10. More Services 1 Currently 20-30 services 2 More services ready each month 3 Expect 50+ by end of year 4 Various stacks/runtimes
  • 11. More Environments 1 Ephemeral (integration testing) 2 Product lines (consumer vs enterprise) 3 Performance 4 Partners
  • 13. Agenda 1 The Problem 2 The Principle 3 Introduce Nix* Ecosystem 4 How Nix Solves Our Problems 5 Lessons Learned
  • 14. Problem: Software Delivery Environment provisioning not repeatable in practice
  • 15. Problem: Software Delivery Continuous integration builds break with app dependency changes
  • 16. Problem: Software Delivery Deploys have unexpected consequences that ‘–dry-run/–why-run’ cannot catch
  • 17. Requirements: Optimize for . . . 1 Scalability solved by on-demand ”cloud”
  • 18. Requirements: Optimize for . . . 1 Scalability solved by on-demand ”cloud” 2 Reliability solved by . . .
  • 19. So what yields reliability?
  • 20. So what yields reliability? Ability to reason about code.
  • 21. What allows you to reason about code?
  • 22. What allows you to reason about code? Referential transparency (RT)!
  • 24. Functions have inputs (Erlang) 1 -module(myfuns ). 2 3 % Two input arguments here 4 myadd(X, Y) -> X + Y. 5 6 % One input argument here 7 mylen(S) -> len(S).
  • 25. Functions have inputs (Nix) 1 # stdenv , fetchurl , gcc , help2man are 2 # (package) inputs to this package 3 { stdenv , fetchurl , gcc , help2man }: 4 let 5 version = "2.1.1"; 6 in stdenv.mkDerivation { 7 inherit version; 8 name = "hello -${version}"; 9 src = fetchurl { ... }; 10 # gcc and help2man are build deps 11 buildInputs = [ gcc help2man ]; 12 }
  • 26. Functions return a result (Erlang) 1 Eshell V7.0 (abort with ^G) 2 1> c(myfuns ). 3 {ok ,myfuns} 4 2> myfuns:myadd (1 ,4). 5 5 6 3> myfuns:mylen("Hello ,␣Erlang␣Factory."). 7 22 8 4> q(). 9 ok 10 5>
  • 27. Functions return a result (Nix) 1 $ nix -repl ’<nixpkgs >’ 2 3 Loading <nixpkgs > ldots 4 Added 5876 variables . 5 6 nix -repl > hello = import ./ hello.nix { 7 inherit stdenv fetchurl gcc help2man; 8 } 9 10 nix -repl > hello 11 derivation /nix/store /...0am -hello -2.1.1. drv
  • 28. Functions return a result (Nix) 1 nix -repl > "${hello}" 2 "/nix/store/jg1l1 ...lsj -hello -2.1.1" 3 4 nix -repl > :q 5 6 $ nix -build hello.nix 7 --arg stdenv "(import␣<nixpkgs >␣{}). stdenv" 8 --arg fetchurl "(import␣<nixpkgs >␣{}). fetchurl" 9 --arg gcc "(import␣<nixpkgs >␣{}). gcc" 10 --arg help2man "(import␣<nixpkgs >␣{}). help2man" 11 /nix/store/jg1l1 ...lsj -hello -2.1.1
  • 29. Only depend on inputs (Erlang) 1 $ cat inputs.erl 2 -module(inputs ). 3 4 mylol(X, Y) -> Z. 5 $ erl 6 Eshell V7.0 (abort with ^G) 7 1> c(inputs ). 8 inputs.erl :3: variable ’Z’ is unbound 9 inputs.erl :3: Warning: function mylol /2 is unused 10 inputs.erl :3: Warning: variable ’X’ is unused 11 inputs.erl :3: Warning: variable ’Y’ is unused 12 error 13 2> q(). 14 ok
  • 30. Only depend on inputs 1 # Remove help2man from package input arguments 2 $ cat hello.nix hello.nix.1 3 1c1 4 < { stdenv , fetchurl , gcc , help2man }: 5 --- 6 > { stdenv , fetchurl , gcc }: 7 8 $ nix -build hello.nix.1 9 --arg stdenv "(import␣<nixpkgs >␣{}). stdenv" 10 --arg fetchurl "(import␣<nixpkgs >␣{}). fetchurl" 11 --arg gcc "(import␣<nixpkgs >␣{}). gcc" 12 error: undefined variable help2man at hello.nix :11:23
  • 31. Only depend on inputs 1 # Remove help2man from buildInputs 2 $ cat hello.nix hello.nix.2 3 11c11 4 < buildInputs = [ gcc help2man ]; 5 --- 6 > buildInputs = [ gcc ]; 7 8 $ nix -build hello.nix.2 9 --arg stdenv "(import␣<nixpkgs >␣{}). stdenv" 10 --arg fetchurl "(import␣<nixpkgs >␣{}). fetchurl" 11 --arg gcc "(import␣<nixpkgs >␣{}). gcc" 12 --arg help2man "(import␣<nixpkgs >␣{}). help2man" 13 ...
  • 32. Only depend on inputs 1 these derivations will be built: 2 /nix/store /19 x32rhqx ...mn80 -hello -2.1.1. drv 3 building path(s) /nix/store/v38 ...2 m58h -hello -2.1.1 4 unpacking sources 5 unpacking source archive /nix/store /...-hello -2.1.1. tar.gz 6 source root is hello -2.1.1 7 ... 8 /nix /...-bash -.../ bash: help2man: command not found 9 Makefile :282: recipe for target ‘hello .1’ failed 10 make [2]: *** [hello .1] Error 127 11 ... 12 error: build of /nix /...n80 -hello -2.1.1. drv failed
  • 33. Return same result given same inputs 1 prop_ref_trans () -> 2 ?FORALL({X, Y}, {integer (), integer ()}, 3 begin 4 Z0 = myadd(X, Y), 5 Z1 = myadd(X, Y), 6 Z0 =:= Z1 7 end).
  • 34. Return same result given same inputs 1 $ while true; do 2 nix -build 3 --arg stdenv "(import␣<nixpkgs >␣{}). stdenv" 4 --arg fetchurl "(import␣<nixpkgs >␣{}). fetchurl" 5 --arg gcc "(import␣<nixpkgs >␣{}). gcc" 6 --arg help2man "(import␣<nixpkgs >␣{}). help2man" 7 hello.nix 8 done 9 /nix/store/jg1l1kw ...sj -hello -2.1.1 10 /nix/store/jg1l1kw ...sj -hello -2.1.1 11 ... 12 /nix/store/jg1l1kw ...sj -hello -2.1.1 13 ^Cerror: interrupted by the user
  • 35. The Big idea Referential Transparency Given same inputs, return same result. Always.
  • 37. Mainstream Package Management Based on shared + mutable state (filesystem)
  • 39. Alternative Approaches • shared + immutable • private + mutable • expensive coarse grained locks • hybrid without the expense
  • 40. Define all inputs • Force clean build env (chroot) • Requires explicit inputs • Full dependency definition
  • 41. Ensure RT • Use private mutable space • Different inputs, different result • Symlink unique results (atomic op)
  • 42. Nix Ecosystem • Expression language: Nix • Package management: Nix • Channel: <nixpkgs> • Operating System: NixOS • Configuration ”modules”: NixOS modules • Provisioning: NixOps • Orchestration: Disnix • CI: Hydra
  • 43. Repeatable Dev Envs 1 $ nix -shell -p erlangR17_odbc 2 these paths will be fetched (37.65 MiB download , 112.65 MiB 3 /nix/store /0jvs ...3vd -unixODBC -2.3.2 4 /nix/store/wf7w ...6fp -erlang -17.5 - odbc 5 fetching path /nix/store /0jvs...- unixODBC -2.3.2... 6 ... 7 [nix -shell :~]$ erl 8 Erlang/OTP 17 [erts -6.4] [source] [64-bit] ... 9 Eshell V6.4 (abort with ^G) 10 1>
  • 44. Repeatable Dev Envs 1 $ nix -shell -p erlangR18_javac 2 these paths will be fetched (38.04 MiB download , 113.91 MiB 3 /nix/store /94a...b3xn -erlang -18.2 4 fetching path /nix/store /94a...b3xn -erlang -18.2... 5 ... 6 [nix -shell :~]$ erl 7 Erlang/OTP 18 [erts -7.2] [source] [64-bit] ... 8 9 Eshell V7.2 (abort with ^G) 10 11 1>
  • 45. Repeatable Dev Envs 1 $ declare pkghost="releases.nixos.org" 2 $ declare release_url="https ://${pkghost }/ nixos" 3 $ nix -channel --add 4 "${release_url }/16.03 - beta/nixos -16.03.30.2068621 " nixpkgs 5 $ nix -shell 6 these derivations will be built: 7 /nix/store /267y...-elm -0.16.0. drv 8 these paths will be fetched (31.49 MiB download , 379.99 MiB 9 /nix/store /0bkd...- scientific -0.3.4.4 10 /nix/store /0d3y...-nodejs -4.3.1 11 ... 12 building path(s) /nix/store/jjzr ...-elm -0.16.0 13 created 6 symlinks in user environment
  • 46. Repeatable Dev Envs 1 $ cat shell.nix 2 { pkgs ? import <nixpkgs > {}, ... }: 3 let 4 inherit (pkgs) stdenv; 5 in stdenv.mkDerivation { 6 name = "myerlprj -devenv"; 7 buildInputs = with pkgs; [ 8 gitFull # Developer dependency 9 erlangR18 # Erlang version to use 10 hex2nix rebar3 # Erlang dev cycle tools 11 postgresql # RDBMS 12 elmPackages.elm # for front -end compiler 13 ]; 14 ...
  • 47. Repeatable Dev Envs 1 ... 2 shellHook = ’’ 3 export SERVICE_PORT =4444 4 export DATABASE_PORT =5432 5 export DATABASE_PATH=$PWD/data 6 export LOG_PATH=$PWD/log 7 if [ ! -d "${DATABASE_PATH }" ]; then 8 initdb "${DATABASE_PATH }" 9 fi 10 pg_ctl -D "${DATABASE_PATH }" 11 -l "${LOG_PATH}" 12 -o --path="${DATABASE_PORT }" start 13 ’’; 14 }
  • 48. Consistent CI Deps 1 $ head -3 z/ci/verify 2 #!/usr/bin/env nix -shell 3 #!nix -shell -I nixpkgs=URL 4 #!nix -shell -p erlangR18 postgresql -i bash
  • 49. Consistent CI Deps 1 ... 2 set -eu 3 4 ! test -d "${ DATABASE_PATH }" && 5 initdb "${ DATABASE_PATH }" 6 elm -make priv/elm/* 7 rebar3 clean compile dialyzer 8 pg_ctl -D "${ DATABASE_PATH }" 9 -l "${LOG_PATH}" -o 10 --port="${ DATABASE_PORT }" start 11 rebar3 ct 12 pg_ctl -D "${ DATABASE_PATH }" stop
  • 50. Consistent CI Deps • Pin channel versions ⇒ source + CI consistency • Update CI build deps with app code • No OOB ‘converge’-ing CI build hosts!
  • 51. Predictable Deploys • Diff dependency path tree • Test node configuration in VM • Test NixOS module logic • Security auditing
  • 52. Diff Dependencies 1 $ nix -store -qR /nix/store /*-myerlprj -* 2 /nix/store /8 jhy2j7v0mpwybw13nd4fjlsfqc9xnlh -write -mirror -lis 3 /nix/store /17 h0mw5sipbvg70hdsn8i5mai4619l8c -move -docs.sh 4 ... 5 /nix/store/ p6gn7inwvm61phqw3whhlbl20n8c5dgb -git -2.7.1. drv 6 /nix/store/ z2jvckzhy5322d9ir0xv2hbqp6yakayj -myerlprj -devenv.
  • 53. Machine Config 1 { config , pkgs , ... }: 2 let 3 inherit (pkgs) lib; 4 ntpF = (idx: "${idx}. amazon.pool.ntp.org") 5 domain = "example.com"; 6 in { 7 boot.cleanTmpDir = true; 8 boot.kernel.sysctl = { 9 "net.ipv4. tcp_keepalive_time " = 1500; 10 # other sysctl key -values here ... 11 }; 12 networking.hostName = " nixallthethings .${domain}"; 13 networking.firewall.enable = true; 14 services.ntp.servers = map ntpF (lib.range 0 3); 15 services.zookeeper.enable = true; 16 security.pki. certificateFiles = [./ internal_ca.crt]; 17 time.timeZone = "UTC"; 18 }
  • 54. Test Machine Config (VM) 1 $ env NIXOS_CONFIG=$PRJROOT/priv/nix/config.nix 2 nixos -rebuild build -vm 3 $ ./ result/bin/run -hostname -vm 4 ... 5 6 $ env NIXOS_CONFIG=$PRJROOT/priv/nix/config.nix 7 --target -host myerlprj -test -1. integ.bla 8 nixos -rebuild build -vm
  • 55. Module Integration Testing 1 $ grep -A8 elasticsearch.enable $PWD/priv/nix/config.nix 2 elasticsearch.enable = true; 3 elasticsearch.jre = 4 mychannel. elasticsearch_2_2_0 ; 5 elasticsearch.jre = 6 mychannel.oraclejre8u74; 7 elasticsearch.node.name = 8 "elasticsearch -0.${domain}"; 9 elasticsearch.dataDir = 10 [ "/data0" "/data1" "/data3" ];
  • 56. Module Integration Testing 1 $ grep -A8 "node␣health" $PWD/priv/nix/modules/elasticsearch 2 subtest "elasticsearch ␣node␣health", sub { 3 $es0 ->waitForUnit("elasticsearch .service"); 4 $es1 ->waitForUnit("elasticsearch .service"); 5 $es0 ->succeed("${ waitForTcpPort ␣"es0"␣9300␣60}"); 6 $es1 ->succeed("${ waitForTcpPort ␣"es1"␣9300␣60}"); 7 $es0 ->succeed("${curl␣"es0"␣9200␣"/"}"); 8 $es1 ->succeed("${curl␣"es1"␣9200␣"/"}"); 9 }
  • 57. Security Auditing 1 $ nix -store -qR /path/to/app/pkg | sort | uniq 2 /nix/store /002v...- libdc1394 -2.2.3 3 /nix/store /04bw...-expat -2.1.0 4 /nix/store /04df...- haskell -x509 -validation -ghc7 .8.4 -1.5.1 - sh 5 /nix/store /06p6...-packer - e3c2f01cb8d8f759c02bd3cfc9d27cc1a9 6 ... 7 /nix/store/zv9r ...-perl -libwww -perl -6.05 8 /nix/store/zvgj ...- pypy2 .5-stevedore -0.15 9 /nix/store/zw00 ...- libpciaccess -0.13.3 10 /nix/store/zz78 ...- libdvbpsi -0.2.2
  • 58. Security Auditing 1 $ nix -store -qR /run/current -system | grep openssl 2 /nix/store/ x1zwzk4hrvj5fz ...9hyn -openssl -1.0.1p 3 /nix/store/ m4kzbwji9jkw71 ...lx92 -openssl -1.0.1p
  • 59. Tradeoffs • Provisioning not solved Nixops expressiveness vs Terraform ‘coverage’ • Steep learning curve Docs great reference, but bad for n00bs! • Lots of upfront setup Internal Nix channels vs nixpkgs fork curation
  • 60. Benefits • Repeatable dev envs • Consistent CI • Predictable deploys • Real rollback
  • 62. What Next? • Nix AWS Provisioning • Idris to Nix Backend • NixBSD Anyone???? • Nix on BEAM???
  • 63. Where to Next? • Nix Manual: http://nixos.org/nix/manual • NixOS Manual: http://nixos.org/nixos/manual • Nix Cookbook: http://funops.co/nix-cookbook • Nix Pills (by Lethalman)
  • 64. Questions Figure: Heckle me @SusanPotter later too.