The document discusses the concept of immutable infrastructure and its advantages for application deployment, contrasting traditional practices with modern approaches. It emphasizes the importance of treating server instances as disposable, ensuring consistency across environments, and utilizing cloud benefits for scalability and cost management. The speaker, Axel Fontaine, highlights the need for automation, configuration management, and maintaining simplicity in system architecture for efficient deployment processes.

1. Immutable Infrastructure
The New App Deployment
AXEL FONTAINE
@axelfontaine
axel@boxfuse.com

2. About Axel Fontaine
• Founder and CEO of Boxfuse
• Over 15 years industry experience
• Continuous Delivery expert
• Regular speaker at tech conferences
• JavaOne RockStar in 2014
@axelfontaine

3. flywaydb.org

4. boxfuse.com

5. Let’s start with a small story

6. http://commons.wikimedia.org/wiki/File:Gluehlampe_01_KMJ.jpg
Incandescent Bulb
60 W
LED Bulb
10 W

7. Heater that gives off
a little bit of light
Light that gives off
a little bit of heat

9. Edison Screw

10. Simple, stable,
standards-compliant
interface
with a clear contract
My
responsibility
The electricity company’s
responsibility

11. Simple, stable,
standards-compliant
interface
with a clear contract
Room
For
Innovation
Undifferentiated
Heavy Lifting

12. back to IT infrastructure …

13. POLL:
what type of infrastructure are you running on?
• On Premise
• Colocation
• Root Server
• Cloud

14. How did this evolve ?

15. sometime in the 20th century …

17. http://en.wikipedia.org/wiki/File:Tdkc60cassette.jpg

19. +=ON
PREM
+
Challenges
• Power, Network, Cooling
• Physical Security
• Physical Space
• Procurement, Vendor Management
• Capacity Planning
• Financing
• OS + Patches
• App + Updates

20. +=ON
PREM
+
Our
responsibility

21. + +
Our
responsibility
Their
responsibility
=COLO

22. +=COLO +
Simple, stable,
standards-compliant
interface:
(19” Rack, AC Power,
Ethernet, …)

23. Can change as
long as it
complies with
the interface
contract
+=COLO + Undifferentiated
Heavy Lifting
Our
responsibility

24. =ROOT
SERVER
+ Undifferentiated
Heavy Lifting
Our
responsibility
Can change as
long as it
complies with
the interface
contract

25. =ROOT
SERVER
+ Undifferentiated
Heavy Lifting
Simple, stable, standards-
compliant interface
Software <-> Hardware

26. Room
For
Innovation
+ Undifferentiated
Heavy Lifting
Could this be our industry’s Edison Screw?
Simple, stable, standards-
compliant interface

27. Let’s talk about software

28. POLL:
which level of automation are you at?
• Build
• Unit Tests
• Continuous Integration
• Acceptance Tests
• Continuous Deployment (Code)
• Continuous Deployment (Code + DB + Configuration)
• Infrastructure

29. Build Test

30. • One immutable unit
• Regenerated after every change
• Promoted from Environment to Environment
Classic Mistake: Build per Environment

31. OS Kernel
Libraries
Language
App Server
App

32. OS Kernel
Libraries
Language
App Server
App

33. why aren’t we doing the same
for the layers this is running on ???

34. what could possibly go wrong
in these other layers ???

35. missing software

36. wrong name

37. bad version

38. incorrect permissions

39. http://www.flickr.com/photos/travelinlibrarian/2409633653/sizes/l/
critical resource in use

40. what aren’t we holding our servers to the
same standards as our applications ???

42. OS Kernel
Libraries
Language
App Server
App
Build Test

43. OS Kernel
Libraries
Language
App Server
App
Build Test
App

44. OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
Multiple instances in multiple Environments

45. OS Kernel
Libraries
Language
App Server
App
Multiple instances in multiple Environments
• All instances should be as similar as possible
(any difference is a potential source of errors)
• That also includes your local Dev environment!
• Must be able to reliably provision new ones
(and recreate existing ones from scratch)

46. OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
Updates UpdatesUpdates
Sysadmin

47. If I had asked my
customers what they
wanted they would have
said a faster horse.
Henry Ford

48. OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
Updates UpdatesUpdates
Sysadmin

49. OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
Updates UpdatesUpdates
Automated
Sysadmin

50. fast forward to 2015 …

51. Every day, AWS adds
enough server capacity
to power the whole $5B
enterprise Amazon.com
was in 2003.
Weekends included.

52. "Advanced Test Reactor" by Argonne National Laboratory -
originally posted to Flickr as Advanced Test Reactor core,
Idaho National LaboratoryUploaded using F2ComButton.
Licensed under CC BY-SA 2.0 via Wikimedia Commons -
http://commons.wikimedia.org/wiki/File:Advanced_Test_Reac
tor.jpg#mediaviewer/File:Advanced_Test_Reactor.jpg
"RIAN archive 341194 Kursk Nuclear Power Plant" by RIA
Novosti archive, image #341194 / Sergey Pyatakov / CC-BY-SA
3.0. Licensed under CC BY-SA 3.0 via Wikimedia Commons -
http://commons.wikimedia.org/wiki/File:RIAN_archive_341194_
Kursk_Nuclear_Power_Plant.jpg#mediaviewer/File:RIAN_archi
ve_341194_Kursk_Nuclear_Power_Plant.jpg
Control Plane Data Plane

53. Control Plane Data Plane

54. • Shift to a world of abundance
(no more resource scarcity)
• Clean Control Plane/Data Plane split
with API-based provisioning
• Cost-based Architectures
with the ability to turn infrastructure off
Benefits of the cloud

55. it is time to rethink the faster horse

56. App
OS Kernel
Libraries
Language
App Server
Build Test

57. App
OS Kernel
Libraries
Language
App Server
Build Test
Undifferentiated
Heavy lifting

58. App
OS Kernel
Libraries
Language
App Server
Build Test

59. App
Machine
Image
OS Kernel
Libraries
Language
App Server
Build Test
Machine
Image

60. OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
OS Kernel
Libraries
Language
App Server
App
Updates

61. Machine
Image
Machine
Image
Machine
Image
Updates

62. but there is one big problem left …

63. Machine
Image
Network Cable

64. Machine
Image
Network Cable
Multiple
GB

65. Running servers in
production should be like
going backpacking. You
take the bare minimum
with you. Anything else
is going to hurt.
A Wise Man

66. what is really adding business value ???

67. Machine
Image
Network Cable

68. Editors
Daemons OS Kernel
Libraries
Utilities
Drivers
App
App Server
Package Mgr
Compilers
SSH
Firewall
Compatibility
Man Pages
Language
Log Files
Users
Shells
Network Cable

69. OS Kernel
Libraries
App
App Server
Language
Bootable
App

70. Multiple
GB
40 – 80
MB

71. Network Cable
Bootable
App

72. who is this for ???

73. OS Kernel
Libraries
Language
App Server
App
12-factor app

74. demo

75. What are the implications ???

76. Focus shift
Individual instances become disposable
Instance Service

77. Treat servers like cattle instead of pets

78. high uptime is a liability
The longer an instance is up,
the harder it becomes to recreate exactly
(and it will fail eventually!)

79. How to solve service discovery ?
Use a stable entry point with an internal registry
Bootable
App
Bootable
App
Bootable
App
? Elastic
Load
Balancer

80. What about security ?
When was the last time your toaster got hacked?

81. What about security ?
• Smallest possible attack surface
• Vastly reduced implications due to low
uptime and transient nature of instances
• Very difficult to exploit other systems
because essential tooling is missing

82. • Bake as much configuration as
possible for all environments
directly in the Bootable App
• Use environment detection
and auto-configuration
• Pass remaining configuration
at startup and expose it as
environment variables
what about configuration ???

83. what about the database ???

84. Bootable
App
what about the database ???

85. what about the database ???
• Keep all persistent state, including the
database, out of the instance
• Many good hosted solutions available
like Amazon RDS or Google Cloud SQL
• Use a database migration tool like
Flyway to update on application startup

86. Bootable
App
what about the logs ???
Ship logs to a central log server
where they can be
• aggregated
• stored and backuped
• indexed
• searched through a nice web UI
Many good hosted solutions
• Loggly
• Logentries
• Papertrail
• …

87. what about sessions ???
Bootable
App
Keep session in an encrypted and signed cookie
• avoids session timeouts
• avoids server clustering & session replication
• avoids sticky sessions & server affinity

88. what about rolling out new versions ???

89. Load
Balancer
App
v1
App
v1
Logs
Availability Zone 1
Availability Zone 2

90. Load
Balancer
App
v2
App
v1
App
v2
App
v1
Logs
Availability Zone 1
Availability Zone 2

91. Load
Balancer
App
v2
App
v2
Logs
Availability Zone 1
Availability Zone 2

92. what about containers ???

93. understanding modern CPUs
Both Intel and AMD have
hardware support for virtualization
• isolation
• performance

94. Bootable App
Hardware
Hypervisor
Bootable App
Hardware
OS+Container
Runtime
On PremOn Prem

95. Bootable App
Hardware
Hypervisor
Bootable App
Hardware
Hypervisor
OS+Container
Runtime
Bootable App
Hardware
OS+Container
Runtime
On PremOn Prem /
Cloud
Cloud
Only makes sense if
you cannot afford
$9.60/month
granularity

96. Bootable App
Hardware
Hypervisor
Bootable App
Hardware
Hypervisor
OS+Container
Runtime
Bootable App
Hardware
OS+Container
Runtime
On PremOn Prem /
Cloud
Cloud
Only makes sense if
you cannot afford
1.3 cents /hour
granularity

97. summary

98. • One immutable unit
• Regenerated after every change
• Promoted from Environment to Environment
Classic Mistake: Build per Environment

99. Bootable
App
• One immutable unit
• Regenerated after every change
• Promoted from Environment to Environment
Classic Mistake: Build per Environment

100. boxfuse.com

101. Thanks !
AXEL FONTAINE
@axelfontaine
boxfuse.com