emc world 2016 - code.02 introduction to immutable infrastructure
TRANSCRIPT
1© Copyright 2016 EMC Corporation. All rights reserved. 1© Copyright 2016 EMC Corporation. All rights reserved.
INTRODUCTION TO IMMUTABLE INFRASTRUCTUREJONAS ROSLAND, EMC {code}
4© Copyright 2016 EMC Corporation. All rights reserved.
• What are we trying to solve?• How is immutable infrastructure different?• Tools and processes• Demo• Questions
AGENDA
5© Copyright 2016 EMC Corporation. All rights reserved.
• Updating an application means:– Shutting it down– Taking a backup of the app and its settings– Upgrading using packages and scripts– Starting the app and verify functionality
• Costly and error-prone• Rolling back is hard and time-consuming
TRADITIONAL APPROACH FOR APPLICATIONS
6© Copyright 2016 EMC Corporation. All rights reserved.
• Updating an infrastructure part means:– Taking a backup of its settings– Shutting it down– Upgrading using packages and scripts– Starting the system and verify functionality
• Costly and error-prone• Rolling back is hard and time-consuming
TRADITIONAL APPROACH FOR INFRA
7© Copyright 2016 EMC Corporation. All rights reserved.
There must be a better way!
8© Copyright 2016 EMC Corporation. All rights reserved.
Let’s introduceImmutable Infrastructure
9© Copyright 2016 EMC Corporation. All rights reserved.
A strategy for managing services in which infrastructure is divided into
DATA and EVERYTHING ELSE
10© Copyright 2016 EMC Corporation. All rights reserved.
EVERYTHING ELSE is replacedat every deployment rather than being
updated in-place
11© Copyright 2016 EMC Corporation. All rights reserved.
• Use layers for your infrastructure and applications• Each layer needs to be versioned• Versioning enables verification/control and rollback• Smart tools enables automated code checks,
inventory management, deployments and rollbacks
SO HOW WOULD THIS WORK?
12© Copyright 2016 EMC Corporation. All rights reserved.
• Full control over every version that gets deployed• No more snowflake servers• No more “I wonder if this has the right Java version”
AVOID CONFIGURATION DRIFT
13© Copyright 2016 EMC Corporation. All rights reserved.
ScaleIO
CentOS
Python App
Ruby App Java App
14© Copyright 2016 EMC Corporation. All rights reserved.
ScaleIO 2.0
CentOS 6.5
Python App
v10.2
Ruby Appv2.3
Java Appv1.4
15© Copyright 2016 EMC Corporation. All rights reserved.
ScaleIO 2.0
CentOS 7
Python App
v10.2
Ruby Appv2.3
Java Appv1.4
16© Copyright 2016 EMC Corporation. All rights reserved.
ScaleIO 2.0
CentOS 7
Python App
v10.3
Ruby Appv2.4
Java Appv1.5
17© Copyright 2016 EMC Corporation. All rights reserved.
• Use standardized methods for packaging applications with their requirements– Containers– PaaS systems– Configuration management systems
• They are all being used in production environments world-wide, there’s no reason for you to not use them
LAYERS – APPLICATIONS
18© Copyright 2016 EMC Corporation. All rights reserved.
• You need something to run your app on• Handle the OS as a static binary• Got a new Windows/Linux update?
Update the template you’re using!• Create OS images for all your needs
– VM templates– Vagrant boxes– AWS AMIs– OpenStack images
LAYERS – OPERATING SYSTEM
19© Copyright 2016 EMC Corporation. All rights reserved.
• Tools like Puppet, Chef, Ansible etc are used to “bake” the OS images• Can be used to create immutable objects such as
container images with your applications• Not used to modify running systems
CONFIGURATION MGMT CAVEAT
20© Copyright 2016 EMC Corporation. All rights reserved.
• Firmware/software plus configuration• If you have to click somewhere to enable settings
that cannot be pushed onto it, the system isn’t ready• Most physical appliances are not built for this, yet• Use DHCP as much as possible for easy network
management
LAYERS – SOFTWARE-DEFINED INFRA
21© Copyright 2016 EMC Corporation. All rights reserved.
RackHD
22© Copyright 2016 EMC Corporation. All rights reserved.
• Always create new versions when you’re changing something• Otherwise you have nothing to roll back to• Only roll out versioned changes!• For real, don’t even think of adding that small little
change to a live system• Store all changes in a version control system!
VERSIONING
23© Copyright 2016 EMC Corporation. All rights reserved.
• Write the small change somewhere, creating a new version• Test it• If it passes, roll it out in the correct way depending
on the layer in question• If it fails, try again with another incremental small
change
VERSIONING, CONTINUED
24© Copyright 2016 EMC Corporation. All rights reserved.
• App A requires Java, doesn’t specify version• You bake a CentOS 6.5 OS with Java 1.7• Deploy the app, it fails• You create a new version, CentOS 7 with Java 1.8• Deploy the app, it works• Roll out CentOS 7 with Java 1.8
EXAMPLE OF VERSIONING AND TESTING
25© Copyright 2016 EMC Corporation. All rights reserved.
• App A is in a container• You bake a CentOS 7 OS with Docker• Deploy the containerized app, it works• You create a new version of the app• A new container is built• Deploy the container, it works
EXAMPLE OF CONTAINER BASED DEPLOYMENT
26© Copyright 2016 EMC Corporation. All rights reserved.
• Knowing what’s deployed at all times is critical when lowering deployment failure rates• No one likes to be stuck at work for an entire
weekend and then roll back on Sunday night because of unforeseen issues• Having version control lets you know exactly what’s
deployed
CONTROL
27© Copyright 2016 EMC Corporation. All rights reserved.
So what tools can youuse to accomplish this?
28© Copyright 2016 EMC Corporation. All rights reserved.
• Containers (Docker, Rkt, LXC)– Put an application and its requirements in a container, then
you can deploy it thousand fold with consistent result• PaaS systems (Cloud Foundry, Deis, Heroku)
– Takes your code and automatically adds the defined versions of requirements, then runs it for you
• Configuration management systems– Puppet, Chef, Ansible, Salt– Can be used to create container images (remember the
caveat)
TOOLS - APPLICATIONS
29© Copyright 2016 EMC Corporation. All rights reserved.
FROM python:2.7.11
RUN mkdir /app
WORKDIR /app
COPY * .
RUN pip install -r requirements.txt
EXPOSE 5000
CMD [ "python", "./simple.py" ]
EXAMPLE – PYTHON APP IN A CONTAINER
30© Copyright 2016 EMC Corporation. All rights reserved.
• “Baking” images is critical to make sure you don’t have configuration drift (Packer)• Configuration management systems
– There to make sure services and OS settings are correctly applied in the baked image
• Deployment (RackHD, Terraform, Vagrant)– Deploying an OS is now seen as standard fare, not
something just done once
TOOLS – OPERATING SYSTEM
31© Copyright 2016 EMC Corporation. All rights reserved.
EXAMPLE – BAKING WORKFLOW
ISO Packer
VMTemplate
AWSImage
OpenStack ImageConfig Puppet
Terraform
VMware
AWS
OpenStack
Version controlledVersion controlled
Version controlled
Version controlled
Version controlled
Version controlled Version controlledVersion controlled
Version controlled
Version controlled
Version controlled
32© Copyright 2016 EMC Corporation. All rights reserved.
33© Copyright 2016 EMC Corporation. All rights reserved.
34© Copyright 2016 EMC Corporation. All rights reserved.
resource "vsphere_virtual_machine" ”docker-host-12" { name = “docker-host-01“ domain = “corp.local“ datacenter = “DC-02" cluster = “Cluster-03" vcpu = 4 memory = 32768 disk { datastore = “XTREMIO-04" template = "templates/docker-1.10-centos-7.0-x86_64” iops = 10000 } gateway = “192.168.1.1" network_interface { label = “CORP-LAN" ip_address = “192.168.1.112" subnet_mask = “255.255.255.0" }}
EXAMPLE – DEPLOYMENT OF DOCKER 1.10
35© Copyright 2016 EMC Corporation. All rights reserved.
resource "vsphere_virtual_machine" ”docker-host-12" { name = “docker-host-01“ domain = “corp.local“ datacenter = “DC-02" cluster = “Cluster-03" vcpu = 4 memory = 32768 disk { datastore = “XTREMIO-04" template = "templates/docker-1.11-centos-7.0-x86_64” iops = 10000 } gateway = “192.168.1.1" network_interface { label = “CORP-LAN" ip_address = “192.168.1.112" subnet_mask = “255.255.255.0" }}
EXAMPLE – DEPLOYMENT OF DOCKER 1.11
36© Copyright 2016 EMC Corporation. All rights reserved.
• Deployment– RackHD, Puppet, Chef, Ansible– VMware Auto Deploy, Arista Zero Touch Provisioning
• Monitoring– Sensu, Prometheus, Zabbix, Nagios
• Logging– Logstash, Splunk, Fluentd
TOOLS – SOFTWARE-DEFINED INFRA
38© Copyright 2016 EMC Corporation. All rights reserved.
• Immutable infrastructure lets you version control your datacenter• Rollbacks are now really just new deployments• Enables you to create layers and use the best tools
for different purposes• Testable and reliable, no more snowflakes
SUMMARY
39© Copyright 2016 EMC Corporation. All rights reserved.
Before opening up for questions
40© Copyright 2016 EMC Corporation. All rights reserved.
• Hands-on lab with Docker, Mesos and REX-Ray• Free stickers at our booth• Join our community at community.emccode.com• See all our projects at emccode.com• And follow us on Twitter @EMCcode
CONTINUE THE DISCUSSION
41© Copyright 2016 EMC Corporation. All rights reserved.
Data Persistence in the New Container WorldWednesday 3PM
Joshua BernsteinVP of Technology for ETD
Tobi Knaup CEO & Co-Founder of Mesosphere
Guru Session
42© Copyright 2016 EMC Corporation. All rights reserved.
@EMCcode@jonasrosland
emccode.comcommunity.emccode.com
Come visit us at Booth #1044 or in the vLab
Questions?
44© Copyright 2016 EMC Corporation. All rights reserved. 44© Copyright 2016 EMC Corporation. All rights reserved.