Clever Geek Handbook

What is Immutable Infrastructure

My name is Nikita and I am a systems engineer at SEMrush. And in this article I will tell you what Immutable Infrastructure is, what advantages and disadvantages this approach has, and how we use it in the company.





If you have never heard such a phrase, then sit back, it will be interesting.



What it is



Immutable Infrastructure β€” . , . , , Kubernetes, .



, "" . , β€” . , "" . , .



, .



GCP, β€œβ€, . GCP API SaaS , Immutable . KVM-, , . (Openstack, AWS, Azure ..), . , , , POST-, .



Immutable



, Docker Kubernetes, , :





  1. , . - , β€œ ” : - , security , . β€œβ€ . . Immutable Infrastructure , --. : , . , .


  2. Immutable infrastructure , () , CI/CD. .


  3. Docker , . - configuration management unattended upgrades, . . , , , . , .
  4. configuration drift

    , 100 , , - . , . unattended upgrade, , - , - . Immutable , , , .


  5. , . , . Immutable . , . failure point , , - production VM. , , , , .


  6. Immutable "" , , . β€” .


  7. , .


  8. , CPU RAM, . , GCP: Load balancers, GCS , Autoscaler, Cloud SQL ..


  9. , , β€” , . , immutable. "" . , .


  10. , . , . Docker .


  11. , . .


  12. Dev . , ( provisioner) Prod .




, , . Immutable . , , , , , .. Immutable.





  1. Immutable , , . ( , , ..). . .


  2. , - , , : , , , . , ( , , , Immutable ). : storage. , (, ), storage ( downgrade ). . Stateless , . , , SLA, .


  3. , Immutable β€” , security .., . , .


. Immutable , , , , , .. - ( ), . Immutable Immutable. , . .



Push Pull



, . :



Push



, , , . , β€” , , CI/CD , . β€” .



Pull



, ( ). , , CI. . β€” ( ).



- CI/CD .





:



  1. Packer β€” Hashicorp, , . Packer , , , , .
  2. Terraform β€” Hashicorp, , , . , , .
  3. Ansible β€” , . , provision β€” .
  4. Gitlab CI β€” Gitlab, .
  5. GCP β€” , , , .


Immutable Images



VM . , Google, , - , (nginx, mysql, mongodb ..), . ( , -, ). , - . ( ) Ansible β€” , one-shot .



, . , , (, ), . .



Image Family



GCP , , , - Image Family.



Image Family β€” , "". β€” , , , .., image family, , . latest .



, Image Family , Image Name , ( ). latest , family .



Image Family :

image-v1 β€” . my-image-family 



gcloud compute images create image-v1 \
    --source-disk disk-1 \
    --source-disk-zone us-central1-f \
    --family my-image-family

gcloud compute images describe-from-family my-image-family
family: my-image-family
id: '50116072863057736'
kind: compute#image
name: image-v1


image-v2, my-image-family .



gcloud compute images create image-v2 \
    --source-disk disk-2 \
    --source-disk-zone us-central1-f \
    --family my-image-family

gcloud compute images describe-from-family my-image-family
family: my-image-family
id: '50116072863057756'
kind: compute#image
name: image-v2


- , my-image-family image-v1:



gcloud compute images deprecate image-v2 \
    --state DEPRECATED \
    --replacement image-v1

gcloud compute images describe-from-family my-image-family
family: my-image-family
id: '50116072863057736'
kind: compute#image
name: image-v1




. , ? , , .. - , .



GCP :

READY β€”

DEPRECATED β€” deprecated. - -, gcloud terraform. .

OBSOLETE β€” .

DELETED β€” , .

REALLY_DELETED β€” , , DELETED, -.



, . .





. , . , image-family . , image-family.



image-rotator, ( ). :



  1. , --image-family. ,
  2. , Image Family, , Image Family
  3. :

    • READY DEPRECATED , OBSOLETE
    • DEPRECATED , obsolete , OBSOLETE , DELETED
    • OBSOLETE DEPRECATED
    • DELETED. DELETED ,




, , , .



, , .



, Dev- Master- ( ), . , Prod- β€” stable, Merge Request.



. , , , :



  • Hashicorp Vault
  • Prod- Dev
  • CloudSQL (: Google (MySQL, PostgreSQL)) Prod- Dev-
  • Dev- ( , )


Terraform Dev-, , .1. , . β€œβ€ Prod’ :)





. ( , ), , , , , . , /, , : , CI/CD . .



Immutable Infrastructure β€” , . , . , , . , . - , .



, , , , , . , , .



More articles:


All Articles