👐🏽 👩🏽‍🚒 🏌️ Qu'est-ce qu'une infrastructure immuable 👩🏼‍🤝‍👩🏻 🎳 🤱🏿

Je m'appelle Nikita et je suis ingénieur système chez SEMrush. Et dans cet article, je vais vous dire ce qu'est l'infrastructure immuable, quels sont les avantages et les inconvénients de cette approche et comment nous l'utilisons dans l'entreprise.

Si vous n'avez jamais entendu une telle phrase, alors asseyez-vous, ce sera intéressant.

Ce que c'est

Immutable Infrastructure — . , . , , Kubernetes, .

, "" . , — . , "" . , .

, .

GCP, “”, . GCP API SaaS , Immutable . KVM-, , . (Openstack, AWS, Azure ..), . , , , POST-, .

Immutable

, Docker Kubernetes, , :

, . - , “ ” : - , security , . “” . . Immutable Infrastructure , --. : , . , .
Immutable infrastructure , () , CI/CD. .
Docker , . - configuration management unattended upgrades, . . , , , . , .
configuration drift

, 100 , , - . , . unattended upgrade, , - , - . Immutable , , , .
, . , . Immutable . , . failure point , , - production VM. , , , , .
Immutable "" , , . — .
, .
, CPU RAM, . , GCP: Load balancers, GCS , Autoscaler, Cloud SQL ..
, , — , . , immutable. "" . , .
, . , . Docker .
, . .
Dev . , ( provisioner) Prod .

, , . Immutable . , , , , , .. Immutable.

Immutable , , . ( , , ..). . .
, - , , : , , , . , ( , , , Immutable ). : storage. , (, ), storage ( downgrade ). . Stateless , . , , SLA, .
, Immutable — , security .., . , .

. Immutable , , , , , .. - ( ), . Immutable Immutable. , . .

Push Pull

, . :

Push

, , , . , — , , CI/CD , . — .

Pull

, ( ). , , CI. . — ( ).

- CI/CD .

Packer — Hashicorp, , . Packer , , , , .
Terraform — Hashicorp, , , . , , .
Ansible — , . , provision — .
Gitlab CI — Gitlab, .
GCP — , , , .

Immutable Images

VM . , Google, , - , (nginx, mysql, mongodb ..), . ( , -, ). , - . ( ) Ansible — , one-shot .

, . , , (, ), . .

Image Family

GCP , , , - Image Family.

Image Family — , "". — , , , .., image family, , . latest .

, Image Family , Image Name , ( ). latest , family .

Image Family :

image-v1 — . my-image-family

gcloud compute images create image-v1 \
    --source-disk disk-1 \
    --source-disk-zone us-central1-f \
    --family my-image-family

gcloud compute images describe-from-family my-image-family
family: my-image-family
id: '50116072863057736'
kind: compute#image
name: image-v1

image-v2, my-image-family .

gcloud compute images create image-v2 \
    --source-disk disk-2 \
    --source-disk-zone us-central1-f \
    --family my-image-family

gcloud compute images describe-from-family my-image-family
family: my-image-family
id: '50116072863057756'
kind: compute#image
name: image-v2

- , my-image-family image-v1:

gcloud compute images deprecate image-v2 \
    --state DEPRECATED \
    --replacement image-v1

gcloud compute images describe-from-family my-image-family
family: my-image-family
id: '50116072863057736'
kind: compute#image
name: image-v1

. , ? , , .. - , .

GCP :

READY —

DEPRECATED — deprecated. - -, gcloud terraform. .

OBSOLETE — .

DELETED — , .

REALLY_DELETED — , , DELETED, -.

, . .

. , . , image-family . , image-family.

image-rotator, ( ). :

, --image-family. ,
, Image Family, , Image Family
:
- READY DEPRECATED , OBSOLETE
- DEPRECATED , obsolete , OBSOLETE , DELETED
- OBSOLETE DEPRECATED
- DELETED. DELETED ,

, , , .

, , .

, Dev- Master- ( ), . , Prod- — stable, Merge Request.

. , , , :

Hashicorp Vault
Prod- Dev
CloudSQL (: Google (MySQL, PostgreSQL)) Prod- Dev-
Dev- ( , )

Terraform Dev-, , .1. , . “” Prod’ :)

. ( , ), , , , , . , /, , : , CI/CD . .

Immutable Infrastructure — , . , . , , . , . - , .

, , , , , . , , .

Qu'est-ce qu'une infrastructure immuable