Today: December 5, 2024 12:35 am
A collection of Software and Cloud patterns with a focus on the Enterprise

Blog


This article is part of a series on Immutable Infrastructure and discusses the scenario of production release. It may be valuable to review Immutable Infrastructure Basics before reading this article. What is production? At first glance one might expect a straight forward answer to that question like: Any system that directly serves authoritative resources to the intended end user. That might be broad and general enough to capture most situations, but what about A single user’s laptop that is setup to compiler a binary that controls a production machine. Is that laptop considered......

Continue Reading


This article is part of a series on Immutable Infrastructure and discusses the scenario of CI/CD pipelines to deliver high quality software quickly. It may be valuable to review Immutable Infrastructure Basics before reading this article. Continuous Integration and Continuous Delivery, CI/CD, is a practice in software development that aims to ensure high quality updates efficiently progress toward a release. The “Integration” part of CI/CD seeks to confirm that a software change will work with related systems. The divergence of systems that occurs without immutable infrastructure can reduce the effectiveness of CI/CD pipelines.......

Continue Reading


This article is part of a series on Immutable Infrastructure and discusses the scenario of Development Environments and Team Collaboration. It may be valuable to review Immutable Infrastructure Basics before reading this article. Development environments are intended to be flexible and in motion by design. At the same time, teams need to be able to work together and eventually deliver their work to other environments. As teams form and change over time, these objectives are often at odds with each other. The illustration below shows this dynamic at play over time. The above......

Continue Reading


One of the biggest shifts in technology that can be attributed to cloud is the move from away from hand crafting systems to defining systems and letting automation create them. This is often referred to as Infrastructure as Code, and is manifested along a spectrum. Toward the more “cloudy” end of the spectrum is the concept of immutable infrastructure, which means that once created, infrastructure exists in the same state until it is replaced by something new, but it is never changed. Some Examples A good example of immutability is a Java jar......

Continue Reading


Traditional approaches to creating and maintaining workloads in the enterprise often include contributions from many teams and individuals. They also include a combination of manual and scripted activities. I sometimes refer to this as an assembly line. The workloads that come off the assembly line, like cars, have odometers and require regular maintenance. Others refer to these workloads as pets. When moving workloads to the cloud, it’s helpful to visualize how this typically happens on premise and how it will change when going into cloud. The illustration above shows the traditional approach in......

Continue Reading


Istio Ingress vs. Kubernetes Ingress

For years I have appreciated the clean and simple way Kubernetes approached Ingress into container workloads. The idea of an IngressController that dynamically reconfigures itself based on the current state of Ingress resources seemed very clean and easy to understand. Istio, on the other hand, felt more confusing, so I set out to correlate what I refer to as “traditional kubernetes ingress” with Istio ingress. The following diagram will help visualize my comments below. Dynamic Ingress Control Load Balancer at the Edge Both approaches are very similar in how they treat traffic at......

Continue Reading


UPDATE: Beginning in June, 2020, GKE will charge for the control plane. This means the design below will jump from $5/month to nearly $80/month. I was recently inspired by a post claiming it was possible to run kubernetes on Google for $5 per month. One reason I have been shy to jump all in with kubernetes is the cost of running a cluster for development work and later for production. After going through the post above, I realized that I could actually afford double that amount and end up with a very usable......

Continue Reading


etcd, https://coreos.com/etcd/, is a distributed key/value store and contains all details about a kubernetes cluster, such as resources and their states. How etcd is installed I install kubernetes, and etcd along with it, using kubespray https://github.com/kubernetes-incubator/kubespray Interacting with etcd etcd runs as a container. The startup script used by systemctl is /usr/local/bin/etcd, which has the contents below #!/bin/bash /usr/bin/docker run \ --restart=on-failure:5 \ --env-file=/etc/etcd.env \ --net=host \ -v /etc/ssl/certs:/etc/ssl/certs:ro \ -v /etc/ssl/etcd/ssl:/etc/ssl/etcd/ssl:ro \ -v /var/lib/etcd:/var/lib/etcd:rw \ --memory=512M \ --blkio-weight=1000 \ --name=etcd1 \ quay.io/coreos/etcd:v3.2.18 \ /usr/local/bin/etcd \ "$@" Interacting with the running etcd process......

Continue Reading


I frequently hear people talk about unit tests when they actually mean something else. In some cases, I would think it was pedantic to argue about the specific meaning of a term like unittest, but in this case I think it often works against the Software Developer to use the term incorrectly. Below I provide a short list with descriptions to explain some useful testing concepts. Unit test It’s important to be clear on what “unit” means It means a function/method or class It does not mean database, SaaS, filesystem or any other......

Continue Reading


Self-service access control in kubernetes

One of the most significant benefits of containers is that they empower a software engineer to explore technologies and infrastructure decisions quickly. Containers make it possible for a developer to try on new technologies and platforms and consider infrastructure decisions without a long approval and requisition process. It also reduces cost significantly, since many containers can run on a developer laptop. Access control and management of Kubernetes introduces a potential roadblock to this agile aspect of container-centric development. As a result, I put a lot of thought into how to provide easy, fast,......

Continue Reading