Tolga Talks Tech is a weekly video series in which Onica’s CTO Tolga Tarhan tackles technical topics related to AWS and cloud computing. This week Tolga talks about immutable infrastructure with Onica’s Lead DevOps Engineer, William Kray. For more videos in this series, click here.
What is immutable infrastructure?
Immutable infrastructure is infrastructure defined by code. Typically, what you’ll see is that any virtual machine images that you use are pre-baked as virtual machine templates or AMIs.
How do we build those images and get them intro production?
The best way to get those kinds of things into production is by using a CI/CD pipeline. When you use CI/CD pipelines, your code is the driving factor in deployment. So, when you push code to a git repository, that push will trigger events that will cause a job to run that actually deploys resources, and then deploys your code on top of those resources into your different environments.
So when we want to patch these instances, we don’t patch them we just build them again?
Yes, you can rebuild the AMIs then just redeploy. This also makes it easy to update a version and rollback if there’s a change to the environment that was not expected. All you have to do is redeploy an older version of the artefacts that you’re deploying, or you just push out new changes. It makes streamlining the whole process faster and simpler to manage.
What are some of the tools we use to build these pipelines?
A lot of the tools we use revolve around AWS’ infrastructure. We use CloudFormation to deploy resources such as EC2 instances, load balancers etc. We like to leverage CodeDeploy a lot for deploying code artefacts. That’s a really handy tool because it can basically run any script that you throw at it; it can be used to deploy applications, or it to make configuration changes to a firewall or proxy you have. Other tools that we can use are AWS’ CodePipeline and CodeBuild to build the artefacts and push those artefacts through the various steps required to deploy them. And then of course everyone’s pretty familiar with Jenkins, there’s also Microsoft’s version which is VSTS and TFS, and all of those tools basically are the glue in between all those deployment steps to make it really flexible to do whatever you need to do to push out your code.