Cloud Immutability on Metal in the Data Center

Cloud has enabled a create-destroy infrastructure process that is now seen as common, e.g.  launching and destroying virtual machines and containers. This process is referred to as immutable infrastructure and until now, has not been available to operators within a data center. RackN technology is now actively supporting customers in enabling immutability within a data center on physical infrastructure.

In this post, I will highlight the problems faced by operators in deploying services at scale and introduce the immutability solution available from RackN. In addition, I have added two videos providing background on this topic and a demonstration showing an image deployment of Linux and Windows on RackN using this methodology.

PROBLEM

Traditional data center operations provision and deploy services to a node before configuring the application. This post-deployment configuration introduces mutability into the infrastructure due to dependency issues such as operating system updates, library changes, and patches. Even worse, these changes make it incredibly difficult to rollback a change to a previous version should the update cause an issue.

Looking at patch management highlights key problems faced by operators. Applying patches across multiple nodes may lead to inconsistent services with various dependency changes impacted not just by the software but also the hardware. The ability to apply these patches require root access to the nodes which leaves a security vulnerability for an unauthorized login.

SOLUTION

Moving the configuration of a service before deployment solves the problems discussed previously by delivering a complete runnable image for execution. However, there is some initialization that is hardware dependent and should only be run once (Cloud-Init) allowing a variety of hardware to be used.

This new approach moves the patching stage earlier in the process allowing operators to ensure a consistent deployment image without the possibility of drift, security issues as no root access is required, as well as simplifying the ability to instantly and quickly move backwards to a previously running image.

IMMUTABILITY OVERVIEW

In this presentation, Rob Hirschfeld makes the case of immutable infrastructure on bare metal within your data center using RackN technology. Rob delivers the complete story highlighted in this blog post.

DEMONSTRATION 

In this demonstration, Rob Hirschfeld and Greg Althaus do a complete immutable image deployment of a Linux server and a Windows server using the RackN Portal in less than 20 minutes.

Get started with RackN today to learn more about how you can change your model to this immutability approach.

  • Join the Digital Rebar Community to learn the basics of the Digital Rebar Provision
  • Create an account on the RackN Portal to simplify DRP installation and management
  • Join the RackN Trial program to obtain access to advanced RackN features

Immutable Infrastructure Delivery on Metal : See RackN at Data Center World

 

 

The RackN team is heading to San Antonio, TX next week for Data Center World, March 12 – 15. Our co-founder/CEO Rob Hirschfeld is giving a talk on immutable infrastructure for bare metal in the data center (see session information below).

We are interested in meeting and talking with fellow technologists. Contact us this week so we can setup times to meet at the event. If you are able to attend Rob’s session be sure to let him know you saw it here on the RackN blog.

RackN Session

March 12 at 2:10pm
Room 206AM
Session IT7
Tracks: Cloud Services, Direct Access

Operate your Data Center like a Public Cloud with Immutable Infrastructure

The pressure on IT departments to deliver services to internal customers is considerably higher today as public cloud vendors are able to operate on a massive scale, forcing CIOs to challenge their own staff to raise the bar in data center operation. Of course, enterprise IT departments don’t have the large staff of an AWS or Azure; however, the fundamental process running those public clouds is now available for consumption in the enterprise. This process is called “immutable infrastructure” and allows servers to be deployed 100% ready to run without any need for remote configuration of access. It’s called immutable because the servers are deployed from images produced by CI/CD process and destroyed after use instead of being reconfigured. It’s a container and cloud pattern that has finally made it to physical. In this talk, we’ll cover the specific process and its advantages over traditional server configuration.

Open Source, Operators, and DevOps Come Together for Data Center Automation

Running data centers is a complex challenge as the typical environment consists of multiple hardware platforms, operating systems, and processes to manage. Operators face daily “fire drills” to keep the machines running while simultaneously trying to expand service offerings and learn new technologies. The adoption of virtualization and cloud has not simplified anything for IT teams and has only made their job more complicated.

Our founders have years of experience working on deploying and operating large, complex data center environments and clouds. They are also well versed in the open source community space and see the merger of community with operations leading to a better way forward for data center management.

We are building an operators community sharing best practices and code to reuse across work sites to fully automate data centers. Working together operators can solve operational challenges for not just their infrastructure, but also find common patterns to leverage across a broad set of architectures.

Community is a powerful force in the software industry and there is no reason why those concepts cannot be leveraged by operators and DevOps teams to completely change the ROI of running a data center. RackN is founded on this belief that working together we can transform data center management via automation and physical ops.

Join us today to help build the future of data center automation and provisioning technology.

RackN talks Cloud Native Landscape on Rishidot.TV

Rob Hirschfeld speaks on Rishidot.TV  as part of the Cloud Native Landscape video interview series. Questions asked:

  • Background on RackN
  • Cloud Native Ecosystem Fit – embracing DevOps and Site Reliability Engineering
    • Running “Cloud” in their existing data centers
  •  Differentiation – Build on open source Digital Rebar replacing Cobbler, Maas, and other provisioning tools
    • API driven, Infrastructure as Code feel
  • Use Cases –  Immutable Infrastructure & API driven design
    • Image-based Deployments direct to Metal
    • CI/CD infrastructure, zero-touch automation

 

Great Fun Accessing your Infrastructure: How Secure are You?

How secure is your infrastructure? Not just your internal data centers, but what about your networks connecting to public clouds or hosting providers? How about your corporate data which could be anywhere in the world as you certainly have Shadow IT somewhere?

RackN believes that IT security begins with a secure foundation for provisioning not only within your data center but into your cloud environments as well. Having a single tool architected with security as a key feature allows SecOps to spend more time worrying about protecting attacks at the application and data storage layer instead of allowing attacks at the metal.  

Issue – Secure the Enterprise

  • Many enterprises fail to patch both software and hardware on a regular basis due to their inability to reliably and safely manage the process without impacting service delivery.
  • With applications and data running globally, IT has lost the ability to know with certainty where their services are operating from and how secure they are; this is true even beyond public clouds.

Impact – Business is Digital

  • All business is now digital and a majority of companies don’t have the technical staff to ensure a high level of security and simply trusting cloud providers is not enough.
  • Companies must ensure that networks are protected and that applications and hardware are updated with the latest patches; is your company doing this?

RackN Solution – Secure Foundation

  • Delivering provisioning via an automated layered approach provides IT teams a secure and repeatable process to ensure application availability regardless of location; e.g. Data Center, Hosting Provider, Public Cloud, and eventually Edge infrastructure.
  • Like any construction project security starts with a solid foundation; RackN is that foundation to build your IT infrastructure on.

The RackN team is ready to start you on the path to operations excellence:

Podcast: Paul Teich on Enterprise Security, Hardware Issues at Edge, Augmented Reality and 5G

In this week’s podcast, we speak with Paul Teich, Principal Analyst, Tirias Research. Paul offered his insight into several key industry trends as well as the recent Spectre and Meltdown discoveries.

  • Spectre and Meltdown – Will this drive additional security focus?
  • Augmented Reality and AI is the holy grail of Edge and Cloud
  • Capabilities of 5G and its impact over next 10 years
  • Why is Hyper Converged Infrastructure popular?

Topic                                                                     Time (Minutes.Seconds)

Introduction                                                          0.0 –  3.06 (Texas and Texas A&M)
Spectre and Meltdown Lead to Security?      3.06 – 6.30
Industry-Wide Refresh                                       6.30 – 10.38 (At least 12 months to new silicon)
Enterprise Thoughts on Patching/Updates   10.38 – 15.03 (Profit over Security)
Major Services and Rolling Blackouts             15.03 – 16.06 (Service Patching Underway – Intel)
Security Vulnerabilities Always Exist              16.06 – 17.50
Edge ~ Highly Distributed Management        17.50 – 22.23 (Definition)
Hardware Component to Edge                        22.23 – 25.03 (Opening for ARM?)
Edge is Heterogeneous                                    25.03 – 27.48
Portability b/w Cloud and Edge Required    27.48 – 31.47 (End of Mgmt from H/W Vendors)
GPUs on the Edge                                              31.47 –  36.29 (Tesla and Nvidia Announcement)
Infrastructure Deployment in an Instant        36.29 – 40.00
Multi-Tenancy at Edge                                       40.00 – 42.50 (Jevon’s Paradox Appears Again)
Augmented Reality & AI                                    42.50 – 45.13
5G Rollout                                                            45.13 – 47.17
Hyper Converged Infrastructure – Why?       47.17 – 52.30
Wrap-Up                                                               52.30 – END

Podcast Guest
Paul Teich, Principal Analyst, Tirias Research

Paul Teich is a Principal Analyst with a technical background and over 30 years of industry experience in computing, storage, and networking. Paul’s strength is in assessing the technical feasibility and market opportunity for new technologies and developing profitable strategies to commercialize those technologies.

Paul’s prior experience includes being a key member of AMD’s Opteron server processor team in the early 2000s, which redefined 64-bit computing; product manager of a web service at the height of the first internet bubble; designer of low-cost consumer PCs before multi-PC households were common; and product manager of RISC processors used as graphics accelerators in the early 1990s, which is now back in vogue on a larger scale with deep learning.

Over the past few years Paul has spoken and moderated panels at many industry events, including IoT Dev-Con, Open Server Summit, Dell World, TiEcon Silicon Valley, NIWeek, ARM TechCon, and SXSW Interactive. Paul is quoted by an equally diverse set of industry press, including: IDG, SiliconANGLE, ComputerWorld, InfoWorld, eWeek, and Processor.com.

Paul also serves as an adviser to the EEMBC Cloud and Big Data Server Benchmarking working group (“ScaleMark”) and has been a co-organizer of the Open Server Summit’s scale-out server track. In addition, he has recently been an expert consultant in an intellectual property court case and has supported a client in front of a US government committee.

Paul holds a BS in Computer Science from Texas A&M and an MS in Technology Commercialization from the University of Texas’ McCombs School of Business. His technical accomplishments include 12 US patents and senior membership in both the ACM and the IEEE.

Migration Best Practices from Cobbler to Digital Rebar Provision

In this video, Rob Hirschfeld and Greg Althaus provide operators real-world examples of how best to migrate your provisioning platform to Digital Rebar Provision. This blog highlights one of these migration ideas.

Scenario

  • 10 Servers running in multiple subnets
  • DHCP Server
  • Cobbler Provisioning Tool

Migration Process

  • Setup Digital Rebar Provision (DRP) in the Network
    • Create a new subnet with DHCP server installed
    • Operate the DHCP in reservation mode
  • Run DRP to discover the entire network across subnets without DHCP access
    • Create a mapping of infrastructure including MAC address to IP address
  • Migrate DRP control server by server
    • Turn off old DHCP server control for a specific MAC address and turn it on for new DHCP server
    • Reboot the specific MAC address node and DRP will manage the provisioning for that specific server
    • Confirm reset server and continue to manage the changeover server by server
  • Other Options
    • Continue to manage Cobbler for existing infrastructure and use DRP for all new nodes
    • Split provisioning services based on application being deployed

Watch the full video below to hear other scenarios presented for migration options.

Video Participants:

Rob Hirschfeld, Co-Founder/ CEO, RackN   Twitter: @zehicle
Greg Althaus, Co-Founder / CTO, RackN      Twitter: @galthaus

Get started with Digital Rebar today: