Building An Immutable Cloud Infrastructure On Alibaba Cloud

Introduction

Immutable Application Platform

Immutable File System

/etc/demo/demo.conf[main]
env = dev
port = 8000
/var/demo/demo.py:#!/usr/bin/env python import SimpleHTTPServer
import SocketServer
import ConfigParser
config = ConfigParser.RawConfigParser()
config.read('/etc/demo/demo.conf')
env = config.get('main', 'env')
port = config.getint('main', 'port')
Handler = SimpleHTTPServer.SimpleHTTPRequestHandler httpd = SocketServer.TCPServer(("", port), Handler) print("serving %s at port %d" % (env, port))
httpd.serve_forever()
$ yum install -y ostree
$ mkdir -p /etc/demo && cd /etc/demo
$ ostree --repo=.demo init
$ ostree --repo=.demo commit --branch=dev ./
8d7cefc677593c16ecd9eada965fb1ac53d6ae96a6af9fef49a22d164a06e6e2
$ ostree --repo=.demo refs
dev
$ ostree --repo=.demo ls dev
d00755 0 0 0 /
-00644 0 0 29 /demo.conf
d00755 0 0 0 /.rdemo
$ ostree --repo=.demo cat dev /demo.conf
[main]
env = dev
port = 8000
chmod +x /var/demo/demo.py
/var/demo/demo.py
serving dev at port 8000
$ cat /etc/demo/demo.conf
[main]
env = uat
port = 80
$ ostree --repo=.demo commit --branch=uat ./
3aca353878a754a887a0308ff5ca6f8ad86057a2175e3f0b194ff51c5e471116
/var/demo/demo.py
serving uat at port 80
$ ostree --repo=.demo cat dev /demo.conf
[main]
env = dev
port = 8000
$ ostree --repo=.demo cat uat /demo.conf
[main]
env = uat
port = 80

Immutable Package Management

$ rpm-ostree status
$ rpm-ostree upgrade
$ systemctl reboot
$ openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
$ rpm-ostree install openssl
Checking out tree 67d659b... done
Inactive requests:
openssl (already provided by openssl-1:1.0.2k-12.el7.x86_64)
Enabled rpm-md repositories: base updates extras
Updating metadata for 'base': [=============] 100%
rpm-md repo 'base'; generated: 2018-11-25 16:00:34
Updating metadata for 'updates': [=============] 100%
rpm-md repo 'updates'; generated: 2019-01-24 13:56:44
Updating metadata for 'extras': [=============] 100%
rpm-md repo 'extras'; generated: 2018-12-10 16:00:03
Importing metadata [=============] 100%
Resolving dependencies... done
Checking out packages (2/2) [=============] 100%
Running pre scripts... 0 done
Running post scripts... 1 done
Writing rpmdb... done
Writing OSTree commit... done
Copying /etc changes: 22 modified, 8 removed, 41 added
Transaction complete; bootconfig swap: no; deployment count change: 0
Freed: 39.0 MB (pkgcache branches: 2)
Run "systemctl reboot" to start a reboot
$ openssl version
OpenSSL 1.0.2k-fips 26 Jan 2017
$ rpm-ostree rollback
Moving '67d659bc257b7d47f638f9d7d2146401b85eec7c7eef0122196d72c70553ae66.0' to be first deployment
Transaction complete; bootconfig swap: no; deployment count change: 0
Removed:
openssl-1.0.2k-12.el7.x86_64
Run "systemctl reboot" to start a reboot
$ systemctl reboot $ openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

Immutable Provisioner

$ atomic install registry.access.redhat.com/rhel7/rsyslog
Pulling registry.access.redhat.com/rhel7/rsyslog:latest ...

Creating directory at /host//etc/pki/rsyslog
Installing file at /host//etc/rsyslog.conf
Installing file at /host//etc/sysconfig/rsyslog
Installing file at /host//etc/logrotate.d/syslog
$ atomic run registry.access.redhat.com/rhel7/rsyslog
docker run -d --privileged --name rsyslog --net=host --pid=host -v
/etc/pki/rsyslog:/etc/pki/rsyslog ...

Summary

Original Source

--

--

--

Follow me to keep abreast with the latest technology news, industry insights, and developer trends. Alibaba Cloud website:https://www.alibabacloud.com

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

What I Wish I Knew Before Entering a Coding Bootcamp

Adobe Xd — Creating your first project

DevFest 2017- What to Expect

A [de]Bugging Story

Enumerations

Download MacOS High Sierra dmg File — (Direct Link)

Facilitating Enterprise-Level Internet Architecture with Alibaba Cloud Middleware

Kazan Alfan Ihsan

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alibaba Cloud

Alibaba Cloud

Follow me to keep abreast with the latest technology news, industry insights, and developer trends. Alibaba Cloud website:https://www.alibabacloud.com

More from Medium

EP.6 | Connect to Kubeflow 1.5 Pipelines by cookies

Regulatory and Security Risks When Deploying Fintech in a Public Cloud

[Study Notes] Kubernetes

GKE Ingress redirect http to https