Their target market was same as the OP: developers that need rapid like-for-like clones of production. The SAN could create a full VM server pool with a logical clone of hundreds of terabytes of data in seconds, spin it up, and blow it away.
The idea was that instead of the typical "DEV/TST/PRD" environments, you'd have potentially dozens of numbered test environments. It was cheap enough to deploy a full cluster of something as complex as SAP or a multi-tier Oracle application for a CI/CD integration test!
Meanwhile, in the Azure cloud: Practically nothing has a "copy" option. Deploying basic resources such as SQL Virtual Machines or App Service environments can take hours. Snapshotting a VM takes a full copy. Etc...
It's like the public cloud is in a weird way ahead of the curve, yet living with 1990s limitations.
Speaking of limitations: One reason cheap cloning is "hard" is because of IPv4 addressing. There are few enough addresses (even in the 10.0.0.0/8 private range) that subnets have to be manually preallocated to avoid conflicts, addresses have to be "managed" and carefully "doled out". This makes it completely impossible to deploy many copies of complex multi-tier applications.
The public cloud vendors had their opportunity to use a flat IPv6 address space for everything. It would have made hundreds points of complexity simply vanish. The programming analogy is like going from 16-bit addressing with the complexity of near & far pointers to a flat 64-bit virtual address space. It's not just about more memory! The programming paradigms are different. Same thing with networking. IPv6 simply eliminates entire categories of networking configuration and complexity.
PS: Azure's network team decided to unnecessarily use NAT for IPv6, making it exactly (100%!) as complex as IPv4...
Do you copy that into the ephemeral test environment as well? How are permissions managd for accessing that data? Does it have the same restrictions as in prod? (i.e. even in this env the developer / tester has no access to systems / data they would not have in prod).
To add to the list of etc, I can't query across two databases in azure SQL.
https://docs.microsoft.com/en-us/sql/relational-databases/li...
I hate to be that guy, but it's 2021 and we should start deploying stuff on ivp6 networks to avoid this kind of problems (beside other kind of problems)...
edit: ok I just saw the PS about ipv6 and Azure... sorry.
Why is there no simple export/import functionality?
It's about 20-30 lines of PowerShell to do this, and then you can just double-click the script and drink a coffee.
Alternatively, for data-only changes you can use Azure SQL Sync, but I've found that it's primitive and a bit useless for anything complicated...
People like the NAT. It's a feature, not a bug. If your selling point for IPv6 is "no more NAT" then no wonder it never went anywhere!
P.S. No, "you're doing it wrong" and "you're not allowed to like the NAT" are not valid responses to user needs.
Well, the bigger question might be why do they like NAT?
If it's about having a single /128 address so they can do ACLs then that's easily fixed by just lowering the CIDR number. (unless you have an ancient version of fortigate on prem, which likely doesn't work with ipv6 anyway).
If it's about not having things poking at your servers through the NAT then the "NAT" really isn't helping anything, it's the stateful firewall doing _all_ the work there and those things are entirely independent systems. -- They're just sold to consumers as a single package.
It's going to take a decade to refactor things to remove that layer. Once done, you'll be able to safely run a process against a list of resources.
For VMs, security is the one concern, the others would be more direct access to lower levels and greater access to the hardware and internals than just a driver model.
For containers I'd say that the abstraction/interface presented to an application was too narrow: clearly network and filesystem abstractions needed to be included as well (not just memory, OS APIs and hardware abstractions).
I imagine that an OS from the far future could perform the functions of a hypervisor and a container engine and would allow richer abilities to add code to what we consider kernel space, one could write a program in Unikernel style, as well as have normal programs look more container-like.
Projects similar to this exist today with https://nanos.org/.
You can run any typical web app (without having to re-write it) in a POSIX compliant Unikernel on most major cloud providers and bare metal. Each service runs in its own Unikernel.
I had its creator on my podcast the other day at: https://runninginproduction.com/podcast/79-nanovms-let-you-r...
People run containers with host networking and bind-mounting everything and nobody minds.
(The story for hosting providers is a bit different, but they're not the main driver for Docker adoption.)
Also- just about EVERYTHING is built on top of these current layers)
You can provide the same level of replication and separation of dependencies in an OS, but at a certain point you're just creating the same thing as a hypervisor and calling it an OS and the distinction becomes academic.
You delegate $5, nothing more than $5 can possibly leave your wallet as a result.
AppArmor is like putting a vault around the ice cream truck and giving a strict list of who is allowed to buy what ice cream. Hardly the same thing.
It's better to use a modern DevOps stack involving Kubernetes, Ansible, YAML, Jinja2, Python, cron jobs, regexes, shell scripts, JSON, Jenkinsfiles, Dockerfiles, etc.
Containers, yes. They are a pure namespacing trick, and can be replaces by cap-based security completely.
It allows you to divide up physical computing power across multiple people/organizations etc.
Containers make this kind of distinction far more hazy.
We still have that customer but we have learned a very valuable & expensive lesson.
Being able to test in production is one of the most wonderful things you can ever hope to achieve in the infra arena. No ambiguity about what will happen at 2am while everyone is asleep. Someone physically picked up a device and tested it for real and said "yep its working fine". This is much more confidence inspiring for us.
I used to go into technical calls with customers hoping to assuage their fears with how meticulous we would be with a test=>staging=>production release cycle. Now, I go in and literally just drop the "We prefer to test in production" bomb on them within the first 3 sentences of that conversation. You would probably not be surprised to learn that some of our more "experienced" customers enthusiastically agree with this preference right away.
You can test in production by having canaries, filters, etc, and allowing some production traffic to the version under test. This is the "wired" guy.
For many backend things, you can test in production by shadowing the current services, and copying the traffic into your services under test. It has limitations, but can produce zero disruption.
Both though assume the "hard" problem of infrastructure is the one-time setup cost, and that your architecture design should be centered around minimising that cost - even though it's mostly a one-time cost. I really feel like this is a false economy - we should optimise for long term cost, not short term. It may be very seductive that you can deploy your code within 10 minutes without knowing anything, but that doesn't make it the right long term decision. In particular when it goes all the way to architechting large parts of your app out of lambda functions and the like we are making a huge archtitectural sacrifice which is something that should absolutely not be done purely on the base of making some short term pain go away.
There are issues about resolving state at the edge, though Cloudflare has solved some of that with durable objects, and Fastly is working on something too. Think there are memory constraints as of now however. Security too is better in these platforms at the edge - true zero trust models.
All these things got much harder than they used to be, and you're living with that forever - to pay for a one-time saving on setting up some self-updating, auto-scaling infrastructure.
I don't say that you don't need edge computing. But it'll always be more complex to run compared to a centralized system (plus vendor lock-in) and performance isn't a valid reason.
Serverless is about starting with highly available, auto scaling, et cetera... assets and concentrating more on delivering business value.
I am constantly amazed that software engineering is as difficult as it is in ways like this. Half the time I just figure I'm an idiot because no one else is struggling with the same things but I probably just don't notice when they are.
2) A bunch of other goddamn morons managed to use this more-broken-than-not thing to make something useful, so this goddamn moron (i.e. me) surely can.
Both almost always true. After the second or third time you realize something made by the "geniuses" at FAANG (let alone "lesser" companies) is totally broken, was plainly half-assed at implementation and in fact is worse than what you might have done (yes, even considering management/time constraints), and has incorrect documentation, you start to catch on to these two truths. It's all shit, and most people are bad at it. Let that be a source of comfort.
[EDIT] actually, broader point: the degree to which "fucking around with shitty tools" is where one spends one's time in this job is probably understated. This bull-crap is why some people "nope" the hell out and specialize in a single language/stack, so at least they only have one well-defined set of terrible, broken crap to worry about. Then people on HN tell them they're not real developers because they aren't super-eager to learn [other horribly-broken pile of crap with marginal benefits over what they already know]. (nb. I'm in the generalist and willing-to-learn-new-garbage category, so this judgement isn't self-serving on my part)
However, I still want to note that there are many cases where smart people simply don't have enough time to handle all the stupidity in their products. Often times, it's just little issues like communication cost and politics. But, also often, one should care about the revenue of one's own company or clients', which slows down changes a lot. Even a simple feature can take weeks and months to roll out.
In short, even without stupid people, life sucks. :\
my first HAproxy setup wasn't great, my 10th is rock solid, just needed a bit of context-specific learning.
same with PG replication (locical and archive) but 3rd go was awesome.
its a flawed expectation to get it right the first time.
If your toilet overflows when you push the lever down and flushes when you pull the lever up, you'll learn pretty quickly how to use it. And other users will too, after they screw up or after you carefully explain so they're sure to understand. But it's just a shitty design! The fact that you've learned to deal with it doesn't excuse it or mean it shouldn't be fixed for all future users.
I want to get it right the first time; I don't expect to only because I've been hurt too many times by shoddy UIs. A good UI, whether a GUI, API, CLI, or other TLA, guides users through their workflow as effortlessly as possible by means of sensible defaults, law of least surprise, and progressive reveal of power features.
Relevant http://xkcd.com/1168
Thank you for making desktop apps.
well, most of the ones I use (my note taking app, my text editor, my music player, my file manager) don't so YMMV
For me the one I really want is "serverless" SQL databases. On every cloud platform at the moment, whatever cloud SQL thing they're offering is really obviously MySQL or Postgres on some VMs under the hood. The provisioning time is the same, the way it works is the same, the outage windows are the same.
But why is any of that still the case?
We've had the concept of shared hosting of SQL DBs for years, which is definitely more efficient resource wise, why have we failed to sufficiently hide the abstraction behind appropriate resource scheduling?
Basically, why isn't there just a Postgres-protocol socket I connect to as a user that will make tables on demand for me? No upfront sizing or provisioning, just bill me for what I'm using at some rate which covers your costs and colocate/shared host/whatever it onto the type of server hardware which can respond to that demand.
This feels like a problem Google in particular should be able to address somehow.
How isn’t RDS Aurora Serverless from AWS, available in both MySQL-and Postgres-compatible flavors, exactly what you are looking for?
Provisioning of the compute part of the database is still at the level of "ACU" which essentially map to the equivalent underlying EC2s. The scale up/down of serverless V1 is clunky and when we tested, there was visible pauses in handling transactions in progress when a scaling event occurred.
There is a "V2" of serverless in beta that is much closer to "seamless" scaling, I assume using things like Nitro and Firecracker under the covers to provision compute in a much more granular way.
I'll look into it next time I'm building something.
In my experience shared servers for MySQL (and I assume Postgres) never work because I always have to set at least some custom configurations very early into the development cycle.
But, if you're going to run with it, can you make it as fast as a "real" database on a cloud instance?
If you're intereseted, I wrote a thing attempting to cover some of the options ~6 months ago, but recognize that there has been a fair amount of change in the space since then (I really should update the post). [thing: https://www.nrmitchi.com/2020/10/state-of-continuous-product...]
1. Specify a TTL on inactive PRs
2. Pick less expensive plans for preview services.
Thanks!
We will absolutely expand beyond Oregon and Frankfurt later this year. Our infrastructure was built to be cloud agnostic: we run on AWS, GCP, and Equinix Metal.
Limits are a risk that must be mitigated but they aren't arbitrary, they exist to avoid interference of one customer on to others. They protect the service which, to providers and reasonably so, is more important than any one customer.
The cloud should be a tiny margin business, that it isn't shows just how untrustworthy it is. The win-win efficiency isn't there because there's so much rentier overhead.
Oh, and use Nix :).
It’s silly to complain that AWS doesn’t have a service that allows any random programmer to deploy a globally scalable app with one click. For one thing, you aren’t AWS’s primary target audience. For two, the class of problems that can be solved with such simple architectures is actually pretty small. But for three, it’s not actually even possible to do what you’re asking for any random code unless you are willing to spend a really fantastic amount of money. And even then once you get into the realm of a serious number of users or a serious scale of problem solving, then you’ll be back into bespoke-zone, making annoying tradeoffs and having to learn about infra details you never wanted to care about. Because, sorry, but abstraction is not free and it’s definitely not perfect.
I won't be surprised if AWS makes disproportionately more money off smaller operations which don't want to care about honing their infra, but want something be done quickly and with low effort. They quench the problem with money, while the absolute amounts are not very high. So targeting them even more, and eating a slice of Heroku's pie, looks pretty logical for AWS to do.
He's right that there's no reason that things shouldn't be fully Serverless, and have instant deployment [1]. These are key parts of the design of Dark that I think no one else has managed to solve in any meaningful way. (I'll concede that we haven't solved a lot of other problems had still need to be solved to be usable and delightful though).
[1] https://blog.darklang.com/how-dark-deploys-code-in-50ms/
I'm building a serverless document store with mini-databases using a programming language I designed for board games: http://www.adama-lang.org/
Because very often, software that runs on clusters, requires thought when resizing.
In fact, I'm trying to think of a distributed software product where resizing a cluster, doesn't require a human in the loop making calculated decisions.
Even with things like Spark where you can easily add a bunch of worker nodes to a cluster in the cloud, there's still core nodes maintaining a shared filesystem for when you need to spill to disk.
I tried OpenFAAS in Kubernetes, to see if I could run simple lambda like loads. Default setup took north of 8 Gb of memory!
I just want efficient and simple microservices infrastructure, that doesn't hog 8 Gb of memory to run a simple functions or small microservices.
Proper isolation that is battle tested, rock solid operating system that doesn't try to reinvent the wheel every 3 years and as an added bonus you get ZFS which makes development, upgrades and maintenance a breeze thanks to proper snapshotting.
We did this a simple side project, originally written in PHP, then python and now go and it has been rock solid and easily scalable for atleast a decade or more.
Heck, you can even run linux compatible binaries in linux compatible jails nowadays[0].
The core of it is a serverless system that shrinks workload quotas while running them (similar to the Google Autopilot system). This way you don't have to rewrite your entire codebase into lambdas and the end user can save a lot of costs by only specifying a resource cap (but probably using a lot less, therefore paying less).
Honestly I've spent the better part of a decade talking about these things and if only someone would solve it or I had the resources to do it myself. I'm sure it'll happen. It's just going to look different than we thought. GitHub worked because it was collaborative and I think the next cloud won't look like an AWS, it'll look more like a social graph that just happens to be about building and running software. This graph only exists inside your company right now. In the future it'll exist as a product.
>The beauty of this is that a lot of the configuration stuff goes away magically. The competitive advantage of most startups is to deliver business value through business logic, not capacity planning and capacity management!
Is this exactly what cloudflare's workers is doing? [0]
I love the fact that I only need to think of the business logic.
Development without the need for VMs and obscure configuration scripts feels — and is in fact very productive. I don't think I will want to use anything else for hosting my back ends.
Cloudflare recently announced database partners. Higher-level options for storage and especially streaming would be welcome improvements to me. Macrometa covers a lot of ground but sadly it seems like you need to be on their enterprise tier to use the interesting parts that don't overlap with KV/DO, such as streams. [0]
I played with recently launched support for ES modules and custom builds in Wrangler/Cloudflare Workers the other day together with ClojureScript and found the experience quite delightful. [1]
[0]: https://blog.cloudflare.com/partnership-announcement-db/
[1]: https://dev.to/pilt/clojurescript-on-cloudflare-workers-2d9g
My wife was the QA lead for a data center provisioner for a US government agency a few years back and the prime contractor refused to eat into their own capital and overprovision, instead waiting for a contract to be approved before they would purchase anything. They somehow made it basically work through what may as well have been magic, but damn the horror stories she could tell. This is where Amazon is eating everyone else's lunch by taking the risk and being right on every bet so far so if they build it, the customers will come.
But even so, after all of that to complain that deploying infrastructure changes takes more than a second, my god man! Do you have any idea how far we've come? Try setting up a basic homelab some time or go work in a legacy shop where every server is manually configured at enterprise scale, which is probably every company that wasn't founded in the past 20 years. Contrast that with the current tooling for automated machine image builds, automated replicated server deployment, automated network provisioning, infrastructure as code. Try doing any of this by hand to see how hard it really is.
Modern data centers and networking infrastructure may as well be a 9th wonder of the world. It is unbelievable to see how underappreciated they are sometimes. Also, hardware is not software. Software is governed solely by math. It doesn't exactly what it says it will do, every single time. Failures of software are entirely the fault of bad program logic. Hardware isn't like that at all. It is governed by physics and it is guaranteed to fail. Changes in temperature and air pressure can change results or cause a system to shut down completely. Hiding that from application developers is absolutely the goal, but you're never going to make a complex problem simple. It's always going to be complex.
Remember my wife? Let me tell you one of her better stories. I can't even name the responsible parties because of NDAs, but one day a while back an entire network segment just stopped working. Connectivity was lost for several applications considered "critical" the US defense industrial base, after they had done nothing but pre-provision reserved equipment for a program that hadn't even gone into ops yet and wasn't using the equipment. It turned there was some obscure bug in a particular model of switch that caused it to report a packet exchange as successful even though it wasn't so that failover never happened, even though alternative routes were up and available. Nobody on site could tell why this was happening because the cause ended up being locked away in chip level debug logs that only the vendor could access. The vendor claimed this could only happen one a million times, so they didn't consider it a bug. Guess how often one in a million times happens when you're routing a hundred million packets a second? Maybe your little startup isn't doing that, but the entire US military industrial complex or Amazon is absolutely doing that, and those are the problems they are concerned with addressing, not making the experience better for some one man shop paying a few bucks a month who think yaml dsls make software-defined infrastructure too complicated for his app that can plausibly run on a single laptop.
We’ve been making tremendous strides in making production software systems easy and accessible for developers (and not sysadmins) to understand and operate. We’re currently in the stage where the devops principle has been somewhat realized; devs love the ability to deploy when they want but absolutely hate that infrastructure provisioning takes so long compared to the tools they use for software development. This is a good thing! I want more devs to demand this; someone may actually solve it.
in my experience developers are terrible at doing operations. (for good reason mind you).
Devops only really became possible because a lot of operational problems have been outsourced to cloud providers, but they still persist. Or do developers also want to build the networks which provide fault tolerance, redundancy and scalability while also building software?
Running a large, multi tenant system for different workloads takes a mind boggling amount of work and skill, not to mention deep understanding of how networks and systems operate in detail and at scale.
This reminds of people on HN who claim BGP is outdated and should be replaced.
They have no idea how mind boggling large and complex the global internet routing is. I would even argue that BGP in the default free zone (aka, the public internet) is the largest distributed system in the world.
> VMs are just files and can be resized, but optimal resource allocation on multitenant systems is effectively solving the knapsack problem.
as someone who works in a datacenter/cloud enviroment. Having optimal resource distribution is simply impossible to get 100% correct. Their is always some waste or over/underallocation. The same goes for large scale networks aswell.
The fact that many people think that software infrastructure is getting worse is a very bad sign in itself (it cannot be ignored). There has always been religious wars over software development practices, but never to the extent we have today.
I mean, nothing's perfect, but AWS Serverless seems to be the closest thing I've ever seen to truly abstracting away everything but the actual code.
You can give a try to Qovery here: https://www.qovery.com
You still need to know the geographic location of your physical cluster for multiple reasons though: legal (Cloud Act is a thing!), performance (you need closeness to your end users) and sometimes redundancy when talking about multi clusters architecture.
Is there a word for an oxymoron but instead of contradictory words it's sentences?
We have this already -> https://www.pulumi.com/
The author is mixing here two things that don't depend on each other.
This is the key point.
AWS is alright once you wrap your head around it. But it seems it was "designed" / gobbled together without any form of empathy for their poor users whatsoever. The best you can say about it that it works as documented. But you'll be reading a lot that to figure out what and how or even why. Absolutely nothing is straightforward, ever. I've indeed had the pleasure of figuring out hosting a static website on AWS via https. Took me several attempts top get right.
Calling that process complicated does not do it justice. It's basically a series of hacks to integrate components that were clearly not intended to be used like this. Think doing s3 redirects just to ensure www goes to the main domain. And then another set of redirects at the CDN level to ensure http goes to https. Make sure you name your resources just right or you will have a hard time pointing to them from route 53. (DNS). And of course you want auto renewing certificates to go with that. All possible. But it's indeed a long process with many pitfalls, possible mistakes, gotchas, etc.
This lack of empathy is a common failing with engineers that typically lack the end to end perspective on what users/customers actually need (they don't care, or if they do lack key information) and are actually discouraged from thinking for themselves by managers that are not a whole lot better that report to boards populated by sociopaths who just want their minions to do whatever the hell it is they do. Exaggerating of course. But decision making in large companies is problematic at best. Sane results are almost accidental once you reach a certain size.
SAAS software in general has this problem. Usability stops being a concern once you've locked enough customers into paying you in perpetuity.
1. "Built for delight" Author wants everyone to suddenly start making nicer things.
2. "Truly serverless" Author wants to throw code at cloud, without thinking about performance or resource usage.
3. "Fast" Author wants every AWS command to take less than a second.
4. "Ephemeral resources" Author wants to test in the cloud with less effort.
5. "Code not configuration" Author doesn't like static config, everything should be an API.
6. "Built for productivity" Author wants everyone to be more productive.
All in all, reads a bit like the random musings of a frustrated cloud server user.
Not really what Erik is saying. Taking AWS S3 as an example, you absolutely need to think about performance and resource usage when dealing with S3, but you never have to think about the servers. You never think about some cluster that is making your S3 usage possible.
S3 is such a great success that there's very few (if any) examples of companies starting with S3 and then getting too big for it and needing to build their own system (thus wrangling servers and clusters etc). Dropbox migrated off of S3 to 'Magic Pocket' but I'm pretty sure this was for $$ reasons not because AWS simply couldn't handle Dropbox's massive read+write requirements. AWS S3 is a marvel of serverless computing, and we should try and get more like it.
The refusal to acknowledge that software will never be anything beyond executable data on some kind of computer, somewhere, is why most web-based software is so slow and shitty.
Having someone build the server and assign your code to run on it does not change that one (pun intended) bit.
By "serverless", usually it's meant that your code doesn't need to concern implementing a server on a socket. All you have to do is have your execution return the right value so that the server in the cloud can do the right thing. No need to setup and configure Express/Fastify. Because cloud providers manage the server aspect of serving a web app, your code just needs to focus on execution rather than delivery, or staying alive until the next request is received.
It's still a very misleading term, however. Every time I hear it, I cringe a little.
I once worked on a product that didn't, and had ~10s "cold start" latency for any request, because of the size and reliance on lambda. And of course this "cold start" was actually seen all the time, because it was a new niche product that people pnly accessed occasionally, and because it's actually a "cold start" for every concurrent request.
Jesus, the "they just reinvented PHP/CGI and gave it a cute name" folks were more right than I thought.
The refusal to acknowledge that software will never be anything beyond executable machine code on the computer is why most systems software is so slow and shitty.
The JVM is something that comes quite close actually, but it lacks a few environment features and configuration/specification options to fully cover the space that most people need, hence why everyone is using docker now. But if you think about it: most people don't really want to use docker. It's just the best option currently.
Many don't care what OS they run on, because they don't rely on any specific OS functionality. This is exactly what should be improved for running code that can operate on a higher abstraction.
...but with a locked-in contract with one taxi company. And less privacy.
Unsurprisingly, in the long term, it will cost you more.
We're still largely making and running software the same way we did 20 years ago. The only major differences are the principles that underpin the most modern best practices.
"What the fuck does that mean," you say? It means that I can take a shitty tool and a shitty piece of infrastructure, and make it objectively more reliable, faster, and easier, by using modern practices. Conversely, I can take the latest tools, infrastructure, etc, and make them run like absolute dogshit, by using the practices of a decade ago.
Let's take K8s for example. It's like somebody decided to take the worst trends in software development and design-by-committee and churned out something that is simultaneously complicated and hard to use [correctly]. Setting it up correctly, and using it correctly (no, Mr. I'm A Javascript Developer, however you think you're supposed to use it, you are wrong), for a medium-scale business, requires banging your head against a hodge-podge of poorly designed interfaces and bolting on add-on software for at least a month.
This is ridiculous, because what you actually needed was something whose principles match those of K8s. You want immutable infrastructure as code. You want scalable architecture. You want (in theory) loosely joined components. Do you need K8s to do that? No! K8s is literally the most complicated way that exists to do that.
Next let's take Terraform. A clunky DSL that is slowly becoming sentient. Core functionality that defeats itself (running terraform apply is unpredictable, due to the nature of the design of the program, even though it was created with the opposite intention). Kludgy interfaces that are a chore to cobble together. Dependency hell. Actual runtime in the 10s of minutes (for the infra of a single product/region/AWS account). And no meaningful idea if the state of the infrastructure matches its state file matches the code that generated it all. To say nothing of continuous integration.
Do you need all of that to do infrastructure as code? Of course not. A shell script and Make could do the same thing.
So, you have a kludgy Configuration Management tool (terraform), and a kludgy Cluster Management tool (k8s), and all just to run your fucking Node.js webserver, make sure it restarts, and make sure a load-balancer is updated when you rotate in new webservers. Did you need all of this, really? No. The end result is functionally equivalent to a couple of shell scripts on some random VMs.
To get the best out of "Software Infrastructure" you don't need to use anything fancy. You just need to use something right.
---
But there's a different problem with infra, and it's big. See, Cloud Infrastructure works like a server. Like a physical server, with a regular old OS. To manage it, first you "spin up" the physical server. Then you "configure" the server with some "configuration management" software. Then you "copy some files to it". Then you "run something on it". And while it's running, you change it, live. This is how all Cloud Infra is managed. This is known as Mutable Infrastructure. Modern best practices have shown that this is really bad, because it leads to lots of problems and accidental-yet-necessary complexity.
So what is the solution? The solution is for cloud vendors to supply interfaces to manage their gear immutably. And that is a really big fucking problem.
Say I have an S3 bucket. Let's say I have a bucket policy, lifecycle policy, ACLs, replication, object-level settings, versioning, etc. The whole 9 yards. Now let's say I make one change to the bucket (a policy change, say). Production breaks. Can I "back out" that change in one swift command, without even thinking about it, and know that it will work? No.
Assuming an AWS API call even has versioning functionality (most don't) I can use some API calls to query the previous version, apply the previous version as the current version, change some other things, and hope that fixes it. But there's no semblance of `rm S3-BUCKET ; cp -f S3-BUCKET-OLD S3-BUCKET`. You have to just manually fix it "live". Usually with some fucked up tool with a state file and a DSL that will randomly break on you.
There is literally no way to manage cloud infrastructure immutably. Cloud vendors will have to re-design literally all of their interfaces for a completely new paradigm. And that's just interfaces. If trying to do the S3 bucket copy fails for "mysterious reasons" (AWS API calls fail all the time, kids), then your immutable change didn't work, and you still have a broken system. So they actually have to change how they run their infrastructure, too, to use operations that are extremely unlikely to "misbehave".
Do you know how much shit that covers? It took them like 20 years to make what we have now. It may take another 10 to 20 years to change it all.
Therefore, for a very, very long time to come, we will be stuck with shitty tools, trying to shittily manage our infrastructure, the way we used to manage web servers in the 90s. Even though we know for a fact that there is a better way. But we literally don't have the time or resources to do that any time soon, because it's all too big.
In general these ideas of magical 'immutable' infrastructures seem to pan out much worse than just plain VMs with some orchestration solution inside. Anything that tries to capture the state of the world and reify it usually has to severly limit what you can actually do to avoid the halting problem, or just copy some things and hope for the best in terms of external dependencies being the same.
Immutable Infrastructure isn't magical at all, it's a paradigm shift which has real world effects. And you can do it with plain VMs and some software inside. But the VM has to be immutable, and the software inside should be as immutable as possible. Otherwise you are constantly fighting a battle to "fix" the state over and over again, and you can't clearly reason about the operation of the system.
Immutable Infrastructure doesn't solve the halting problem, it avoids the halting problem, because it depends on not having general algorithms and unlimited input. It instead uses specific operations with specific criteria in a predictable way, the way safety systems are designed.
What happens if your network is interrupted during apply or your STS credential expires? If you are lucky, you may be able to upload the errored.tfstate and plan/apply again. But if somebody else plan/applies before then, the state will be out of whack. Resources will already exist with names that you want to use, and you will have to manually edit the state file, or import the existing resources, or delete them.
What happens if someone changes the bucket without using Terraform? The bucket's changes are blown away on the next terraform apply. Or the apply will sometimes just fail, and you'll have to fix the state or resource by hand.
What happens if someone has applied a different change after your change? Reverting the commit may now impact something else somebody since removed/added, running into naming conflicts and needing custom code changes, and sometimes moving around of state (happens often when a commit changes whole modules).
Or say a code change changes the provider version. A revert may not work and you may need to remediate the infra and code yet again.
Or say someone applied Terraform with a newer version of Terraform. Now you need to upgrade your version of Terraform, and change whatever code you wanted to revert to the new Terraform version.
Or say the resource + action require delete before create, and your reverted commit tries to do create before delete. You'll need to modify your Terraform code after reverting it with a new lifecycle block, or apply will keep trying to do something impossible.
All of this is happening in production. How much downtime is ok while you fix all of those problems by hand?
Citation needed. Run _with a plan_, terraform apply is entirely predictable as to the operations it will carry out and the order in which it will carry them out.
First of all, what does terraform apply do? It runs API calls. Those API calls may or may not work, based on criteria outside of the control of Terraform. It may be supposed to work, but that doesn't mean it will. Use AWS enough and you will run into this weekly.
Second, Terraform has semantics to do things like "create before delete" or "delete before create". This behavior is controlled by the provider, per-resource. But Terraform has no earthly fucking clue which it's supposed to do, only the provider knows. And the provider does not check before terraform apply runs whether an operation will conflict with a resource, even if Terraform is managing that resource.
So you run terraform plan -out=terraform.plan, and the whole thing output seems fine! So you terraform apply terraform.plan, and Terraform happily performs an operation which is literally impossible, and then fails. Then you go find the code that has been working just fine for 2 years and change it to fix the lifecycle for this particular scenario, and then you can terraform apply correctly.
Thirdly, a lot of terraform plan runs show output with unknown values, because the values won't be known until after you run terraform apply. But those values can conflict with existing resources with the same values. Terraform makes no attempt to verify if conflicting resources exist before apply. Therefore, your terraform apply can fail unpredictably (to be correct: you could predict it if Terraform were designed to actually look for conflicting resources before applying).
There's about a hundred of these edge cases that I run into every day. I already perform all operations in a non-production environment, but as we all know, the environments naturally drift (because cloud infrastructure is mutable infrastructure) so there are times production breaks in a way that didn't in non-production.
I get that they're talking about productivity tools for developers. But missing the point that optimising these tools for developers will mean they're not optimised for the actual user. We're not the customer. The stuff we write should be fast when run in production. Having it be nice to develop on is a bonus.
Having generated configuration that the developer doesn't have to think about means that the system can't be tweaked for the particular use case to make it faster in production. Yes, it's easier. No, that's not better.
Our job is to handle the complexity. To take "simple" business requirements and deal with all the complexity that is needed to make those work. That's the gig.
Heck, who voted up this article...
This article is like the NTF frenzy, it's fine, but it's going to be baseless because it's looking too far in the future.
Make infrastructure changes faster? Why not.
Make it easier to create ephemeral resources? Why not.
Make scaling completely automatic? Would be nice. Though here I'd of course like to have some knobs to control the automatic scaling, else it could easily run out of reasonable budget.
My only disagreement is client library vs declarative configuration. I'd prefer the latter, but using some better language than YAML; maybe, say, Dhall.
And yes, it's now a common wisdom that the cloud is the new mainframe; e.g. [1]. Well, okay; if this is what is required to run services at scale without breaking the bank, so be it. If deploying to millions of ZX-81 Spectrums happened to give 3x reduction in opex, the industry would adapt to that, too.
In fact I think a lot of this optimism is in dire need of a couple of baseball-bat hits to the kneecaps.
> But things are rarely built to optimize for developer productivity.
Well, these a-holes abandoned Rails in favor of serverless-react-lambda-script. They made their bed, now they must lie in it.
