Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation.

For the best experience please use the latest Chrome, Safari or Firefox browser.

Is Architecture Dependent on Infrastructure

James Bottomley
jejb@linux.vnet.ibm.com
Twitter: @jejb_
About Me

 

Container evangelist

Open Source Advocate

  • Converting Business to Open Source

Kernel Developer

  • SCSI Subsystem Maintainer
  • PA-RISC architecture Maintainer
  • Containers
Open Source and Infrastructure

Linux Kernel open source pioneered infrastructure stacks

LAMP

Linux, Apache, mysql, php

Original vector for open source adoption

Linux Kernel Open Source is a code forward methodology

Meaning architecture, apparently, isn't necessary because proposing fetures requires showing the code

This is complete rubbish

Linus torvalds required something he called "taste"

Which is architectural thinking demonstrated in readable code

So in reality, architecture is ebedded in the design process

However, code forward open source ties architecture deeply to infrastructure

showing the code and encouraging proving by using can't be divorced from the infrastructure context

Architecture Problems: Security

Security is an easy target so let's take a few pot shots

Security people think deeply about subtle problems

They rarely think simply about user issues

How do I create a Java Web Token in Python using a Yubikey?

Using python jwcrypto library should be able to plug in and sign

Actually no; let's see why

Python cryptography can't address USB tokens

Because OpenSSL file API doesn't recognise token URIs

OpenSSL requires you to use a special pkcs11 engine

One solution was to replace all python crypto with a gnutls stack which can

Months of work

Aside about PKCS11 Token URIs

Another pot shot at security oriented architectural thinking

pkcs11:model=SoftHSM%20v2; manufacturer=SoftHSM%20project; serial=6927071f73076f39; token=testhsm;id=%a1%b2; object=MY%20KEY;type=private

There's no URI for "I've only got one token, just use it"

Other Architecture Problems: Containers

Precise transport of immutable infrastructure is the foundation of DevOps

This is a paradigm shift from hypervisors which always mutated as they executed

This paradigm shift is providing the impetus for Container adoption

Containers Provide Immutable Infrastructure

Wrong: System Containers (LXC) are fully mutable

The Docker image file provides Ephemeral Infrastructure

Ephemeral is Mutable but all state is lost on restart so all persistent objects must be in the original image

So is Ephemeral the same as Immutable?

FROM: debian:jessie
RUN wget -O /usr/local/bin/gosu  "https://github.com/tianon/gosu/
 releases/download/1.11/gosu-
 amd64";
 chmod +x /usr/local/bin/gosu

This pattern may be Ephemeral but it's not Immutable

It violates DevOps concepts like security scanning and exact reproduceability

What happens if the repository goes away or ships a bitcoin miner?

About 60% of all containers on the docker hub download something before they start.

The fundamental Linux Container primitives don't support immutability so this is unfixable.

So the entire DevOps concept is based on a premise the infrastructure can't enforce

Conclusions
Oops!
If the infrastructure doesn't enforce it coders will take advantage
And if the architects don't understand the infrastructure they'll assume things that are wrong (like Immutability)
Disaster lies in this mismatch of assumptions and capabilities.
So as an architect, you need to understand the capabilities of your infrastructure
So as an architect, you need to A final irony: Hypervisors actually can enforce Immutability, it's just no-one thought to try it
Presented using impress.js by Bartek Szopka


Web Developer!
Thank You!
Questions?


Rate This Session
https://conferences.oreilly.com/software-architecture/sa-ny/public/schedule/detail/76040