Why is immutable infrastructure a key architectural decision for cloud adoption?

Some of the questions I usually get asked while having cloud discussions are,

“ how do I make changes to the services or infrastructure deployed in the cloud ?”

“how do I apply patches for applications running on the cloud and keep all my environments updated? “

Making changes and upgrading the environments has been a challenge to many enterprises leveraging traditional infrastructure and legacy methods of managing infrastructure operations, thus creating inconsistencies between the environments in the overall enterprise infrastructure landscape. These environment inconsistencies lead to significant technology debt over time and get highlighted as exceptions in management reports. Some of these exceptions are not often addressed due to time constraints, cost, and focus on delivering business priorities; thus, the cost to remediate increases significantly.

In this blog, I would like to introduce the concept of immutable platforms and how to adopt this to manage changes in cloud environments. Immutable platform refers to the immutability beyond infrastructure to support middleware and application stack and build immutable platforms, including management of full-stack technologies.

Immutability refers to a state of a resource/service that cannot be changed once deployed. In this case, we recreate the instance every time with the new deployment and changes. In the immutable model, we redeploy the servers/applications/resources with the latest state and never perform an in-place upgrade for the instances. With this approach, there is always consistency across environments and reduces the overhead of managing technology debt and minimizing technology risk. Several organizations have adopted the immutable model through the usage of containers, where the container is patched as a new version, tested, and redeployed again. The immutable platform takes this approach to the traditional applications running on the cloud as VM’s, where we will redeploy the application along with the underlying infrastructure, subsequently decommission the first instance.

Immutability is not a feature provided by cloud providers, but the organisational change management process and operating model that needs to be established to create the immutable platform.

The following diagrams explain the difference between mutable model and immutable model. This scenario captures a full-stack instance we deploy, and the operating system requires patching.

In the mutable model (“Figure 1”), the operating system is patched in the same instance, impacting the availability, resiliency, testing, and ability to roll back.

Fig 1 — Mutable model

While adopting immutable model, a new instance of the full stack technology is created, tested and rolled out in to production while decommissioning the old instance.In this approach we always rollback the changes due to upgrade failures and this ensures that the system is available for end users during the upgrade process.

Fig 2 — Immutable model

Why is it relevant in the cloud world ?

Capacity and availability of infrastructure are always a challenge in the traditional on-prem, thus creating friction to drive new upgrades and changes without impacting business and end-users while co-existing with the current instances. In the cloud realm, the availability of on-demand environments and the ability to provision instantly enables a mechanism to make necessary changes to the infra, apply patches and modify configurations as separate deployments without impacting the business or end users driving some of the following benefits

1. Zero down time upgrades
2. Ability to rollback to previous versions incase of failures
3. Consistent and repeatable deployments
4. Simplified patch management and upgrades

The following considerations are required to establish an immutable cloud platform,

Config management — Defining and classifying the configurations that we can change as an in-place instance versus the changes that need to apply through immutable platform.

Change management process — Redefining the processes required to apply changes to the production systems.

GitOps — Automation through gitOps pipeline is crucial and a way to test and certify before applying the changes into production. Creating a platform engineering team to build the necessary automation and baseline required to drive immutable processes.

As part of this blog we understood the differences between mutable and immutable infrastructure and its benefits; thus, we need to include this as a critical architectural decision for adopting cloud.