We need immutable systems
Khem Raj October 28, 2024 #metaMany of us know systems which are not touched because they should always work
.
Software is getting into critical infrastructures at an accelerated pace, train
systems, aviation, energy systems, power distribution systems, satellites, everything is
using software and a lot of it. If we follow the same philosophy to not touch them because they should always work
, they quickly become insecure and in a
connected world more vulnerable.
If we mull over the question - why do we not touch such high stake systems ? We can see few reasons
-
Deployment states are not reflective of inputs that are source control managed this could happen if the system has runtime configurations dependent upon system state.
-
We are not confident of rolling back to a known prior state.
-
The system images are not reproducible
One can say we got containers, but if we examine a little more, we realize that they are built upon current non-deterministic systems as baseline that itself limits this approach.
So we need to re-think how we build these systems afresh.
-
Hash the inputs
-
Build on non-networked systems
-
All configuration changes happen during build instead of deployment
-
Given same inputs, the output is reproducible irrespective of time, build machines, and infrastructure
These systems tend to be flexible adding to learning curve and every deployment looks unique which can offer challenges of its own, therefore it should be made re-usable and shared templates can help.
Do we have such build infrastructures ?
Yocto Project, Nix and NixOS are looking promising !!