惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Security Affairs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Jina AI
Jina AI
P
Palo Alto Networks Blog
GbyAI
GbyAI
大猫的无限游戏
大猫的无限游戏
A
Arctic Wolf
Hugging Face - Blog
Hugging Face - Blog
小众软件
小众软件
Y
Y Combinator Blog
T
The Blog of Author Tim Ferriss
Blog — PlanetScale
Blog — PlanetScale
S
Schneier on Security
V
Vulnerabilities – Threatpost
C
Cybersecurity and Infrastructure Security Agency CISA
雷峰网
雷峰网
T
Tenable Blog
人人都是产品经理
人人都是产品经理
T
Tor Project blog
C
Cyber Attacks, Cyber Crime and Cyber Security
AWS News Blog
AWS News Blog
Microsoft Security Blog
Microsoft Security Blog
J
Java Code Geeks
Scott Helme
Scott Helme
SecWiki News
SecWiki News
C
CERT Recently Published Vulnerability Notes
Recorded Future
Recorded Future
I
InfoQ
Security Archives - TechRepublic
Security Archives - TechRepublic
Help Net Security
Help Net Security
Cloudbric
Cloudbric
C
Check Point Blog
Engineering at Meta
Engineering at Meta
TaoSecurity Blog
TaoSecurity Blog
B
Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
博客园_首页
N
News and Events Feed by Topic
云风的 BLOG
云风的 BLOG
MyScale Blog
MyScale Blog
腾讯CDC
量子位
Application and Cybersecurity Blog
Application and Cybersecurity Blog
K
Kaspersky official blog
Vercel News
Vercel News
F
Full Disclosure
T
Troy Hunt's Blog
Forbes - Security
Forbes - Security
S
Security @ Cisco Blogs

ParaVocê Dev Blog

How do you provision a Linux VM? How do you deploy in 10 seconds?
You're overcomplicating production
hidden (para · 2024-10-18 · via ParaVocê Dev Blog

You're going to have outages in production. They're inevitable. The question is how to best minimize outages, both their frequency and duration.

Common wisdom advocates for using managed k8s and databases, containerized services, horizontal scaling for redundancy, building images in CI/CD, and defining your infrastructure as code. This is Best Practice™, and no one was ever fired for doing that. In fact it's quite good for your resumé.

I will argue that such common wisdom is wrong. These tools are complex, and complex infrastructure is a wildly net-negative distraction to your business and inherently risky.

Over the past 10 years I've run services in production with millions of customers, exceeding 4-9's uptime. During that time I experimented with a wide variety of architectures, starting with self-managed servers on a fleet of OpenBSD VMs, then writing a custom orchestrator deploying services with OCI containers, and finally adopting GKE-managed k8s.

Over time I increased the complexity of the system, looking to how the industry solved real problems I was facing, such as:

  • If my server goes down, how can I have redundancy?
  • If my VMs get deleted, how can I recover quickly?
  • If I need to hire more people, how can I get them up-to-speed?

But like Goldilocks looking for soup, nothing was quite right.

Deploys take 15 minutes on Github workers. When something goes wrong, it kicks off a murder-mystery figuring out the problem, needing root cause analysis and post-mortems. It takes an entire team to manage the system, requiring complex network diagrams and human processes to keep everything up-to-date.

When I started up a new project for the first time in 10 years, I realized just how simple it all could have been. Even with millions of customers and 40 employees, we could have easily run on a single VM using Go and SQLite. We could have 10x'd with that same strategy.

There's a whole industry pushing complexity. That's why GCP/AWS/Microsoft/Hashicorp and every VC company under the sun sponsor so many events -- they need to convince you that you need what they sell. They market it like any other product. Once it takes hold in the industry as Best Practice™, it self-perpetuates, with developers advocating for the latest hype without fully understanding the trade-offs, until it's years later and you're stuck managing MongoDB.

Fuck that. I'm swimming against the current. Build the simplest systems possible.

Simple systems are faster to iterate, easier to debug, and just as secure and reliable if not more so.

As I write future blog posts, I'll be covering this in more detail:

  • Picking a VM provider
  • Managing a Linux server
  • Scripts to make deploys easy
  • How to minimize outages
  • How to secure everything

Subscribe on RSS to follow along.

#devops #sysadmin