Cloud Servers Are Not Precious Possessions To Be Tweaked And Coddled

Before virtualization and the cloud, a server was a precious thing. Servers were expensive physical objects that had to be purchased and carefully configured before being hooked up to a network in a data center. Over time, each server would evolve as admins SSH'd in and tweaked configuration files or installed new software.

If something went wrong with a server, it was a big deal because each server represented a significant investment of time and money. Often, a business depended on a server functioning in a particular way and being in a particular state. Replicating that state was a huge amount of work, and so each server was precious.

That's not the way of things in the cloud. Or at least it shouldn't be. Many businesses treat cloud servers as if they were precious possessions to be maintained at all costs. It's natural that the mindset developed when our applications depended on physical servers should be carried over to the virtualized world, but it's actually a cloud anti-pattern.

Cloud servers are ephemeral, they're repeatable, they can be automated, and each cloud server represents only a small investment. In short, each particular cloud server should be considered disposable.

This principle has been expressed in different ways, but I like the pets vs. cattle analogy. Cloud servers should be thought of as cattle, not as pets. If a cloud server goes awry, kill it and spin up another server in a known good state. That's easy in the cloud — you can configure servers with images before they're launched, and every server you launch is in the same state.

There's a security benefit to this approach too. Many security problems occur because servers aren't in a known state. A server administrator made a tweak two years ago to fix a perceived problem. The fix caused a security issue that only manifests itself later, when everyone has forgotten what the original change was. Cloud servers can be much more predictable. You know exactly what the state of every server is because they're started from a known good state and they aren't changed during their life.

If a server needs to be changed, change the template, bring the old server down, and start a new server with the new template. Configuration should — as much as possible — happen before the server is launched.

Regarding servers as ephemeral changes the way we approach application design, infrastructure architecture, updates, security, and many other aspects of application and service hosting. And the change is for the good. It allows developers and administrators to move quickly, increasing the value of infrastructure to the businesses.

But that can only happen if you move away from an understanding of servers as precious pets and start treating them like cattle.