Boxfuse ‘Bootable App’ Packages Immutable Infrastructure for Portability, Security
While much of the tech world looks to containers to solve an array of software development and deployment problems, Munich-based Boxfuse has focused on finding a better way to use virtual machines to deploy JVM, Node.js and Go applications on Amazon Web Services.
“We felt virtual machines got a bit of unjustified bad rap. They actually offer a lot of advantages these days. On AWS, VMs give you a very granular type of building block, where you can start with a t2.nano, for example, for just a fraction of a cent per hour, they’re billed by the second, they’re relatively fast to start — they just reduce the number of moving parts in your environment compared with containers, said Axel Fontaine, Boxfuse founder and CEO.
The company grew out of his previous work in continuous delivery — frustration with the amount of complexity on the operations side. The result is an architecture based on an immutable infrastructure that’s portable, reliable and predictable, the company claims.
The German company also created the database migration tool Flyway.
Despite efforts to keep the environment identical as software moves through the continuous delivery process to production, an array of changes — patches, upgrades, configurations — can crop up.
Boxfuse creates what it calls a bootable app — the whole machine packaged as a single immutable unit that’s regenerated by the continuous integration server after every change. The whole machine image can then be promoted unchanged from environment to environment. The same bootable app can be deployed on VirtualBox and AWS EC2.
Boxfuse first analyzes the application to generate a minimal VM image including a Linux-based OS on the fly. The image includes a bootloader, a kernel, a JVM or Node.js runtime and your application. The second part is an orchestration and provisioning component.
It uploads the image to AWS, converts it to an AMI and automatically provisions all the resources the application needs. It also offers an image repository called Boxfuse Vault.
Boxfuse runs natively on Windows, Mac and Linux and comes with special optimizations for popular tools and frameworks such as Spring Boot, Dropwizard, Grails, Play, Executable Jars, Tomcat, TomEE and Node.js.
In addition to the command-line client, it offers Maven and Gradle plug-ins.
The bootable app in its demo is just over 48MB. The smaller image equates to a smaller attack surface, boosting security at the same time, he said.
“We’re able to have something very compact that offers the same ability as a container to really freeze the environment and move it around, but without needing the runtime and complexity of a container. We can deploy it straight onto the virtual hardware,” Fontaine said.
It integrates with Amazon RDS to provision relational databases automatically.
“We can provision load balancers … zero-downtime upgrades with load balancers, we can provision https and domain names and logging — all kinds of resources all with this one command, so this is actually quite powerful,” Fontaine said, explaining that the command boxfuse run is all users need.
“Just your standard container solution is not enough. You need to have some kind of registry, somewhere for pushing your containers, you need an orchestrator that has the right plug-ins or integration with your base platform. [Boxfuse is] integrated end-to-end so you don’t need to worry about all these parts if you don’t want to.”
Fontaine pointed to three primary competitors:
- AWS Beanstalk. This service provides a standard AMI and you can create custom images, but Fontaine maintains that there’s no guarantee that two instances you run within a cluster will be 100 percent identical.
- The Docker/ECS/Kubernetes ecosystem. While it enjoys great mindshare, he says, depending on company size, may bring more complexity than some customers need.
- Heroku. Fontaine rates Heroku tops in the “getting-things-done aspect. You do deploy within their walled garden at a relatively high price point. The convenience, which I would say is the best on the market, comes at a very high price,” he said.
For 2018, the company will be adding integration with Docker for customers who like the tooling around Docker, but don’t necessarily want the complexity of running containers. They’ll be able to test applications locally and deploy them to AWS without needing any agents or Kubernetes or anything else, he said.
Feature image via Pixabay.