Bootable Apps for Immutable Infrastructure and Security

| by Manuel Pais Follow 9 Followers on Mar 15, 2016. Estimated reading time: 1 minute | NOTICE: The next QCon is in San Francisco Nov 5 - 9, 2018. Save an extra $100 with INFOQSF18!

Axel Fontaine, CEO of Boxfuse, spoke at QCon London 2016 about the "Bootable App" pattern, a bare bones machine image for deploying immutable infrastructure to the cloud. This minimal image covers all layers of the stack, including OS kernel, libraries and runtime environment but still has a small footprint (in the order of megabytes instead of gigabytes), reducing both image upload time and storage costs while also significantly reducing the attack surface on running instances.

Fontaine proposes to include in this minimal image only the strictly necessary components from the lower layers of the stack. The image would then contain the application itself, the application server, the corresponding language runtime and required libraries, and the OS kernel. The figure below shows the typical set of components included in a Bootable App (credit to Axel Fontaine) as opposed to a traditional fully featured image.

Because this minimalist image leaves out many standard OS tools that are common attack points (for instance SSH), the resulting instances bypass both known and future vulnerabilities (Fontaine recommends adopting centralized logging to ensure logs can be accessed long past any instance's demise).

Another immutability benefit for application security is short instances lifetime as they get replaced on every deployment, thus limiting the duration and extent of a successful attack on any particular instance. Fontaine warns about the implications: instances need to be disposable at any point in time (data stores should have their own security and reliability mechanisms) and sessions should be encrypted and signed in client cookies.

Fontaine also recommends minimizing unnecessary complexity, for cost and security efficiency. Examples include setting up complex service discovery tools when an elastic load balancer might be enough; introducing containers (and the associated image management, scheduling and orchestration, volume management and networking solutions) when the application can run and scale using the native services provided by the cloud platform. Organizations should focus on increasing the business value of their applications, simplifying their delivery process and considering the overall cost of running a service (including time to setup and manage complexity), not just the cloud hosting costs.

Rate this Article

Adoption Stage

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread


Login to InfoQ to interact with what matters most to you.

Recover your password...


Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.


More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.


Stay up-to-date

Set up your notifications and don't miss out on content that matters to you