Dynamic Systems for the Cloud Age — Kief Morris
This blog post introduces you to the concept of infrastructure as code, otherwise known as IaC.
Today, companies like Microsoft, Uber, Netflix, and even banks are using cloud infrastructure, but a few years ago big companies thought the cloud was only for startups and small organizations. Cloud and automation technologies remove barriers to modifying production systems, but this creates new challenges. It becomes more difficult every day to manually manage all the servers as your infrastructure grows and new services are released frequently. This is where the concept of infrastructure as code and its tools come in handy.
Infrastructure as code
The concept of infrastructure as code (IaC) is simple, you define your entire infrastructure as code. This approach is based on practices from software development. For example, if you want to deploy an EC2 instance on AWS, you traditionally use the AWS console or AWS-CLI, but using a popular IaC tool called Terraform, you write a configuration file, which consists of your EC2 configurations written from way similar to a function defined in programming. You can use automation to test changes to your code before applying them to your systems.
Should you create first and automate later? Nope!
Getting started with Infrastructure takes a lot of effort and has a steep curve. You should configure tools and services to automate infrastructure delivery, especially if you are adopting a new infrastructure platform. You may think you can quickly provision infrastructure manually and worry about automating it later. But that’s a bad idea because automation should allow faster delivery, even for new releases. Automation makes it easier and simpler to write automated tests, and you can quickly solve a problem and rebuild it. What’s worse is that manually configured systems are more difficult to automate.
Three basic practices for infrastructure as code
According to Kief Morris, the author of the book Infrastructure as Code, there are three important practices for implementing infrastructure as code:
Set everything as code
Defining all your data “as code” is a basic practice for making changes quickly and reliably. Here are some reasons why:
- Reusability — If you define something as code, you can create multiple instances of it. You can share with others, destroy existing infrastructure and redeploy with the same configuration.
- Consistency — No matter how long you run, things built from code are built the same. This makes system behavior predictable, makes testing more reliable, and enables continuous testing and delivery.
- Transparency — Anyone can view the code and see how the infrastructure is built, and they can learn how to use the code in their infrastructure.
Continuously test and deliver all work in progress.
Build small, simple parts that you can modify independently.
Benefits of infrastructure as code
- Quick delivery — Manual configuration of the infrastructure slows product delivery time. With Infrastructure as Code, your infrastructure is stable, consistent and easily modifiable. It’s a catalyst for the rapid delivery of value.
- Reduced risks and errors — Manual infrastructure configuration is error-prone and risky. But using IaC reduces the effort and risk of introducing changes to your infrastructure.
- Self-documentation — If you configure your infrastructure manually, it’s easy to forget about it and documenting it can be time consuming. With Infrastructure as code, it documents itself like any other code.
- Visibility — With IaC, everyone can know the current configuration of the infrastructure. Anyone authorized to access the code can see what the current configuration is.
- Collaborate easily — Because your infrastructure is written in code, it is easy to share and collaborate with other team members, especially when a new member joins the team. You can share your configuration with other teams to deploy the same infrastructure.
- Easy to scale — With Infrastructure as Code, you can easily scale your infrastructure by simply copying existing code or adding a few extra lines.
- Using IaC enables you or your team to have a reliable, secure, and cost-effective infrastructure and makes governance, security, and compliance controls visible.
- You can use a version control system, like git, to easily track changes to your infrastructure and roll back if you want.
Using the Infrastructure of Code tools has many advantages over setting up your infrastructure manually.
Infrastructure as code tools
- Terraform — Terraform is a popular infrastructure-as-code (IaC) tool used to provision infrastructure. Terraform lets you easily provision and manage multiple cloud providers. You can use Terraform to provision and manage Docker containers, Kubernetes clusters, and more.
- AWS CloudFormation — AWS CloudFormation is a service offered by Amazon Web Services to help you provision infrastructure on AWS. They offer tight integration with their other services.
- Ansible – Ansible can be used to provision infrastructure, but is best combined with Terraform. You can provision infrastructure and maintain infrastructure using Ansible.
- Azure Resource Manager
- Google Cloud Deployment Manager
- pile of salt
Choose the right tools
Depending on the tool, it can be imperative or declarative.
Imperative vs Declarative
- A declarative approach also maintains a list of the current state of your system objects, making it easier to manage infrastructure downtime. Some tools are Terraform, CloudFormation, SaltStack, and Puppet.
- An imperative approach instead defines the specific commands needed to achieve the desired configuration, and those commands must then be executed in the correct order. Some tools that use an imperative approach are Chef and Ansible.
Why is IaC important for DevOps?
Infrastructure as code is an important part of implementing DevOps practices and the continuous integration/continuous delivery (CI/CD) cycle. A developer can run a script to prepare their infrastructure. This way, application deployments aren’t delayed by waiting for infrastructure, and system administrators aren’t dealing with time-consuming manual processes.
To take advantage of cloud and infrastructure automation, you need a Cloud Age mindset. It means harnessing speed to improve quality and building quality to gain speed. Automating your infrastructure takes work, especially when you learn how to do it. But doing so helps you make changes including building the system in the first place.
Subscribe to my weekly newsletter and follow for more DevOps, SRE, Linux, Python, Golang, artificial intelligence and data science.