Dynamic Systems for the Cloud Age — Kief Morris
This blog post introduces you to the concept of Infrastructure as Code, otherwise known as IaC.
Today, companies like Microsoft, Uber, Netflix, and even banks are using cloud infrastructure, but a few years back, major corporations thought the cloud was only for startups and small organizations. Cloud and automation technologies remove barriers to making changes to production systems, but this creates new challenges. It becomes harder day by day to manually manage all the servers as your infrastructure grows, and new services are released frequently. This is where the Infrastructure as Code concept and its tools comes in handy.
Infrastructure as Code
The infrastructure as Code (IaC) concept is simple, you define your entire infrastructure as code. This approach is based on practices from software development. For example, if you want to deploy an EC2 instance on AWS, traditionally you use AWS console or AWS-CLI, but using a popular IaC tool called Terraform you write a configuration file, which consists of your EC2 configurations written similar to a function defined in programming. You can use automation to test changes to your code before applying them to your systems.
Should you build first and automate later? No!
Getting started with Infrastructure takes a lot of effort and has a steep curve. You have to set up the tools, and services to automate infrastructure delivery, especially if you are adopting a new infrastructure platform. You may think that you can quickly provision the infrastructure manually, and worry about automating it later. But this is a bad idea because automation should enable faster delivery, even for new things. Automation makes it easier and simple to write automated tests, and you can quickly address a problem and rebuild it. The worst part is, that manually configured system are harder to automate.
Three Core Practices for Infrastructure as Code
According to Kief Morris, the author of the Book Infrastructure as Code, there are three important practices for implementing infrastructure as code:
Define Everything as Code
Defining all your stuff “as code” is a core practice for making changes rapidly and reliably. Here are a couple of reasons why:
- Reusability — If you define something as code, you can build multiple instances of the same. You can share with others, destroy the existing infrastructure, and re-deploy with the same configuration.
- Consistency — No matter how much time you run, things built from code are built the same way. This makes system behavior predictable, makes testing more reliable and enables continuous testing and delivery.
- Transparency — Everyone can look at the code and see how the infrastructure is built, and they can learn how to use the code in their infrastructure.
Continuously Test and Deliver All Work in Progress.
Build Small, Simple Pieces That You Can Change Independently.
Benefits of Infrastructure as Code
- Rapid Delivery — Manually configuring infrastructure slows down product delivery time. With Infrastructure as Code, your infrastructure is stable, consistent, and easily modifiable. It is an enabler for the rapid delivery of value.
- Reduced Risks and Errors — Manually configuring infrastructure is error-prone and risky. But using IaC reduces the effort and risk of introducing changes to your infrastructure.
- Self-documenting — If you are manually configuring your infrastructure, it is easy to forget, and documenting them can be time-consuming. With Infrastructure as code, it is self-documenting like any other code.
- Visibility — With IaC, everyone can know the current configuration of the infrastructure. Anyone with permission to access the code can see what the current configuration is.
- Easy to collaborate — Because your infrastructure is written as a code, it is easy to share and collaborate with other team members, especially when a new member joins the team. You can share your configuration with other teams for them to deploy the same infrastructure.
- Easy to Scale — With Infrastructure as Code, you can scale your infrastructure easily by just copying the existing code or adding a few extra lines.
- Using IaC enables you or your team to have a reliable, secure, and cost-effective infrastructure and makes governance, security, and compliance controls visible.
- You can use a Version Control System, like git, to easily track changes to your infrastructure and revert if you’d like to.
There are so many benefits of using Infrastructure of Code tools over manually configuring your infrastructure.
Infrastructure as Code Tools
- Terraform — Terraform is a popular infrastructure as code (IaC) tool that is used to provision infrastructure. Terraform allows you to provision and manage multiple cloud providers easily. You can use Terraform to provision and maintain Docker Containers, Kubernetes Clusters, and more.
- AWS CloudFormation — AWS CloudFormation is a service offered by Amazon Web Services to help you provision infrastructure on AWS. They provide tight integration with their other services.
- Ansible — Ansible can be used to provision infrastructure but is best to combine it with Terraform. You can provision infrastructure and maintain the infrastructure using Ansible.
- Azure Resource Manager
- Google Cloud Deployment Manager
Choosing The Right Tools
Depending on the tool, it can be either imperative or declarative.
Imperative vs Declarative
- A declarative approach also keeps a list of the current state of your system objects, which makes taking down the infrastructure simpler to manage. Some tools are Terraform, CloudFormation, SaltStack, and Puppet.
- An imperative approach instead defines the specific commands needed to achieve the desired configuration, and those commands then need to be executed in the correct order. Some tools that use an imperative approach are Chef and Ansible.
Why Does IaC matter for DevOps?
Infrastructure as code is an important part of implementing DevOps practices and the continuous integration/continuous delivery (CI/CD) cycle. A developer can run a script to have their infrastructure ready. So that application deployments aren’t held up waiting for the infrastructure, and sysadmins aren’t managing time-consuming manual processes.
To get the value of cloud and infrastructure automation, you need a Cloud Age mindset. This means exploiting speed to improve quality and building quality to gain speed. Automating your infrastructure takes work, especially when you’re learning how to do it. But doing it helps you to make changes, including building the system in the first place.
References and Resources: