Infrastructure as Code

Cloud computing has now become a standard in managing complex environments and Infrastructure as Code allows developers to automate this management and launch cloud environments in a swift and accurate manner, at the same time minimizing the possible errors and significantly saving time and resources. In addition, Infrastructure as Code enables consistency in deploying multiple configurations, adds scalability and is less costly than manual infrastructure management. Thus, it is safe to say that Infrastructure as Code is becoming a big trend that companies start adopting.

Infrastructure management: the possible approaches

efore we talk about the Infrastructure as Code (IaC) approach in more detail, you should understand what the base-service-up model is. This model is divided into several layers: the infrastructure layer, which describes the computer itself or the cloud services that run our application, the base layer, which describes the operating system, the service layer – all services that are running on the operating system (for example, databases, web server, etc.), and the application layer that describes the application that we are developing. By understanding this model, we can further identify the individual roles for infrastructure management.

There are several ways to manage your infrastructure:

• Manual
• Scripts
• Infrastructure as Code (IaC)

If we use a manual control method, we may face the following issues: we don’t know who exactly makes the changes to a server, what changes were already made to a server, and in what state the infrastructure is at the moment. Also, the manual control method requires developers to maintain detailed documentation for the infrastructure which is also quite time-consuming. Management with scripts is also quite a routine process, and after some time the general script file that contains all the scripts becomes too large and difficult to read. The IaC approach is designed to solve all these problems.

What is Infrastructure as Code and what benefits does it bring?

In simple words, Infrastructure as Code is the management of an IT infrastructure through configuration files. This approach implies:

• Description of the desired infrastructure state in the form of code and storage of this code in the repository,
• Infrastructure in line with the description,
• Application of change review and testing practices,
• Control and predictability: consistency and sequence of actions, reuse, and repeatability,

We have already mentioned some of the IaC benefits above. Other advantages include:

• The use of a common solution instead of self-written scripts,
• Possibility of long-term infrastructure management through code,
• Versioning and change control,
• Self-documenting code,
• Automation of processes,
• Repeatability of the current configuration,

One of the biggest IaC benefits is the opportunity to store all the infrastructure code in a separate repository. In this way, the description of the entire project infrastructure exists in the form code written with YAML or JSON, versioning of the infrastructure configuration is available and there is also the possibility to implement infrastructure changes through PR (it’s enough to get one approval for merge). The documentation for the repository command and structure is stored in README.md file.

The IaC approach is provided by such products as Terraform (multiple providers), CloudFormation (AWS only), Heat (OpenStack only), Google Cloud Deployment Manager (GCP only), different systems of configuration management (Ansible, Chef, Puppet, SaltStack).

A hands-on example: CloudFormation service

Let’s have a look at the CloudFormation service as an example. Usually, developers do a lot of manual work, trying to automate some of the Amazon (or similar) services. But all the manual work that they do is quite challenging to reproduce. If they want to reproduce it in another region, they need to repeat the process and they have to do the same actions again and again. If one needs to repeat the process in another AWS account, that would be even more painful. 

CloudFormation is a service that helps to significantly save the developers’ time and efforts. CloudFormation is a declarative way of outlining your AWS Infrastructure for any kind of resources and it supports most of these resources.

CloudFormation provides a clear interface for infrastructure management. Developers can upload the configuration file, click on a button and receive a completely ready-made infrastructure with all the necessary settings in just a few minutes. CloudFormation also provides detailed documentation that describes each possible service in the configuration file. A developer can describe an infrastructure in either YAML or JSON file. This approach helps to read a configuration file as documentation about all services that run on AWS and in this way, developers always know about the current state of their infrastructure.

Summing up

The Infrastructure as Code method automates routine and cumbersome manual work and allows developers to monitor the current state of the infrastructure, reproduce the same infrastructure multiple times, and perform the reviews and testing of the infrastructure. IaC is an important part of the DevOps methodology and can be named the next logical step in a shift from manual IT management towards automation through cloud computing.