Infrastructure as Code
Infrastructure as Code (IaC) is the management of infrastructure (networks, virtual machines, load balancers, and connection topology) in a descriptive model, using the same versioning and practices as in source code. Infrastructure as Code usually relies in a text file where the properties of the infrastructure that needs to be deployed and configured are described.
One of the core principles of Infrastructure as code is idempotency. This principle is referred to REST APIs when the effect of multiple requests always have the same outcome. For an Infrastructure as Code model, idempotency will always generate the same environment every time is applied.
Infrastructure as Code and infrastructure orchestration tools are designed to automate the deployment of servers and other infrastructure. Configuration as Code and configuration management tools help configure the software and systems on this infrastructure that has already been provisioned.
Effective version control allows teams to recover quickly from problems and to improve quality by making sure the right components are integrated together. Putting all assets as code and under version control means that all changes are tracked and can be recreated at the click of a button.
Avoid configuration/environment drift: ad hoc changes to a systems configuration that go unrecorded
Configuration Drift is the phenomenon where servers in an infrastructure become more and more different from one another as time goes on, due to manual ad-hoc changes and updates, and general entropy.
There are two main methods to combat configuration drift. One is to use automated configuration tools such as Puppet or Chef and run them frequently and repeatedly to keep machines in line. The other is to rebuild machine instances frequently, so that they don’t have much time to drift from the baseline.
Over time, each environment becomes a snowflake, that is, a unique configuration that cannot be reproduced automatically. Inconsistency among environments leads to issues during deployments. With snowflakes, administration and maintenance of infrastructure involves manual processes which were hard to track and contributed to errors.
Infrastructure as Code has become easier to implement with the usage of native cloud provider languages and tools
Cloud Providers are managed using an APIs. For Azure, Azure Resource Manager API lets you manage any object in Azure such as network cards, virtual machines or hosted databases.
The main benefits of the ARM API are that you can deploy several resources together in a single unit and that the deployments are idempotent, in that the user declares the type of resource, what name to use and which properties it should have; the ARM API will then either create a new object that matches those details or change an existing object which has the same name and type to have the same properties.
ARM Templates are a way to declare the objects you want, their types, names and properties in a JSON file which can be checked into source control and managed like any other code file. ARM Templates are what really gives us the ability to roll out Azure Infrastructure as code.
Code can be kept in source control to allow auditability
For highly regulated industries, auditing is very important. You need a way to easily review the infrastructure and how it’s going to be deployed. This declarative model is human readable. Using Infrastructure in combination with Git and CI/CD (Azure DevOps pipelines or GitHub Actions/Workflows), tech risk, security andinternal auditing can evolve. It can build trust to speed the approval process to get changes out the door faster.
Achieve the full discipline of Continuous Delivery and reproducible builds
One of the prevailing assumptions that fans of Continuous Integration have is that builds should be reproducible. By this we mean that at any point you should be able to take some older version of the system that you are working on and build it from source in exactly the same way as you did then.
Streamline and improve communication between product engineers, content teams, and customers
By having and sharing code in repos (publicly or privately) we can improve communication and save costs across teams within the organization by:
- Reporting a bug with the project;
- Proposing a new feature or change; or
- Discussing tactical and strategic issues with other stakeholders,
- About Pull Requests - The most effective way to use pull requests is to get code out in front of other developers on your team early and
- often, before you’ve invested too much development time into something new. If you’re going down the wrong path or if your work is in
- conflict with someone else’s it’s better for everyone to have that conversation early.
- Infrastructure as Code can be easily developed using native cloud provider languages and tools such as ARM Templates.
- Very frequently, native Infrastructure as Code languages and tools impose limitations that can be overcome with custom code or scripting that interacts with Cloud Provider REST APIs (e.g. Azure Active Directory, Azure DevOps).
- Be prepared to combine different types of Infrastructure as Code development languages.
- Define early your Infrastructure as Code development principles, strategy, modularization and lifecycle.
- Boundaries between Infrastructure as Code and Configuration as Code are hard to distinguish, so it is common to treat both developments as one.
- What is Infrastructure as Code? | Microsoft Docs
- Infrastructure As Code | Martin Fowler
- What Is Idempotence? | REST API Tutorial
- Idempotent REST APIs | RESTFul API
- Configuration Drift | Kief.com
- Reproducible Build | Martin Fowler
- Microsoft Docs Contributor Guide Overview | Microsoft Docs
- How to Use Github Professionally | Petabridge
- Azure Resource Manager templates overview | Microsoft Docs
- Azure Resource Manager (ARM) Templates | Redgate
- What KPMG Learned About Infrastructure as Code: Tools, People, and Process | The New Stack