“The enabling idea of infrastructure as code is that the systems and devices which are used to run software can be treated as if they, themselves, are software.”
Kief Morris, Author, Cloud Specialist
Look into above infrastructure and think about the pain of managing IT infra.
Historically, managing IT infrastructure was a manual process. People would physically put servers in place and configure them. Only after the machines were configured to the correct setting required by the OS and applications would those people deploy the application. Unsurprisingly, this manual process would often result in several problems.
•The first big problem is cost. You’d have to hire many professionals to perform the necessary tasks at each step of the process, from network engineers to hardware maintenance technicians.
•The next big problems are scalability and availability. But in the end, it all comes down to speed. Since manual configuration is so slow, applications would often struggle with spikes in access, while the system administrators would be desperately trying to set up servers to manage the load. This necessarily impacts availability. If the organization didn’t have backup servers or even data centers, then the application could be unavailable for long periods.
•A third major problem is monitoring and performance visibility. Now that you have all of the infrastructure in place, how do you keep an eye on it to ensure it’s performing optimally? When you have an issue, how do you pinpoint exactly where in the infrastructure the issue is coming from? Is it the network, the server, or the application?
•Last but not least on our list of problems comes inconsistency. If you have several people manually deploying configurations, discrepancies aren’t going to be unavoidable.
What is Infrastructure As Code?
Infrastructure as code is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.
Or in simple words — Infrastructure as code (IaC) means to manage your IT infrastructure using configuration files.
The key takeaway from the definition is this: Before IaC, IT personnel would have to manually change configurations to manage their infrastructure. Maybe they would use scripts to automate some tasks, but that was the extent of it. With IaC, your infrastructure’s configuration takes the form of a code file. Since it’s just text, it’s easy for you to edit, copy, and distribute it. You can — and should — put it under source control, like any other source code file.
Benefits of IaC
•Automation/Efficiency — By employing infrastructure as code, you can deploy your infrastructure architectures in many stages. That makes the whole software development lif cycle more efficient, raising the team’s productivity to new levels.
•Speed — The significant benefit IaC provides is speed. Infrastructure as code enables you to quickly set up your complete infrastructure by running a script. You can do that for every environment, from development to production, passing through staging, QA, and more. IaC can make the entire software development lifecycle more efficient.
•Repeatable/Consistency — Manual processes result in mistakes, period. Humans are fallible. As you’ve read, manual infrastructure management will result in discrepancies, no matter how hard you try. IaC solves that problem by having the config files themselves be the single source of truth. That way, you guarantee the same configurations will be deployed over and over, without discrepancies.
•Accountability — This one is quick and easy. Since you can version IaC configuration files like any source code file, you have full traceability of the changes each configuration suffered. No more guessing games about who did what and when.
•Cost — One of the main benefits of IaC is, without a doubt, lowering the costs of infrastructure management. By employing cloud computing along with IaC, you dramatically reduce your costs. That’s because you won’t have to spend money on hardware, hire people to operate it, and build or rent physical space to store it.
IaC best practices
•Make code your single source of truth. You should explicitly code all the infrastructure specifications in configuration files. Your configuration files should be the single source of truth for all your infrastructure management concerns.
•Version control all of your configuration files.
•Test and Monitor Your Configurations. IaC is code, and like all code, it can be tested. By employing testing and monitoring tools for IaC, you can check for errors and inconsistencies in your servers before you deploy them to production.
Different IaC tools
No tool can do everything and each one is great in a specific area. IaC tools automate tasks in different categories for different phases:
3 main categories based on phases:
•configuration of provisioned infrastructure
•deployment of application
Moreover, the IaC tools differ in the way HOW they work:
•declarative vs procedural : Procedural language is also often referred to as imperative language and it outlines a specific set of steps that must be taken in order to arrive at the desired outcome. Declarative language tells the program what needs to be done and allows the program to figure out the necessary steps.
•mutable vs immutable : A mutable object can be changed after it's created, and an immutable object can't
•agent vs agentless : sometimes agent is required to do the job.
For example, here’s a comparison of Terraform and Ansible
Which one should you use?
Find more details about AWS CDK in below article where I have tried covering everything about it on high level
Infrastructure as code is a crucial part of the DevOps movement. If you think of cloud computing as the first step to solving many of the problems caused by manual IT management, then it’s fair to say the IaC is the next logical step. It takes cloud computing to its fullest potential, and it frees developers and other professionals from performing manual, error-prone tasks.