Infrastructure as Code
Infrastructure as Code (IaC) is the process of managing and provisioning computing infrastructure (processes, bare-metal servers, virtual servers, etc.) and their configuration through machine-processable definition files, rather than physical hardware configuration or the use of interactive configuration tools.[1] This has been achieved previously through either scripts or declarative definitions, rather than manual processes, but developments as specifically titled 'IaC' are now focused on the declarative approaches.
Infrastructure as Code approaches have become increasingly widespread with the adoption of cloud computing and Infrastructure as a Service (IaaS). IaC supports IaaS, but should not be confused with it.[1]
Contents
Overview
IaC grew as a response to the difficulty posed from two pieces of disruptive technology – utility computing and second-generation web frameworks. This brought about widespread scaling problems for many enterprises that were previously only witnessed by huge companies.[2] In 2006 specifically, new challenges were brought to the forefront that shook the technology industry; the launch of Amazon Web Services’ Elastic Compute Cloud and the 1.0 version of Ruby on Rails just months before.[3] With new tools emerging to handle this ever growing field, the idea of Infrastructure as Code was born. The thought of modelling infrastructure with code, and then having the ability to design, implement, and deploy applications infrastructure with known software best practices appealed to software developers and IT infrastructure administrators. The ability to treat it like code and use the same tools as any other software project would allow developers to rapidly deploy applications.[4]
Added value and advantages
The value of Infrastructure as Code can be broken down into three, measurable categories: Cost (reduction), Speed (faster execution) and Risk (remove errors and security violations).[5] Cost reduction aims at helping not only the enterprise financially but also in terms of people and effort, meaning that by removing the manual component, people are able to refocuses their efforts towards other enterprise tasks. Infrastructure automation enables speed through faster execution when configuring your infrastructure and aims at providing visibility to help other teams across the enterprise work quickly and more efficiently. Automation removes the risk associated with human error, like manual misconfiguration; removing this can decrease downtime and increase reliability. These outcomes and attributes help the enterprise move towards implementing a culture of DevOps, the combined working of Development and Operations.[6]
Types of approaches
There are generally two approaches to IaC: declarative (functional) vs. imperative (procedural). The difference between the declarative and imperative approach is essentially 'what' versus 'how' . The declarative approach focuses on what the eventual target configuration should be; whereas, imperative focuses on how the infrastructure is to be changed to meet this.[7] The declarative approach defines the desired state and the system executes what needs to happen to achieve that desired state. Imperative defines specific commands that need to be executed in the appropriate order to end with the desired conclusion.[8]
Methods
There are two methods of IaC: 'Push' and 'Pull' . The main difference is the manner in which the servers are told how to be configured. In the Pull method the server to be configured will pull its configuration from the controlling server. In the Push method the controlling server pushes the configuration to the destination system.[9]
Tools
There are many tools that fulfill infrastructure automation capabilities and utilize Infrastructure as Code. Broadly speaking, any framework, or tool that performs changes or configures infrastructure declaratively or imperatively based on a programmatic approach can be considered IaC.[10] Traditionally, server (lifecycle) automation and configuration management tools were used to accomplish IaC, now enterprises are utilizing Continuous Configuration Automation tools or stand-alone IaC frameworks, such as Microsoft’s PowerShell DSC.[11]
Continuous Configuration Automation
All Continuous Configuration Automation (CCA) tools can be thought of as an extension of traditional IaC frameworks; it leverages IaC to change, configure, and automate infrastructure, but also provides visibility, efficiency and flexibility in how your infrastructure is managed.[2] These additional attributes provide enterprise level security and compliance - making companies keen on implementing these types of tools.
Community content
An important aspect when considering CCA tools is the community content. As Gartner states the value of CCA tools is “as dependent on user community-contributed content and support as it is on the commercial maturity and performance of the automation tooling.”[2] Vendors like Puppet and Chef, those that have been around a significant amount of time, have created their own communities; Chef has Chef Community Repository and Puppet has PuppetForge,[12] other vendors rely on adjacent communities and leverage other IaC frameworks such as PowerShell DSC.[11] As the field continues to develop and change, the community based content will become ever important to how IaC tools are utilized.
Notable CCA tools include:
| Tool Name | Released by | Method | Approach |
|---|---|---|---|
| Ansible Tower | Ansible | Push | Declarative & Imperative |
| CFEngine | CFEngine | Pull | Declarative |
| Chef | Chef | Pull | Imperative |
| Otter | Inedo | Push | Declarative & Imperative |
| Puppet | Puppet | Pull | Declarative |
| SaltStack | SaltStack | Push | Declarative & Imperative |
Relationship to DevOps
Infrastructure as Code can be a key attribute of enabling best practices in DevOps – Developers become more involved in defining configuration and Ops teams get involved earlier in the development process.[13] Tools that utilize IaC bring visibility to the state and configuration of servers and ultimately provide the visibility to users within the enterprise, aiming to bring teams together to maximize their efforts.[14] Automation in general aims to takes the confusion and error-prone aspect of manual processes and make it more efficient, and productive. Allowing for better software and applications to be created with flexibility, less downtime, and an overall cost effective way for the company. IaC is intended to reduce the complexity that kills efficiency out of manual configuration. Automation and collaboration are considered central points in DevOps; Infrastructure automation tools are often included as components of a DevOps toolchain.[15]
References
- ↑ 1.0 1.1 Lua error in package.lua at line 80: module 'strict' not found.
- ↑ 2.0 2.1 2.2 Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ 11.0 11.1 Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
- ↑ Lua error in package.lua at line 80: module 'strict' not found.
