You’ve probably heard of all the acronyms and might even have trouble remembering what they mean. In fact, names like AaaS (Agile as a Service), AIaaS (Artificial Intelligence as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service) are becoming more and more common with each passing year.
You’d be surprised to find out that the list of as a Service (aaS) acronyms goes on and on and on. But it doesn’t end with “as a Service”. Thanks to the advent of DevOps (the collaboration between development and IT operations), IT has been turned on its head and everything has evolved to keep up with this new world order. DevOps makes so much possible:
- It shortens the software lifecycle, fostering faster and more reliable delivery.
- It enables the addition of automation throughout the lifecycle.
- It empowers developers and operations teams to better collaborate.
- It makes it possible to employ Continuous Delivery/Continuous Integration.
Another side-effect of DevOps is the rise of Infrastructure as Code (IaC). But what does that even mean? Let’s break it down.
Within the realm of IT, infrastructure is defined as any component that serves as the foundation that supports the delivery of business systems, which translates to:
- Hardware
- Software
- Facilities
- Services
- Networks
That’s a fairly traditional take on infrastructure. But with the rise of DevOps, everything changes. Yes, infrastructure still relies on those standard components, but technology is delivered much differently today.
Consider this: Traditionally, software and services were delivered via monolithic software stacks. As businesses expanded and grew, it became clear the traditional method didn’t scale well enough to keep up with demand. That’s when containers started to really take off, which soon led to container management platforms like Kubernetes.
Once these technologies hit their stride and were being adopted by more and more enterprise-level businesses, something important happened—developers realized they could use those platforms to create CI/CD (Continuous Integration/Continuous Delivery). This drastically reduced the software development and deployment lifecycle, because it allowed for automation to be used such that code changes were automatically tested and deployed.
The level of efficiency and reliability gained from an automated CI/CD software development lifecycle brought about exponential improvements to the delivery chain. It also made it possible to automate the transition between testing, staging, and production environments. This had the effect of removing (or drastically reducing) problems that arise with unexpected code changes or configuration divergence between environments.
This is at the heart of Infrastructure as Code, which makes it possible to design, implement, and deploy application infrastructure with widely accepted best practices. And with the ability to deploy infrastructure as code (using many of the same tools as standard software development projects), developers can deploy applications with more speed and reliability than ever.
Types of IaC approaches
There are 2 approaches to IaC:
- Declarative – a functional approach that focuses on what the target configuration should be.
- Imperative – a procedural approach that focuses on how the infrastructure should be changed to meet the needs of the project.
The declarative approach defines the desired state, while the imperative approach defines the specific commands that must be executed (and the order for which they are executed) to reach the desired outcome.
What tools are required for IaC?
It might come as a surprise, but the tools used for Infrastructure as Code are pretty common. You’ll need to have the following ready to go:
- Standard frameworks used by your developers.
- Infrastructure provisioning tools (such as Terraform or AWS CloudFormation).
- Configuration management tools (such as Chef, Puppet, Ansible, or Saltstack).
- Container engine (such as Docker).
- Container management platform (such as Kubernetes).
- Version Control (such as Git).
- CI/CD tools (such as Jenkins, circleci, TeamCity, Bamboo, Datadog, or GitLab).
That is not to say you’ll require every one of the above tools. On the other hand, you might even need more. The important thing is that you must decide which approach you want to take for IaC, lay out your project (and its demands), and then start building the means to make it happen.
Automation is key
One aspect of IaC that is incredibly crucial is automation. The goal should be to shift from having to do manual software stack updates to complete automation. As soon as changes are made in your code repository, automation should kick in to test and deploy that code to production. That is key to Infrastructure as Code because the code isn’t just delivered as a service or application, it also serves as the delivery and update mechanism.
And by automating aspects like provisioning and configuration, you’ve elevated your delivery platform in ways you can’t achieve with traditional infrastructure methods.
Don’t forget security testing
While you’re building your IaC platform, your first priorities will be standing up and automating the stack. As you do that, you must not forget about security testing. If you neglect the security aspect of IaC, you’ll find yourself delivering apps and services ripe for hacking. As you build your IaC delivery platform, you must ensure that your software stacks are always in compliance with industry regulations and best practices.
This can be a massive challenge, given how many moving parts are involved with IaC. If you begin this process with an eye on security, you’ll have less trouble making sure it is properly implemented as you go along. Keep unnecessary ports closed, use only official container images, and test, test, test.
In fact, your goal should be to implement automated security testing (to go along with the automated bug testing and deployment). Don’t just “shift security left” by leaning on your developers to secure your systems. Because IaC is very DevOps-centric, the onus of security will be on every department involved.
Conclusion
Infrastructure as Code is a complex model that will deliver incredible results to your business (if implemented wisely). If you take the time upfront and design the system with industry best practices in mind, you’ll find your IaC platform will make it possible for your business to scale to meet nearly any demand thrown at your systems.
If you enjoyed this, be sure to check out our other DevOps articles.