In today’s world, applications are developed, updated and deployed within weeks. To keep up such a pace and ensure that the applications perform as expected at scale, it is important that the underlying infrastructure can also be provisioned and scaled as needed with minimal effort. Infrastructure as Code (IaC) is a concept that helps organizations achieve that flexibility.
To understand where Infrastructure as Code can be used, it is important to understand what it is trying to solve. Take the below traditional on-premise process of deploying a web application:
- The development team has spent months developing a state-of-the-art solution that addresses a business need and is now ready to be deployed.
- The development team opened a ticket with the operations team requesting resources to run the application, typically web and database servers.
- The operations team provisions and hardens the infrastructure and requests the deployment package from the development team, along with installation steps.
- The development team provides the requested information, which the operations team follows to deploy the application.
In the above scenario, if everything goes well, the time-to-market can span from weeks to months due to the following potential issues:
- New servers have to be ordered.
- Production server configuration may be different from the development environment, resulting in the application not performing as expected; this, in turn, requires additional time to “fix” the application.
- Any changes to the production environment by the operation team may adversely affect the application if the same policies are not applied to and tested in the development environment.
- Changes to the development environment (outside of the application code) to make the application work but which cannot be applied to the production environment due to security concerns.
While the above list is not exhaustive, it is a snapshot of some common issues. Infrastructure as Code (IaC) can help solve the above issues and goes beyond its benefits. Its primary goal is to provision infrastructure using code to produce consistent and identical environments.
Now let’s explore the benefits of IaC. As the name implies, it is the process of defining the desired state of the environment using code, which, upon execution, produces a consistent and identical environment.
This affords the following benefits:
- Source Control and Versioning: As the infrastructure is defined in code, it can be stored in the organization’s preferred source control software and versioned. This, in turn, provides additional benefits such as versioning, branching, traceability and rollbacks.
- Consistent Environments: Since the infrastructure is provisioned using code and not a manual process, the result is a consistent and reproducible environment across all types – development, testing, staging and production. While each environment will differ in terms of scale, they will still be similar in terms of policies and configuration.
- Reusability and Scalability: Configuration of resources such as web servers can be stored in centralized modules and reused. This also means the environment can be scaled by calling the module as many times as the number of similar resources required. This also further promotes consistency.
- Reduced TTM: Provisioning environments using code ensures that the entire IT team — from developers to testers to operations — are working on similar environments, reducing environment bugs, improving software quality and reducing time to market.
- Documentation: Infrastructure defined in code serves as a living document that is constantly updated as changes are implemented—no need for Visio diagrams that tend to drift away from reality.
Now, to the interesting part of IaC: How to achieve it (using tools, of course).
IaC tools can be broadly classified into two categories:
- Tools used to provision infrastructure – Tools such as Terraform, Cloud Formation, ARM templates and Pulumi are used to provision new infrastructure or update existing infrastructure to achieve the desired end state.
- Tools used to configure infrastructure – Tools such as Chef, Ansible, and Puppet are used to configure the existing infrastructure to ensure the resources are similarly configured.
Generally, the above tools are used together. For example, Terraform is used to provision VMs, and Ansible is used to configure the VM.
In today’s fast-paced world, where everything is moving to the cloud and software updates are more frequent, IaC provides the toolset that automates the development, testing, and deployment process, improves software quality and promotes cohesiveness across all IT Teams, ultimately reducing the overall deployment timeline.