Infrastructure as Code: All you need to know
Kristijan
Posted on January 4, 2022
Using Code to create and manage deployments is more time-efficient and less tedious when compared to using CLI or even UI. In this blog, we explore the buzz around the usage of Infrastructure as Code (IaC) and how Terraform can be used to implement IaC.
In this blog post, we will explore the good, the bad, and the ugly sides of infrastructure as code so you can make an informed decision on how (and why) to incorporate it into your workflow.
What is Infrastructure as Code?
Infrastructure as code (abbreviated as IaC) is a set of practices for infrastructure management that enables it to be managed and coordinated by code, instead of the traditional way of using CLI or UI.
You would want to have a solution that allows you to easily manage and provision infrastructure with reusability and templating in mind.
One of its most important benefits is that infrastructure as code enables infrastructure to be easily defined, replicated, templated, and put into a version-controlled system.
Why should I use Infrastructure as Code?
Infrastructure as code is beneficial for several reasons including automation, infrastructure consistency across environments, and full infrastructure history over time through the use of version control.
This allows you and your team to have increased collaboration since IaC templates can be stored inside git repositories and can easily be collaborated all across.
It also makes it easier for new team members to ramp up on how things work in your environment; because there is less need for documentation or handoffs between teammates - everything needed will already be available, on GitHub for example.
IaC enables infrastructure to scale just like software does, with definitions for multiple environments such as development, staging, and production.
This means infrastructure can be quickly modified during the development process and the changes can be tested in an environment that is identical to production, hence minimizing any errors.
It is much quicker to code or supply templates for new infrastructure than it is to use a CLI console or UI.
Of course, there are exceptions depending on the infrastructure end goal.
The tools can help you create things in parallel. Imagine creating ten instances that need having extra disks attached.
Even though this goal is quite straightforward, it will take you an eternity to complete it. You would need to click through UI wizards countless times to spin up all instances.
However, utilizing the potential of IaC makes this simple.
The code may be used to iterate through a list of your chosen Instances and create them in a breeze.
It's crucial to remember that infrastructure as code is not a magic bullet for infrastructure management.
IaC is only one piece of the puzzle, as with everything, there is more to it.
How do I get started with Infrastructure as Code?
There are many infrastructure as code tools such as Terraform, Pulumi, CloudFormation, and others which we will take a look at in a minute.
To get started with IaC, you must first have established a goal and objective on how you want to manage your infrastructure.
For managing the infrastructure, it is easier if it’s to be provisioned and run through a cloud provider.
Although, the versatility of IaC still enables you to manage even physical infrastructure. This is no exception.
In general, IaC works well with any infrastructure that can be defined using code or templates.
You might use IaC to define the entirety of your infrastructure, or you may go hybrid and define some services using IaC while others through UI or CLI tooling.
Keep in mind that attempting to integrate current infrastructure into IaC code is a little more challenging and will require some effort, but isn't impossible. It is much easier starting from scratch with IaC.
The pros and cons of using Infrastructure as Code
Some pros and cons were already mentioned in the previous sections.
However, let's clear it up and look at them compared.
Pros
- Infrastructure as code is version controlled, which means you have a history of who did what and which changes have been done on the environment.
- In case of an issue, you can easily roll back to a previous state if needed.
- IaC enables infrastructure to be quickly modified during the development process and changes tested in an environment that is identical to production.
- It's much quicker for a human to code infrastructure than it is to provision infrastructure via user interfaces. Your already written code blocks and templates can be reused in the future.
- IaC tools are readily available which can be used for managing infrastructure across cloud providers, on-premises, or even hybrid environments.
Cons
- It is difficult to integrate current infrastructure into IaC in the case of an existing environment where you have a lot of infrastructure(s) already created.
- There is a learning curve and requires some effort to get infrastructure provisioned via IaC. However, it's well worth the effort spent in learning it.
- You must be able to define infrastructure using code or templates for IaC to work. This means learning another language, syntax, and logic.
- Not everything can be created and connected by the use of IaC; there are some limitations.
Tools for Infrastructure as Code
There are many IaC tools that you may use to manage infrastructure.
Some of these include:
- Terraform for managing infrastructure in any cloud provider or your own data center.
- CloudFormation from Amazon AWS enables you to define resources through custom templates.
- Pulumi is another open-source tool for infrastructure as code which was created by former Google employees with experience in managing infrastructure at scale.
- Azure Resource Manager which is Microsoft's answer to infrastructure as code. Using ARM you can easily provision infrastructure using JSON templates.
The most commonly used IaC tool is Terraform, as it offers a vendor-agnostic approach with extended support for different providers, services, and infrastructure components.
Terraform enables you to define infrastructure using the declarative approach. By writing configuration files in its language, HCL and reusability of code through modules.
You may use these building blocks for configuration management, data management, continuous delivery workflows, serverless functions, and a variety of other applications.
Terraform Demo
You can now see how IaC can help automate creating multiple instances.
To demonstrate the power of IaC, let's take on the task of creating the ten instances here.
terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "3.89.0"
}
}
}
provider "google" {}
variable "instance_count" {
default = "10"
}
resource "google_compute_instance" "instance" {
count = var.instance_count
project = "YOUR-PROJECT-ID"
zone = "us-central1-a"
name = "squadcast-instance-${count.index}"
machine_type = "e2-medium"
attached_disk {
source = "instance-disk-${count.index}"
}
lifecycle {
ignore_changes = [attached_disk]
}
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
}
}
network_interface {
network = "default"
}
}
resource "google_compute_disk" "instance-disk" {
count = var.instance_count
project = "YOUR-PROJECT-ID"
zone = "us-central1-a"
name = "instance-disk-${count.index}"
type = "pd-ssd"
size = "50"
physical_block_size_bytes = 4096
}
Three commands are executed in succession:
- terraform init - to initialize Terraform, prepare, and download all the necessary files before running
- terraform plan - to print out the execution plan on what infrastructure elements will be created(or deleted)
- terraform apply - finally applying the staged changes and executing the creation of the instances
In a breeze, all the instances are created along with the extra pair of disks.
Squadcast is an incident management tool that’s purpose-built for SRE. Your team can get rid of unwanted alerts, receive relevant notifications, work in collaboration using the virtual incident war rooms, and use automated tools like runbooks to eliminate toil.
Posted on January 4, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.