Infrastructure as code: The missing link in your cloud strategy
Chances are, most of us remember life before the cloud. Navigating chilly data centers and fretting about server space are memories we won’t soon forget. Today, however, it’s not a question of when, but how much of your IT environment should shift off-premise. In fact, research predicts that by the end of this year, 83% of enterprise workloads and 67% of enterprise infrastructure will be cloud-based.
Despite mass adoption of cloud computing, many companies fail to maximize the cost savings, agility and security gains the cloud provides. Additionally, more abstract things such as the benefits of designing for failure, are frequently overlooked. Very often, the missing link is infrastructure as code.
Infrastructure as code (IAC) is a fairly new concept that surfaced in the early 2000s in response to the combination of utility computing and second-generation web frameworks like Amazon’s retail platform and Amazon Web Services (AWS). As companies moved more and more to the cloud, infrastructure management also morphed. Instead of managing one or two servers, today’s system administrators have dozens if not hundreds of servers to meet the expanding needs (and expanding infrastructure) of the modern, collaborative, dispersed workplace.
This shift in scale also changes the way that engineers ensure accurate and consistent system provisioning, deployment, and configuration. This is where IAC is key.
Simply put, IAC is a means of defining your IT infrastructure in code. Similar to software code, infrastructure as code automates the manual process of building, configuring and updating your infrastructure by a creating a script to automate these processes. After this script is run, your infrastructure is built and that script becomes a blueprint for your cloud resources. Any updates made to said blueprint are automatically provisioned and added to the “as-built” state.
Automating your infrastructure management with IAC has substantial value-adds, boosting the impact of your overall cloud strategy.
- Increased efficiency, agility and elasticity – With IAC, work that previously took hours or weeks now takes seconds. By simply running a pre-defined script, you can set up a new environment with a few clicks. This applies to virtual server deployment, storage systems, load balancers, etc. This technology can be used to create (and then quickly decommission) development, staging and production environments just about anywhere in the world. As you can imagine, this can supercharge your app development, infrastructure resilience, testing and deployment processes in ways you’ve never seen, greatly increasing your efficiency, elasticity and agility as an IT department.
- Cost savings – In addition to the reduced hardware costs associated with cloud migration, IAC reduces the time engineers spend on manual deployments. This increases productivity and time available to focus on different value-add tasks. In addition, because dev, testing and production environments can be scaled up and down rapidly, overall cloud computing costs can be better managed within your pay-per-sip consumption model.
- Increased consistency and reduced risk – Humans, by nature, are fallible. Even with strict operating procedures in place, managing your infrastructure manually opens the door to configuration discrepancies. By standardizing your infrastructure setup and deployment, you drastically reduce the possibility of errors and inconsistencies. IAC also innately provides versioning and documentation of your pre-defined infrastructure, reducing the risks associated with both human error and loss of institutional knowledge when an employee exits. Additionally, there are many security controls built into cloud platforms that minimalize the chance of malicious or accidental tampering with infrastructural code.
There are many tools in the IAC space, including leading contenders like AWS CloudFormation and HashiCorp Terraform.
AWS CloudFormation uses a script (aka template) written in JSON or YAML to provision any kind of infrastructure in AWS, creating what's called a stack. This stack becomes an as-built state of your environment. This stack can be modified by updating the template and replacing the existing template with the updated version. For example, let's say you want to change the Amazon Machine Image ID that several of your Auto Scaling groups utilize. All you would have to do is modify your launch configuration resource in your template that your ASGs are attached to, run a changeset operation that will simulate the changes to the template (to predict potential service impacts, if any), then run the change. The above change combined with using AWS' built-in function "!Ref" to dynamically reference the new launch configuration resource (as opposed to statically spelling it out) allows only one line of code to be changed to modify many different auto-scaling groups.
This would result in CloudFormation deleting the legacy launch configuration, creating a new one, and updating across your Auto Scaling groups. Instead of manually creating a new launch configuration resource, deleting the old one and manually reattaching it to every Auto Scaling group, changing one line of code and hitting “Go” automates the entire process. As you can see, this turns potentially hours of work into 30 seconds. CloudFormation also has the benefit of being developed by AWS, so you have enhanced backend integration with AWS services and typically higher efficiency.
HashiCorp’s Terraform provides the same functionality as AWS CloudFormation with the added benefit of being cloud agnostic. It’s also an open source project, which means it’s free of charge and leverages the benefits a large developer community.
Begin with the end in mind
So, while high-cost on-premise environments are moving the way of the woolly mammoth, cloud computing continues to increase in complexity and capability. As your cloud strategy evolves, keep your end goals front and center. IAC and other cloud enhancements have the power to supercharge your hybrid and off-premise infrastructure, and ANM can help you find solutions that make the most sense for your business. When you’re ready, reach out to firstname.lastname@example.org to schedule a demo.
Dylan Begley, Consulting Engineer
Dylan provides design and implementation services for ANM’s datacenter customers, with a focus in Hybrid Cloud, DevOps, and Infrastructure as Code/Automation. He was formerly a datacenter engineer on ANM’s Managed Services team, assisting customers with a wide variety of IT challenges. In his spare time, he enjoys snowboarding and video games.