HOME

TheInfoList



Click Here for Items Related To - Infrastructure As Code
OR:
Infrastructure As Code on:   [Wikipedia]   [Google]   [Amazon]

Infrastructure as code (IaC) is the process of managing and provisioning computer
data center A data center (American English) or data centre (British English)See spelling differences. is a building, a dedicated space within a building, or a group of buildings used to house computer systems and associated components, such as telecommuni ...
s through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. The
IT infrastructure Information technology infrastructure is defined broadly as a set of information technology (IT) components that are the foundation of an IT service; typically physical components ( computer and networking hardware and facilities), but also vario ...
managed by this process comprises both physical equipment, such as bare-metal servers, as well as
virtual machine In computing, a virtual machine (VM) is the virtualization/emulation of a computer system. Virtual machines are based on computer architectures and provide functionality of a physical computer. Their implementations may involve specialized hardw ...
s, and associated configuration resources. The definitions may be in a
version control system In software engineering, version control (also known as revision control, source control, or source code management) is a class of systems responsible for managing changes to computer programs, documents, large web sites, or other collections ...
. The code in the definition files may use either scripts or declarative definitions, rather than maintaining the code through manual processes, but IaC more often employs declarative approaches.


Overview

IaC grew as a response to the difficulty posed by
utility computing Utility computing or The Computer Utility is a service provisioning model in which a service provider makes computing resources and infrastructure management available to the customer as needed, and charges them for specific usage rather than a ...
and second-generation web frameworks. In 2006, the launch of
Amazon Web Services Amazon Web Services, Inc. (AWS) is a subsidiary of Amazon that provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. These cloud computing web services provide ...
Elastic Compute Cloud and the 1.0 version of
Ruby on Rails Ruby on Rails (simplified as Rails) is a server-side web application framework written in Ruby under the MIT License. Rails is a model–view–controller (MVC) framework, providing default structures for a database, a web service, and web p ...
just months before created widespread scaling problems in the enterprise that were previously experienced only at large, multi-national companies. With new tools emerging to handle this ever-growing field, the idea of IaC was born. The thought of modeling infrastructure with code, and then having the ability to design, implement, and deploy application infrastructure with known software best practices appealed to both software developers and IT infrastructure administrators. The ability to treat infrastructure as code and use the same tools as any other software project would allow developers to rapidly deploy applications.


Advantages

The value of IaC can be broken down into three measurable categories: cost, speed, and risk. Cost reduction aims at helping not only the enterprise financially, but also in terms of people and effort, meaning that by removing the manual component, people are able to refocus their efforts on other enterprise tasks. Infrastructure automation enables speed through faster execution when configuring your infrastructure and aims at providing visibility to help other teams across the enterprise work quickly and more efficiently. Automation removes the risk associated with human error, like manual misconfiguration; removing this can decrease downtime and increase reliability. These outcomes and attributes help the enterprise move towards implementing a culture of
DevOps DevOps is a set of practices that combines software development (''Dev'') and IT operations (''Ops''). It aims to shorten the systems development life cycle and provide continuous delivery with high software quality. DevOps is complementary to ...
, the combined working of
development Development or developing may refer to: Arts *Development hell, when a project is stuck in development *Filmmaking, development phase, including finance and budgeting *Development (music), the process thematic material is reshaped *Photographi ...
and operations.


Types of approaches

There are generally two approaches to IaC: declarative (functional) vs. imperative (procedural). The difference between the declarative and the imperative approach is essentially '' 'what' '' versus '' 'how' ''. The declarative approach focuses on what the eventual target configuration should be; the imperative focuses on how the infrastructure is to be changed to meet this. The declarative approach defines the desired state and the system executes what needs to happen to achieve that desired state. Imperative defines specific commands that need to be executed in the appropriate order to end with the desired conclusion.


Methods

There are two methods of IaC: push and pull. The main difference is the manner in which the servers are told how to be configured. In the pull method, the server to be configured will pull its configuration from the controlling server. In the push method, the controlling server pushes the configuration to the destination system.


Tools

There are many tools that fulfill infrastructure automation capabilities and use IaC. Broadly speaking, any framework or tool that performs changes or configures infrastructure declaratively or imperatively based on a programmatic approach can be considered IaC. Traditionally, server (lifecycle) automation and
configuration management Configuration management (CM) is a process for establishing and maintaining consistency of a product's performance, functional, and physical attributes with its requirements, design, and operational information throughout its life. The CM proc ...
tools were used to accomplish IaC. Now enterprises are also using continuous configuration automation tools or stand-alone IaC frameworks, such as Microsoft’s PowerShell DSC or AWS CloudFormation.


Continuous configuration automation

All continuous configuration automation (CCA) tools can be thought of as an extension of traditional IaC frameworks. They leverage IaC to change, configure, and automate infrastructure, and they also provide visibility, efficiency and flexibility in how infrastructure is managed. These additional attributes provide enterprise-level security and compliance.


Community content

An important aspect when considering CCA tools, if they are open source, is the community content. As
Gartner Gartner, Inc is a technological research and consulting firm based in Stamford, Connecticut that conducts research on technology and shares this research both through private consulting as well as executive programs and conferences. Its clients ...
states, the value of CCA tools is "as dependent on user-community-contributed content and support as it is on the commercial maturity and performance of the automation tooling". Vendors like
Puppet A puppet is an object, often resembling a human, animal or mythical figure, that is animated or manipulated by a person called a puppeteer. The puppeteer uses movements of their hands, arms, or control devices such as rods or strings to move ...
and
Chef A chef is a trained professional cook and tradesman who is proficient in all aspects of food preparation, often focusing on a particular cuisine. The word "chef" is derived from the term ''chef de cuisine'' (), the director or head of a kitc ...
, those that have been around a significant amount of time, have created their own communities. Chef has Chef Community Repository and Puppet has PuppetForge. Other vendors rely on adjacent communities and leverage other IaC frameworks such as
PowerShell PowerShell is a task automation and configuration management program from Microsoft, consisting of a command-line shell and the associated scripting language. Initially a Windows component only, known as Windows PowerShell, it was made open-sou ...
DSC. New vendors are emerging that are not content-driven, but model-driven with the intelligence in the product to deliver content. These visual, object-oriented systems work well for developers, but they are especially useful to production-oriented DevOps and operations constituents that value models versus scripting for content. As the field continues to develop and change, the community-based content will become ever more important to how IaC tools are used, unless they are model-driven and object-oriented. Notable CCA tools include: Other tools include AWS CloudFormation,
cdist cdist is a free software configuration management tool for Unix-like systems. It manages nodes over SSH using the Bourne Shell, and does not require any additional software to be installed on target nodes. Cdist differentiates itself from com ...
, StackStorm, Juju and Step CI.


Relationship to DevOps

IaC can be a key attribute of enabling best practices in
DevOps DevOps is a set of practices that combines software development (''Dev'') and IT operations (''Ops''). It aims to shorten the systems development life cycle and provide continuous delivery with high software quality. DevOps is complementary to ...
– Developers become more involved in defining configuration and Ops teams get involved earlier in the development process. Tools that utilize IaC bring visibility to the state and configuration of servers and ultimately provide the visibility to users within the enterprise, aiming to bring teams together to maximize their efforts. Automation in general aims to take the confusion and error-prone aspect of manual processes and make it more efficient, and productive. Allowing for better software and applications to be created with flexibility, less downtime, and an overall cost-effective way for the company. IaC is intended to reduce the complexity that kills efficiency out of manual configuration. Automation and collaboration are considered central points in DevOps; infrastructure automation tools are often included as components of a
DevOps toolchain A DevOps toolchain is a set or combination of tools that aid in the delivery, development, and management of software applications throughout the systems development life cycle, as coordinated by an organisation that uses DevOps practices. Gene ...
.


Relationship to security

The 2020 Cloud Threat Report released by Unit 42 (the threat intelligence unit of cybersecurity provider
Palo Alto Networks Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core products is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to ...
) identified around 200,000 potential vulnerabilities in infrastructure as code templates.


See also

*
IT infrastructure Information technology infrastructure is defined broadly as a set of information technology (IT) components that are the foundation of an IT service; typically physical components ( computer and networking hardware and facilities), but also vario ...
*
Infrastructure as a service The first major provider of infrastructure as a service (IaaS) was Amazon in 2008. IaaS is a cloud computing service model by means of which computing resources are supplied by a cloud services provider. The IaaS vendor provides the storage, net ...
*
Orchestration Orchestration is the study or practice of writing music for an orchestra (or, more loosely, for any musical ensemble, such as a concert band) or of adapting music composed for another medium for an orchestra. Also called "instrumentation", or ...
* Continuous configuration automation


References

{{Use dmy dates, date=June 2017 Agile software development Software development process Configuration management Systems engineering Orchestration software Cloud computing As a service