Designing – Infrastructure as Code

I hope everyone knows about code quality, using features of object-oriented programming and designing and writing his or her code in the modular form.All these terms we use while talking during writing software code and during development process but very few people use such terms while managing server-side infrastructure. It requires altogether a different perspective while designing such infrastructure on Cloud.We are in Cloud or Hybrid era where data centers are getting consolidated by big players like AWS, MS, Google, Rackspace and other.Cloud service consumers are getting an opportunity to rethink and re design their infrastructure to make it more reliable,cost effective and make it more optimized and performance oriented.

Yes, I know system administrator doesn’t have much exposure on this side because of their involvement in the incident, configuration, and problem management for their infrastructure or rebuilding or reconfiguring repetitive infrastructure to provide infrastructure services. I am talking about all managed component that includes your servers, firewall, switches, routers, storage etc.We keep continue to monitor them so that they remain healthy so that electronic flow continue to transmit the required information to end users so that services from the vendor like Uber, Ola, AWS, Google maps, YouTube etc. continue to run. Companies even don’t want to imagine what will happen if such services fail for hours or for a day due to its financial impact on their revenue and loss in market share.

Let us stop telling theory and directly jump to the practical world of available tools and technology that helping organization to redesign and rewrite their Infrastructure in Code form so that we can rebuild IT infrastructure in a fraction of seconds in case of disaster or in a case where we would like to scale our services in a reliable manner. We have heard of AWS cloud formation, OpenStack Heat or other similar vendor-specific products that help you to build complete application stack on a single click but I will focus here for Hashicorp’s product like Packer, Terraform that changing dimensions of writing your infrastructure.

Terraform helps you in building vendor neutral code and is an open source product that helps you in building Reproducible Infrastructure on a single click. It gives you an option to write, plan and apply changes and none another tool provides such option.You can build your IT infrastructure (firewall, routing, servers, load balancers, DNS records, deploy code etc) on any cloud with minor modification in your terraform code for respective plugins and modules.It is becoming a front-runner in Infrastructure as Code zone due to its plan and apply feature.

There are many opensource projects where you can pick terraform code and can use it to build your own infrastructure in a standardized way and one of such community is Terragrunt and its Code example is available at Terragrunt on Github.

Following is small terraform code to build a AWS EC2 server, Create

provider "aws" {
  access_key = "ACCESS_KEY_HERE"
  secret_key = "SECRET_KEY_HERE"
  region     = "us-east-1"  
resource "aws_instance" "example" {
  ami           = "ami-2757f631"
  instance_type = "t2.micro"  

Common commands to build and destroy AWS infra.
  • #terraform plan
  • #terraform apply
  • #terraform destroy

It’s not all about just terraform or other tool but the main crux lies in about how you write or design such modules. You require developer mentality while writing such code and you have to divide your infrastructure code into libraries/modules so that you can reuse same code while building a similar stack for your organization. You need to standardize on naming convention, dividing code into modules and managing such code on the centralized repository for version control management. As a system administrator, you will be pushing new infra code, merging branches and deploying your latest infra using such approved code. You will start thinking like a developer.

DevOps, SRE, Deployment Engineers and other such related profiles are making such thing to happen for the organization and helping them to write reproducible infrastructure.

People get confused with configuration management tools like Puppet, Chef, and Ansible with a comparison to Infrastructure as Code tools like Terraform, AWS Cloudformation, Heat. Both these tool category lies on the different side where you configure and install your application using configuration tools whereas you build infrastructure components using Infrastructure as Code tools. But these layers are getting merged day by day by their vendor to get more market share. For an example:

You build a Web server where you create an AWS EC2 server using terraform and then you run Puppet manifest files to install apache server and download required configuration.

Docker is another player that indirectly helping in Infrastructure as Code using DockerFile and docker-compose tools where you build containerized infrastructure using the combination of terraform + Docker where you deploy new stack on a single click but I am not covering it under this blog and you can read some related information in my another Docker blog.