Repeatability, simplicity, and traceability have emerged as the core pillars (from a coding perspective) for many organizations. Application code is stored in Git or SVN and code reviews are performed through Crucible or in build Pull Requests. Automated deployments help developers to move software and features quickly, thereby delivering additional value to customers.
Somehow, for the longest time, infrastructure was never made a part of this practice and servers were managed manually in the data centers. But then, configuration management and Infrastructure as Code (Iac) was introduced.
Today, most of the infrastructure is hosted in data centers which are either on-premise or are owned by cloud providers such as Amazon AWS, Google Cloud Provider or Microsoft Azure. As we launch new infrastructure, there’s also a behind-the-scenes interaction with robust APIs of each platform. This paves the way for new approaches and innovation. Infrastructure can be deployed and configured through API calls, which provide a great opportunity for Infrastructure as Code (IaC) tools like Terraform, CloudFormation, and Pulumi.
What is Infrastructure as Code (IaC)?
Now, to understand how the infrastructure is managed by organizations, let’s take a deep dive about what exactly we mean by Infrastructure as Code.
Just as we check our application code into Git repos, which serves as the source of truth for all things, we can also describe the shape and characteristics of our cloud infrastructure using code. In Terraform, this means writing HCL (HashiCorp Configuration Language) and checking that code into source control.
When infrastructure changes are desired, one simply opens the Pull Request to a "Terraform" Git repo. It goes through the review process, and any changes are eventually applied to the cloud platform(s) of your choice.
You might wonder how a tool like Terraform keeps track of what it manages. How does it prevent multiple engineers from applying their changes at the same time?
This is where we have the concept of State Locking in Terraform, when multiple engineers are working on code and committing the code simultaneously. To prevent all of them from applying changes at the same time, one might use Terraform DynamoDB state locking, which simply uses DynamoDB as a locking mechanism.
What problems does Infrastructure as Code solve?
Using a tool like Terraform, in combination with version control, we're able to track each change that gets made to our infrastructure. Previously, before Infrastructure as Code (IaC), we'd frequently use configuration management tools such as Puppet or Ansible and bend it to solve problems it wasn't best equipped to solve.
In today's world, new services need to be launched rapidly, and the duration between launching the first environment and production is reducing more and more. In order for DevOps to scale, we need tools that provide us with repeatable, scalable, and transparent ways of managing our cloud infrastructure. Standing up a second environment should be a matter of copying a variable’s file, tweaking it slightly, and then deploying it. This greatly contrasts with the old way of doing things: going through the console, clicking around, and hoping you didn't miss anything while configuring resources. Infrastructure as Code (IaC)) is a great way to make managing distributed and complex infrastructure sane.
Blog author Nikhil Yadav in our "Let's talk DevOps" - video talk show on the topic of IaC
Benefits Using Infrastructure as Code
Speed
The power of using Infrastructure as Code (IaC) tool comes with agility. You can’t copy and paste SQS Queues, RDS instances, Clusters etc in the console and manage them directly with SDK’s or resources is the best use of time. With Infrastructure as Code (IaC) you can leverage open-source modules on GitHub, as well as in the HashiCorp Terraform Registry. This significantly reduces the amount of HCL code to launch new components in your infrastructure. In terms of applying your changes, like other configuration management tools, Terraform is capable of using multiple threads to deploy your infrastructure in a concurrent fashion, thereby reducing the amount of time it takes to actually deploy changes. The syntax is also much more declarative instead of one giant JSON or YAML.
Consistency
Infrastructure as Code (IaC) tool like Terraform provides consistency as a drift across multiple environments can be a nightmare for DevOps and software engineers. The natural question arises, “why is it working in DEV or Test, why not in PROD?” This is where Infrastructure as Code (IaC) provides consistency for these use cases and with GitOps (where Git will be a single source of truth), it makes the life of Support as well as DevOps teams much better.
Accountability
In today’s world, this word can mean many things. Many of us strive on blameless culture in our businesses, but this doesn't mean accountability isn't important.
Since Infrastructure as Code (IaC) lives in source control, as the single source of truth, we can track who made a specific change to a given infrastructure component, just like we may “git blame” a line of code in our applications after a regression is introduced. This fosters better communication since half the battle is about knowing who made the change.
Lower Cost
When all of your cloud infrastructure is managed in one single place, it makes cost analysis of infrastructure much easier. Depending on the cloud vendor and Infrastructure as Code (IaC) tools, there are many plugins like AWS Pricing Calculator or Infra Cost, which calculate the financial impact of each modification made in the infrastructure as code source control repository. No need to manually use a cost calculator for each change set anymore. This quick feedback loop approach ties back into the speed and efficiency benefits provided by . Infrastructure as Code (IaC) to reduce your infrastructure costs too.
Conclusion
To summarize the contents of this article, Infrastructure as Code (IaC) tools such as Terraform, Pulumi, and CloudFormation offer multiple benefits like speed, security, reliability, and more. Implementing such Infrastructure as Code (IaC) tools can greatly improve the productivity of your teams as they invariably need cloud infrastructure to meet the technical needs of the organization. It's important to note that choosing the right tool from the very beginning will unlock the doors for you in future, as you introduce new third-party solutions and APIs.