A short guide to the role of infrastructure as code (IaC) in DevOps
A short guide to the role of infrastructure as code (IaC) in DevOps

A short guide to the role of infrastructure as code (IaC) in DevOps

Defining what DevOps is doesn’t come easy. So one way to understand what DevOps entails is to focus rather on what it’s not. It’s not a team, it’s not a fancy name for a job role, and it’s not a technology.

Searching the internet, you’ll find a plethora of definitions. But from my experience, I would say the most comprehensive way to describe it is that DevOps is a set of processes, practices and techniques designed to make software delivery more efficient.

The concept of DevOps relies on 4 core values – Culture, Automation, Measurement and Sharing – otherwise known as CAMS. In this article, I’ll focus on helping you understand one of my favorite things about DevOps – automation. Why favorite? Because once I get to push down the manual work to a minimum, software delivery becomes a walk in the park. 

What is Infrastructure as Code

Before DevOps came along, managing infrastructure implied many clicks around a user interface and loads of manual commands like setting up servers, configuring networks, creating route tables, and software installations. All these tasks were carried out by a group of sys/network/security admins, oftentimes from different teams, which resulted in higher maintenance and operating costs, increased time and effort, and proneness to human error.

Through code, DevOps has moved things to the next level, automating infrastructure like never before. 

Infrastructure as Code (IaC) is a concept that evolved around the idea of managing infrastructure through code in terms of define, deploy, update, and destroy using specific tools/programs that automatically carry out these tasks for you.

Task automation with IaC

When it comes to the end-to-end automation of tasks, there are 3 main areas to focus on: 

#1 Infrastructure provisioning

For newbies, that’s the process where you set up the proper environment for software development. This is where you:

  • Create new servers
  • Configure the network
  • Create the loadbalancers and databases, and monitor them

For this kind of tasks, you can use specific IaC provisioning tools (Terraform, CloudFormation), classic configuration management tools (Ansible, Chef, Puppet) or even tools created specifically for developers (Pulumi, AWS Cloud Development Kit).

#2 Configuration on the provisioned infrastructure

At this stage you:

  •  Install apps on servers
  •  Manage apps
  •  Prepare the infrastructure for application deployment

For all these tasks, you can use classic configuration management tools (Ansible, Chef, Puppet, Saltstack) or container orchestrator specific tools like Kubernetes (Helm, Helmfile, Kustomize, Operators).

#3 Deployment 

In the lifecycle of any application development, deployment is the most important task. Because at this point, you’re getting all the processes of the new software up and running properly. 

During deployment on provisioned infrastructure, most often you’re working with Docker containers and orchestration tools like Kubernetes, Marathon/Mesos, Cloud Managed Container Orchestration Solutions (AWS ECS), Docker Swarm, and Nomad.

Equally important, when managing infrastructure with IaC tools, there are 2 phases to consider: 

  1. The initial setup phase,  when you carry out provisioning and configuration tasks such as the initial installation and configuration of software.
  2. The maintenance phase, when the existing infrastructure undergoes changes such as updating the software, adding or removing configurations.

Various IaC tools are available for task automation, regardless of infrastructure management area or phase. One good practice in IaC is to use a combination of 2 or several IaC tools.

7 reasons you should use IaC

When infrastructure is defined as code, you can use a wide variety of software engineering practices that not only improve the software delivery process in several ways:

  • Self-service: when infrastructure is defined in code, the entire deployment process can be automated. This means developers can kick off their own deployments whenever necessary;
  • Speed: when automated, the entire deployment process happens way much faster that the traditional way;
  • Safety: an automated process is by far more consistent, more repeatable, and not prone to manual error than a manual one.
  • Easy access to infrastructure data: the state of the infrastructure is represented in source files that anyone can read.
  • Version control: the IaC source files stored in the version control system make it easier to debug issues because the commit log history is available and you can easily switch to a previous version in case something goes wrong.
  • Validation: every change on the IaC source files can be code-reviewed. You can run automated tests and pass the code through static analysis tools.
  • Reuse: you can create reusable modules that can be used in every product, regardless of environment.

3 Iac Challenges

There are two sides to every story. Even though IaC creates a lot of value in any software environment, there are some things to consider: 

    1. Learning curve: since IaC relies on code, you need to be really good at coding. If you do not have a developer bench ready, it gets even more difficult to master Iac fast.
    2. Time consuming transition: moving fast from manual infrastructure provisioning to IaC and trying to mix them usually generates time-consuming issues.
    3. Lack of example code

Be that as it may, implementing IaC principles and using the right IaC tools will automate infrastructure provisioning, saving time and speeding up the software delivery process.

More resources on DevOps and Iac: