Infrastructure as Code – IaC

As we have seen in the previous article, configuration management is about how the environments are configured for the applications. With configuration management as script/tool, It is more easily maintainable, such as all the release definition in the form of variables. If there is a change in the configuration then it is only fewer location change in the setup code/tool rather changing each and every possible file.

Reduce mistakes Whenever there is a change is needed on the IP and Port or end point correction in single configuration script/tool rather keep changing in all possible files manually and miss some important files that still keep the previous environment IP details and cause the error.

It brings More secure in the form of maintaining the production database username, password And connection strings in the deployment tools rather maintaining it in text or config file. Provisioning Infrastructure by the tool is always more reliable so it could avoid the repeated issues from one environment to another environment.

There are two concepts will come under configuration management

  1. infrastructure as code (IaC)
  2. Configuration of a code (CaC)

1.Infrastructure as code:

There was a high priority issue which I still remember. In the banking system, the transactions loads will be handled by two authorization server for load balancing and high availability. The IT team usually do OS patch upgrade on the application servers. During the activity, there was unfortunate happened on the OS upgrade and cause the server A to go down. Due to this unfortunate server down, it was very hard to handle the transactions loads on one server while another server is still down and the team was working to bring it up. Usually, any upgrade will happen along with all stakeholders on the call, so the delivery head requested the Infra manager to quickly bring the other fresh system By replicating Server A.  so the manager requested the system admin to set up the new system by going through the manual step that was written in the excel sheet. The system admin tried to follow the steps as per the user manual But after certain steps completed,  he could not continue, So he called another guy who can collect missed steps from his memory and assist. While the system admin was getting the fresh system ready. The client business day started and as expected the load of the transitions was more and made the server B to be in the crashed state.

This is the good learning situation for the infrastructure manager to set the process. In this situation, I was thinking on the other hand that what if the manual Excel sheet be as a simple script or configuration tools.  so it would be a fraction of second to provision new server with the configuration of same as server A.

In DevOps, Infrastructure as code provides the solution for this type of situation along with the process. When we develop the script or tool for infrastructure as code, we need to ensure that the code of the tool has been tested multiple time consistently Without error.

The infrastructure as code can be achieved with so many tools out there in the market, the tools are Vagrant, Ansible, Puppet, Chef, Docker, PowerShell DSC, python scripting, etc.

Benefits :

  • consistent server Set up across the environment
  • Elements of easily crater and scaled
  • Updates of environment infrastructure creation are fully automated

2.Configuration as code

Defining the configuration of your servers, code, and other resources as a text file (script or definition) that is checked into version control and used as the base source for creating or updating those configurations. For instance, adding a new port to a firewall should be done by editing a text file and running the release pipeline, not by remoting into the environment and spinning one up manually.

During any monthly maintenance or server upgrade activity, an application support team have to disable the configuration of one server and enable the configuration of another server. So this disables and enable was happen manually due to which the downtime window was bit large. Since it is a manual activity, every time we end up with some issues due to the wrong configuration.  In order to reduce this effort & issues, Our team comes up with a solution of configuration as code. So the script can be executed on server-A to route the traffic to server-B and vice versa.

After the script development done, It was just simple steps for us to execute the configuration setup script and downtime window also drastically reduced. The same way, we can automate the configuration of the server.

Benefits:

  • Bugs are easily reproducible by continuously using this configuration as a code scripts
  • The configuration changes become consistent

In some cases, the infrastructure as code is used to describe both provisionings (IaC) the machines and configuring the machines (CaC). So widely used term is always infrastructure as Code.

Treat the infrastructure as Software:

In DevOps, infrastructure as software leverage the organizations to concentrate on delivering the reliable products. Having this as a concept, there are many large internet based companies providing Infrastructure as a service (IaaS), Platform as a service (Paas) and Software as a Service, so you can only concentrate your customer needs.

IaaS :- There are the clouds computing service providers (AWS, Azure, GCP,etc..). Based on your application & technology you can choose the cloud service providers. Nowadays almost all cloud service providers are up to mark on supporting any kind of application to run on the cloud. To know more about cloud service providers and supports, you can go through https://www.cncf.io/about/members/

With IaaS, the organization will get hardware such as servers, storage and networking on the cloud rather spending and set up own Datacenter.

PaaS :- The cloud service providers, offer not only the hardware additionally middleware, development tool, Business intelligence & database management system. So you don’t need to worry about your infrastructure maintenance or middleware architecture design or recruit skilled DBA to manage your DB but only manage the application or the service that you have developed.

But in this service, you might have the limitation if your application running with traditional technology.

SaaS :- software as a service provided much organization from small scale to large scale. Say example, if banks want to facilitate Their customer with plastic money, they get SaaS with the organization who run switch for transaction processing.

Revolution in Infrastructure Management:

Along with the DevOps, the infrastructure drastically Finding revolution in terms of utilizing the Hardware. Running single application on high configuration servers as physical machines has been changed from Physical machine to virtual machines on top of physical machine using firmware hypervisor https://www.vmware.com/products/vsphere-hypervisor.html  and now containers on top of either directly on the bare metal physical machine or virtual machine using docker platform https://www.docker.com/what-docker

Provisioning Virtual Machine:

The virtual machines concept helps the infrastructure team to provision the new VM machines in minutes and allocate memory as well as utilize the hardware resources effectively and ease the system admin workload. There are tools like puppet, chef, ansible, vagrant & salt that use vsphere or vcenter or VM templates using vsphere web client to provision new virtual machines as per your application needs on the bare-metal physical machines or on the cloud infrastructure.

Say, there are requirements from development team with SRF (system requirement form) to infra operation team for the new project to be deployed on UAT (use acceptance testing) environment. Since the project is going to be deployed on UAT, the bare minimum configuration of the virtual machine is much enough for this SRF. So the VM specialist will provision the VM with existing template through the vCenter tool with pieces of information such as VM name, type of OS & OS version and configure with the number of process, disk format & data store location, also network level DNS & n/w name confirmation.  So the network infra team will allocate the IP manually in VLAN and open the WAF, internal & external firewall based on need and the storage team will create LUN id on SAN (storage area network) for the amount of storage to allocate for the new VM. After this, the system admin will perform server hardening (refer: http://www.serverhardening.com/). Once complete action performed by the infra operation, then only the test environment server will be given to application team for deploying the application and execution.

In this whole process of except new VM provisioning, rest all process may be the still manual process and time-consuming. Rather if we have automation tool in place to provide the whole IT operation stuff under one catalog (puppet), cookbook(chef) or generic desired state configuration script. The system engineer of DevOps can do one click and provision the whole SRF as desired virtual machines for the software engineer to run the automated build through continuous delivery.

Nowadays, There are the organizations like Cloudera, hortonworks, etc that packaged the big data Hadoop env with their distribution and uses the VM extensively for the customers.

Containers:

The container is the platform using which the software can be packaged and can be deployed on bare-metal machines or VM machines. The containerized applications are platform independent which can be installed and run on any operating system.

The container ease software development, deployment & delivery into the fastest manner and makes the application be portable, secure and cost saving. Along with container, there are further tools such as kubernetes for automating the deployment and orchestration arrangement, scale and manage the containerized application and prometheus for monitoring the containers.

Currently, Docker & Core OS rkt are the container service providers to know which one to choose https://www.upguard.com/articles/docker-vs-coreos

The containers mainly come under part of DevOps packaging the software rather discuss more on infrastructure as Code. So we will talk more about this in upcoming articles.

Redhat openshift is the cloud application platform which can be used to develop, deploy the containerized application on the cloud or on-premises cloud application.

So in the agile of DevOps world, the configuration of infrastructure for an application or product is well streamlined and automated with varieties of tools and technologies. So the developer can opt their own infrastructure with SRF of their application to run on virtual machines or they can package the application in the form of container with all the necessary application configuration and they have complete freedom of planning even the load balancing for the application.

Tools & technologies can be used anytime without DevOps but at the same time, We need to ensure that whether the process that we follow is always directly proportional to technology and vice versa.

Leave a Reply