Back to Blog Home

What is Infrastructure As Code

Rob Timothy| DevOps | 9 months, 1 week


Work of infrastructure engineers or DevOps engineers is considered to be very chaotic with lot of manual task juggling and scripting acrobatics. Manual tasks are a complicated mess where no one really knows what has gone in to provision a server and if there is a failure ( which there always is ), then there is no way to track changes. What follows after a failure is Sherlock Holmes style tracing the clues to find the true caue. 


Provisioning and configuring servers using scripts was relatively better way because of less human intervention and automation. Also scripts could be version controlled and it’s changes could be tracked. But approach of writing scripts also causes significant problems because there is no ‘right’ way to write a script and this makes them difficult to understand and maintain. 


Scripts also tend to grow bigger and complex as the system matures and more often then not there is no proper documentation maintained. Another issues with scripts is that , when a same script is run again and again it doesn’t produce same consistent results. This is called idempotence.


Then there were graphical interface tools which seemingly made things look easier but were crippled when it came to peer review, see previous history of changes, roll back configurations or collaborate with team members. 


These problems can be averted and there can be an easier way for infrastructure management. The answer lies in ‘Infrastructure-As-Code’ or simply IAC.


Infrastructure As Code is better way to provision, configure and manage your infrastructure in companies which require scale and agility. Old school ways of doing things such manual tasks with documentation, one off brittle scripts or graphical interface tools don’t fully solve the inherent issues. 


IAC applies the pricinples of software developement to underlying infrasducture and makes it programmable. So all the good stuff about programming such as release tagging, CI/CD, automated testing, peer review and most importantly version control applied to big black box of provisioning and managing infrastutre. Neat, right ?


You define a machine readbale declartive file with all the config you want and BAM — goodbye to manual tasks, shady scripts and handicapped gui tools. So you write the code in either a high level language or descriptive langauge like YAML and it will automatically take care of provisioning infra with your cloud provider or any server for that matter and even manage deployments. 


There are lot of good tools in the market for adopting infrastructure as code such as Chef, Puppet, Terraform, SaltStack, Ansible etc


For example following ansible playbook ( a simple nginx.yml file) installs Nginx. 

- hosts: local
   - name: Install Nginx
     apt: pkg=nginx state=installed update_cache=true


when we run the command:


$ ansible-playbook -s nginx.yml

PLAY [local] ******************************************************************

GATHERING FACTS ***************************************************************
ok: []

TASK: [Install Nginx] *********************************************************
ok: []

PLAY RECAP ********************************************************************                  : ok=2    changed=0    unreachable=0    failed=0


So nginx.yml is a piece of code which stays in your version control along with other code. You can build as complex and multi step provisioning and deploying infrastructure as code files based on your requirement. You can do complex tasks like installing database, creating user, taking a dump, installing virtualenv — so basically everything that you can do manually or through scripts — you can do with IAC more reliably, consistently and collaboratively.


So the core insight behind building such a practice was that people realised that most of the provisioning tasks for infrasdture setup and maintaince are very well defined such as starting a virtual machine, installing and updating system packages, firing up a firewall and configuring its rules etc. So if there can be a suite of well tested modules or functions which can perform these tasks then it would make life really easy for everyone involved in the devops by offering a higher level abstraction. 


So infrastructure as code can be a boon for your devops team helping them move faster without breaking too many things. 




Join 1000+ People Who Subscribe to Weekly Blog Updates

Back to Blog Home