The Computer Weekly Developer Network (CWDN) continues its Infrastructure-as-Code (IaC) series of technical analysis discussions to uncover what this layer of the global IT fabric really means, how it integrates with the current push to orchestrate increasingly cloud-native systems more efficiently and what it means for software application development professionals now looking to take advantage of its core technology proposition.
Vermandé writes as follows…
For many companies, the early adoption of public cloud has been hindered by a lack of standards. Although APIs and programming libraries have been provided since the beginning, cloud engineers struggled to create a repeatable framework because of the dynamic nature of their projects.
In the context of the Cloud Service Provider (CSP) landscape, the complexity increases since every provider has a specific set of APIs and automation toolsets.
The concept of Infrastructure-as-Code (IaC) has introduced the standardisation of infrastructure components defined in a declarative language, which can also be extended to on-premises and application components. The adoption of IaC paradigms has reshaped how people build datacentre and cloud software infrastructures.
DevOps in IaC
DevOps principles further helped the adoption of IaC by promoting the concept of immutability to deploy and also operate the platform. Updating a system means re-deploying a new version of that system, deleting and replacing the old one. As DevOps heavily relies on software development principles, it makes sense to leverage IaC to perform these operations.
So then, logically, we can say that IaC is a means to a DevOps end.
IaC principles such as immutability and resources defined as code are also present in the cloud-native landscape. Cloud-native relies on immutable software containers and orchestrators such as Kubernetes to manage the lifecycle and deliver a cutting-edge cloud operating system for modern applications.
Kubernetes, like IaC, brings a standard framework to make cloud infrastructures portable and easily repeatable across all providers.
As another evolution, the intersection of IaC and Kubernetes is now defining a new way of managing cloud environments. Since Kubernetes hinges on a declarative and extensible API, it can natively represent IaC resources as first-class citizens. This means cloud workloads and other infrastructure services can be codified and stored in the Kubernetes platform as native objects and take advantage of its capabilities. This includes the automation of Create, Read, Update, Delete (CRUD) operations based on events attached to Kubernetes objects.
Deploying an AWS instance becomes as easy as creating a YAML file and sending it to Kubernetes. Similarly, deleting or updating infrastructure components is achieved by executing trivial Kubernetes operations.
(Crossplane.io is an open-source project that perfectly illustrates this concept). It allows developers to reduce the friction between software and infrastructure even more. A unique platform is now hosting both the application code and the infrastructure definition. These components are always aligned and managed the same way, substantially simplifying the enforcement of compliance, security, audit and monitoring rules. The benefits of this approach are not only technical, but they also impact the business by providing more visibility, resilience, and correlation capabilities.
Since the early days of DevOps, IaC has been a core component that ultimately helps build software in a much more scalable and resilient way. From managing simple resources in the cloud using Terraform to deploying a cluster of databases in AWS using Kubernetes Custom Resource Definitions, IaC concepts have matured over time.
Although Terraform and Ansible have been paving the way for a long time, more recent players such as Pulumi take an approach that is less declarative. It makes use of standard programming language primitives, which unlocks additional use cases and provides more flexibility for developers.
On the flip side, the adoption of DevOps, IaC and cloud-native workflows requires operational teams to develop their knowledge and architects to understand all the moving parts. The learning curve is steep, but recent AWS failures have shown that mastering these concepts can greatly improve business continuity. Extending cloud resources to multiple AZ or regions (or even different CSP) is mandatory to keep the lights green.
The standardisation and automation brought by the technologies we’ve described are key components required to achieve this goal.
Ondat is a Kubernetes-native platform for running stateful applications, anywhere, at scale. Ondat delivers persistent storage directly onto any Kubernetes cluster for running business-critical, stateful applications safely across any public, private and hybrid clouds. It provides an agnostic platform to run any data service anywhere.