Terraform Series - What is IaC?
This article was last updated on: July 24, 2024 am
Series of articles
👉 Terraform series of articles
preface
When it comes to Terraform, can’t you bypass the concept of IaC? So, what is IaC? 🤔
Basic concepts
Infrastructure as Code (IaC) refers to passingcodeInstead of manual processes/console clicks to manage and configure infrastructure.
Here are 2 keywords:
- Infrastructure
- Code
Infrastructure is the object to be managed, here, mainly refers to the public cloud (but also private cloud, hybrid cloud, etc.).
Code is a way of managing, that is, managing public cloud resources as if it were code. Then the most important part of managing code: version management is inescapable.
With IaC, the configuration file created contains the spec of the infrastructure, which makes it easier to edit and distribute the configuration. IaC also ensures that the same environment, the same resources, the same configuration are available every time. By editing and documenting the specs of the configuration, IaC helps avoid undocumented, temporary configuration changes (provided, of course, that everyone is using IaC, rather than someone clicking modify in the console and causing configuration drift).
VersioningAn important part of IaC, configuration files should be source controlled like any other software source code file.
In addition, with the development of the public cloud, the standardized APIs of the public cloud also make it possible to modularize infrastructure components (called modules in Terraform), and users can combine these basic components like building blocks. For example, if you create a static blog on AWS, you can combine the following components:
- Route53
- CloudFront
- S3
Two implementations of IaC
There are two ways to implement IaC:DeclarativeandImperative。
A declarative approach defines the ideal state of the system, including the resources needed and any properties they should have, and the IaC tool will automatically configure it.
Terraform is based on the IaC declarative philosophy. Before Terraform became popular, another declarative development was, of course, Kubernetes!
The declarative approach also maintains a list of the current state of system objects, which makes tearing down the infrastructure more manageable.
Instead, an imperative approach defines the specific commands required to implement the desired configuration, which then need to be executed in the correct order.
A typical example is Ansible.
IaC tools are often able to run in both ways, but tend to prefer one over the other.
For example, Terraform, which prefers declarative methods, but there are still many imperative methods left in its provider, modules, and functions, such as:local-exec
Benefits of IaC
IaC (especially declarative) evolved with the public cloud.
Provisioning infrastructure has historically been a time-consuming and costly manual process. Infrastructure management has now shifted from physical hardware and virtualization in the data center to containers and cloud computing.
With cloud computing, the number of infrastructure components continues to grow, more applications are released into production every day, and infrastructure needs to be able to be started, scaled up, and shut down frequently. Without proper IaC practices, managing the scale of today’s infrastructure becomes increasingly difficult.
IaC can help your organization manage IT infrastructure needs while improving consistency and reducing errors and manual configuration.
This is the necessity of IaC.
advantage
- Reduce costs
- Increase deployment speed
- Reduce (manual configuration) errors
- Improve infrastructure consistency
- Eliminate configuration drift
Terraform is the de facto leader in the IaC space
Terraform is undoubtedly the de facto leader in the IaC space.
All major public clouds, private clouds, virtualization, K8s, and containers maintain corresponding Terraform Providers and Modules.
IaC tools
What are the IaC tools? At present, the mainstream ones are:
Declarative:
Imperative:
Why is the recent popularity of declarative IaC?
I think there are mainly the following reasons:
- The benchmark role of Kubernetes
- Standardization and scale of public cloud resources and APIs
- Specific to cloud hosts, cloud-init, packer (making cloud images is becoming more and more convenient), and immutable infrastructure are also one of the reasons.
Why is IaC important for DevOps?
IaC is an important part of implementing DevOps practices and CI/CD. DevOps and CI/CD are primarily at the application and component level, while IaC removes much of the configuration work from developers, who can execute scripts to get their infrastructure ready.
This way, application deployment doesn’t stop waiting for infrastructure, and system administrators don’t need to manage time-consuming manual processes. Then the entire process of development and deployment iteration will be faster and faster, faster and faster.
IaC helps you coordinate development and operations because two teams can see the full picture of the infrastructure in the repository.
And each environment can use the same deployment process. Environmental consistency is also guaranteed, and if the development test is passed, the probability of production problems is also small.
DevOps best practices also apply to infrastructure in IaC. Infrastructure can apply the same testing and version control to infrastructure code through the same CI/CD pipeline as the application during software development. Introduce IaC’s modules code into the DevOps concept for rapid testing and rapid iteration.
summary
What is IaC? Infrastructure as Code (IaC) refers to passingcodeInstead of manual processes/console clicks to manage and configure infrastructure.
There are two implementations of IaC: declarative and imperative, and now the more mainstream is declarative.
Why do you need IaC? With the massive infrastructure that cloud computing brings, IaC has become a must-have tool.
IaC can also align with DevOps processes/philosophies.