The document discusses treating infrastructure as code by building pipelines that are testable, repeatable, destroyable, and reviewable. This involves using a toolchain to manage infrastructure in a way that addresses the problems of complexity, fragility, and misalignment that currently exist. The goal is to provide a solution and vision for more effectively developing and managing infrastructure.
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Infrastructure as Code
1. I N F R A S T R U C T U R E A S C O D E
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
2. B A C K G R O U N D
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
3. T H E P R O B L E M
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
4. C O M P L E X I T Y
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
5. F R A G I L I T Y
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
6. M I S A L I G N M E N T
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
7. A S O L U T I O N ?
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
8. B U I L D P I P E L I N E S
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
9. W H Y ?
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
10. T E S TA B L E
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
11. R E P E ATA B L E
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
12. D E S T R O YA B L E
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
13. R E V I E WA B L E
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
14. D E V O P S
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
15. V I S I O N
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
16. C L A R I F I C AT I O N S
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
17. H O W ?
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
18. T O O L C H A I N
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
19. W H AT ’ S N E X T ?
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
20. Q U E S T I O N S ?
Shaw Innes - web: shawinnes.com - twitter: @ShawInnes
Editor's Notes
infrastructure as code is a means to solve a number of the problems of configuration management of medium to large scale data centres
however the principles can be applied to any system management challenge
about me
devops engineer
continuous delivery team - enabling CD, not doing CD
which is used to help champion a DevOps movement and culture within the company
continuous delivery is improving the application build and deployment process, but not the whole ecosystem
as a result, the increased frequency of application deployments is placing more strain on infrastructure
and current infrastructure configuration management is mostly manual
as a side-effect of long-lived environments there are lots of point-solutions, firefighting and patching which results in machines and environments which are all a little different, like snowflakes
long-lived enterprise networks and application architectures can become extremely complex especially in environments where they grow as a result of a number of mergers and acquisitions
with this complexity comes fragility and making changes to any part of the systems can result in unforeseen side-effects
this reduces peoples’ willingness to make small improvements which means the whole system slowly drifts into a state of disrepair
when there are manually deployed applications or manually maintained infrastructure, generally there will become a lack of consistency between development, test and production environments
there will also be a mismatch between the cadence of updates to application software and the underlying systems upon which they rely.
this will result in unforeseen problems when attempting to make changes to the systems.
based on looking at what operators of large data centres are doing the following solution is one possible way to manage the deployment and configuration of:
developer pc, single servers, multiple servers, full stack environments, production
multiple operating systems with less reliance on vendor-provided solutions
physical machines, virtual machines, on-premises and cloud environments
the idea is to create build “pipelines” by automating processes we can build a chain of dependent steps which result in reliable infrastructure builds
the build pipelines will be driven by version controlled source code and configurations
but you might ask why are build pipelines the answer?
there are a number of compelling reasons
an amusing one which I heard was “because you can’t deploy visio diagrams to production”…
by using practices commonly used in software development
such as “test driven development” (TDD)
we can define what our environment configuration should look like
and then perform automated tests to ensure that our code and configuration will
actually result in the correct output
just as continuous integration provides software developers with an easily repeatable process to build and test their software we can apply this to infrastructure and by repeating the process you are able to incrementally improve each time
one of the main reasons why environments become unmanageable is because they are long-lived
the more time between creation and destruction, the more time you are allowing for configuration-drift
and long-lived environments encourage patching and modification which eventually results in configuration drift
but if you make it so easy to recreate them that you can routinely destroy them then you avoid this problem
another other challenge with complex environments is change control and auditability
if your infrastructure configuration is contained in source control
it’s very easy for upcoming changes to be reviewed and audited
and these practices can be built into the pipeline
if you build a pipeline where the infrastructure code is shared between the development team and infrastructure or operations team you create more of a DevOps culture by giving the teams a shared goal and shared responsibility
the vision is to create the ability to use a consistent, automated, version controlled system to build and maintain development, test and production environments.
the pipeline to build, test and deploy infrastructure should be very similar to those used by software teams for the delivery of applications, and in fact it’s very likely that both pipelines will eventually merge into one
developing a DevOps culture and using a small collection of tools we can make the solution agnostic to hosting strategy (either on-premises or cloud), and all the way from a single server up to a full-stack environment
there are a few assumptions about infrastructure as code or “programmable infrastructure” which should be clarified:
it’s not about just automatically firing up virtual machines
it doesn’t replace continuous delivery, but rather provides a stable platform to enable it
it should be done in such a way so as to allow as much re-use of code from development all the way through to production
the same patterns should be applicable from a single machine all the way to a full-stack environment
you don’t need to have the full picture to get immediate benefit, starting with a way to configure developer workstations would save new developers a couple of days
so how do we do this? similar to the processes we have begun for transforming our software delivery processes through continuous delivery we will develop the patterns and practices to enable continuous delivery of infrastructure components
this will be done using a combination of existing tools and a number of industry-accepted opensource and commercial products
github for source control
chef for configuration management and automation
packer for building machine images
vagrant for development of infrastructure code
vmware for on-premises virtualisation
teamcity for build automation and pipeline execution
octopus deploy for application configuration and deployment
so what’s next?
learn about configuration management tools to configure individual machines or servers
research what other businesses are doing to solve these challenges
start an infrastructure as code project to bootstrap the building of an infrastructure delivery pipeline
combine the power of infrastructure automation with the existing benefits being realised by continuous delivery projects
if you have any questions please feel free to contact me through email, website or via twitter