Presented at All Things Open RTP Meetup
Presented by Phil Sautter, cloud and infrastructure technology consultant
Title: Getting Started with Infrastructure-as-Code
Abstract: This session provides an introductory look at the current state of Infrastructure-as-Code (IaC) tools. In it, we'll cover a brief history of IaC and its use cases. Then we'll look at the top IaC tools, understand how they differ from each other, and discuss why an organization may want to adopt one over another. Finally, we'll wrap up with some additional resources to get you going on your IaC journey.
3. Infrastructured • feb. 09, 2023
A LITTLE BIT ABOUT ME
• NC Native [almost]
• Former Cryptolinguist
• Husband and Father
• 3 Gartner Magic Quadrants
• 2 CNCF Tech Radars
• 14 Years in the Cloud and Infrastructure Space
• Recently started Infrastructured
People call me
phil
... and sometimes paul
4. Presentation
Highlights
Focus areas
- The history of IaC
- What is IaC
- The current IaC ecosystem
- IaC best practices
- Closing summary
- About Infrastructured
Infrastructured • feb. 09, 2023
5. > USING CODE
A History of
Infrastructure
AUtomation
Infrastructured • feb. 09, 2023
6.
7. Timeline
IaC Evolved
1975
Systems Scripting via PWB shell
1993
Configuration-as-Code via CFEngine
2010
Infrastructure-as-Code via CloudFormation
Infrastructured • feb. 09, 2023
8. Systems
Scripting
• Bash
• PowerShell
• PowerCLI
• Perl
Infrastructured • feb. 09, 2023 Infrastructured • feb. 09, 2023
Tools such as:
Configuration
-as-Code
• CFEngine
• Chef
• Puppet
• Ansible
Tools such as:
9. If we have
all these
tools, why
do we need
Iac?
API DRIVEN INFRASTRUCTURE
DIGITAL TRANSFORMATION
EVERYTHING AS SOFTWARE
Infrastructured • feb. 09, 2023
10. The Right Tool for the Right Job!
INFRASTRUCTURE-AS-CODE
Use to provision and manage
your cloud infrastructure
CONFIGURATION-AS-CODE
Use to configure the services
running on your cloud
infrastructure
Infrastructured • feb. 09, 2023
14. Idempotent
Operations
idempotence?
A quality of an action such that
repetitions of the action have no
further effect on outcome
What it means for Iac
Each time you run your IaC
configuration, you get the same
results.
e.g. You have an IaC config for a
single ec2 instance. Each time you run
it you are left with a single ec2
instance.
Infrastructured • feb. 09, 2023
15. Change
Management
What's that?
The controlled implementation of
required changes to some system
What it means for Iac
Easy to store IaC in a version control
system such as Git
Every infrastructure change can be
tracked, checked for compliance, and
attributed before deployment
Changes can be tested before approval
Infrastructured • feb. 09, 2023
16. Collaboration
now i have to Share?
Collaboration is essential in the
modern work environment
What it means for Iac
Since it's easy to store IaC in a
version control system such as Git,
it's also easy to collaborate with
other people during the development and
upkeep of your infrastructure, just
like a software engineering team would
collaborate on a program.
Infrastructured • feb. 09, 2023
17. Testing
I was told there
would be no math
Not that kind of testing! The software
kind...
What it means for Iac
IaC tools offer the ability to dry-run
changes before deployment, allowing you
to see what will happen when you
execute your config.
Infrastructured • feb. 09, 2023
19. Infrastructured • feb. 09, 2023
Infrastructured • feb. 09, 2023
Infrastructured • feb. 09, 2023
IaC Tooling Paradigms
A TOOL FOR EVERY USE CASE
Something
to
think
about
20. Language
DOMAIN SPECIFIC LANGUAGES
Typically a configuration language
like JSON or YAML, but also custom
languages like HCL
GENERAL PURPOSE LANGUAGES
Languages like JavaScript,
TypeScript, Java, Go, .NET, C#, &
Python
Infrastructured • feb. 09, 2023
21. Platform Support
PLATFORM SPECIFIC
Tools designed to support a single
platform
PLATFORM AGNOSTIC
Tools designed to support multiple
platforms
Infrastructured • feb. 09, 2023
22. Infrastructured • feb. 09, 2023
Infrastructured • feb. 09, 2023
Infrastructured • feb. 09, 2023
Platform Specific Tools
AWS AND AZURE
Something
to
think
about
23. AWS
Cloudformation
ONLY WORKS W/ AWS
USES A JSON BASED DSL
GREAT COVERAGE FOR AWS RESOURCES
DOCS
https://aws.amazon.com/cloudformation/
24. AWS Cloud
development kit
(CDK)
ONLY WORKS W/ AWS
USES GENERAL PURPOSE PROGRAMMING
LANGUAGES
Supports TypeScript, JavaScript, Python, Java, C#,
Go
GREAT COVERAGE FOR AWS RESOURCES
DOCS
https://aws.amazon.com/cdk/
25. Azure Resource
Manager (Arm)
ONLY WORKS W/ MICROSOFT AZURE
USES A JSON BASED DSL
GREAT COVERAGE FOR AZURE RESOURCES
DOCUMENTATION
https://learn.microsoft.com/en-us/azure/azure-
resource-manager/templates/
26. Azure bicep
ONLY WORKS W/ MICROSOFT AZURE
USES A CUSTOM DSL CALLED BICEP
GREAT COVERAGE FOR AZURE RESOURCES
DOCS
https://learn.microsoft.com/en-us/azure/azure-
resource-manager/bicep/overview
27. Infrastructured • feb. 09, 2023
Infrastructured • feb. 09, 2023
Infrastructured • feb. 09, 2023
Platform Agnostic Tools
CROSSPLANE, PULUMI, AND TERRAFORM
Something
to
think
about
28. Crossplane
A CLOUD NATIVE COMPUTE FOUNDATION (CNCF)
PROJECT
Built around Kubernetes
USES KUBERNETES MANIFESTS
Which are written in YAML
33 INTEGRATIONS
https://marketplace.upbound.io/providers
DOCUMENTATION
https://docs.crossplane.io/
29. Pulumi
STARTED BY EX-MICROSOFT ENGINEERS
USES GENERAL PURPOSE PROGRAMMING
LANGUAGES AND A YAML DSL
Supports TypeScript, JavaScript, Python, Go, .NET,
Java, and YAML
DOCS
https://www.pulumi.com/docs/
121 INTEGRATIONS
https://www.pulumi.com/registry/
30. Terraform
STARTED BY EX-AWS ENGINEERS
USES A DSL AND GENERAL PURPOSE
PROGRAMMING LANGUAGES
Primary support for HCL but recently added CDK
language support as well
DOCS
https://developer.hashicorp.com/terraform/docs
2800+ INTEGRATIONS
https://registry.terraform.io/
34. About
Infrastructured
Cloud Migrations
Do it right, the first time
Cloud Accelerator
Rapidly improve your cloud maturity
Automation
Development
Custom code and integrations using
industry best practices
Infrastructured • feb. 09, 2023