Treating computing infrastructure as code is the smart and modern way to provision software in the cloud. Here’s what it is and why it’s better. Credit: Putilich / Getty Images As more and more organizations move to the cloud, the skill of knowing how to provision and configure a physical server is becoming less relevant to how modern software is built and deployed. In today’s complex, software-driven world, where computing infrastructure is often neither seen nor heard, being able to provision and manage that infrastructure using declarative code, rather than manual configurations or even scripts, is imperative to running applications at web scale. A brief history of infrastructure as code While systems administrators have been using scripts to manage their infrastructure since the 1990s, the practice of treating infrastructure as code (IaC) didn’t fully coalesce until the end of the 2000s, when engineers like devops pioneer Andrew Clay-Shafer, Chef cofounder Adam Jacob, and Puppet founder Luke Kanies started to use the terminology. In a world of distributed applications, hand-tuning servers was never going to scale, and scripting had its own limitations, so being able to automate infrastructure provisioning became a core need for many first movers back in the early days of cloud. Today, that underlying infrastructure is more commonly provisioned as code, thanks to popular early tools in this space such as Chef, Puppet, SaltStack, and Ansible. But technology moves fast, and things have advanced since then. Here, we explain the fundamentals of infrastructure as code, and why it is the bedrock of modern software development practices today. Infrastructure as code defined In Infrastructure as Code: Dynamic Systems for the Cloud Age, Kief Morris explains that infrastructure as code boils down to three core practices: “Define everything as code, continuously test and deliver everything as you work, and build your system from small, loosely coupled pieces.” In terms of a working definition, Morris offers that IaC “is an approach to infrastructure automation based on practices from software development. It emphasizes consistent, repeatable routines for provisioning and changing systems and their configuration.” In practice, this typically sees devops teams make changes to an environment description and the version of the configuration model using a well-documented language like JSON or YAML. Once that environment is configured, changes can be made to the source, not the target, allowing for safer, more regular changes to be made to infrastructure on a vastly larger scale. Where infrastructure as code and devops meet As a way to automate initial configuration and subsequent changes, infrastructure as code is a key part of modern devops practices, where developers and operators are expected to work hand-in-hand to deploy software more quickly and more often. By automating and versioning infrastructure builds, IaC tools can help free up application developers to focus on what they do best and liberate system administrators from toiling over manual processes. Using code to provision and maintain infrastructure helps to bring developers and operations specialists closer together earlier in the software development lifecycle, and helps to instill the discipline, clarity, and repeatibility of software development in operations. With automation and collaboration being key tenets of devops practices, IaC tools also become a central hub for how that team works together effectively. The benefits of infrastructure as code The key benefits to treating infrastructure as code hinge on the shift away from manual processes and the freedom that automation provides to devops teams. This brings with it a degree of cost savings and can also boost the velocity at which these teams can safely deliver changes to their applications. As Simple Thread cofounder Justin Etheredge wrote in a 2020 blog post, “Infrastructure as code gives you the freedom to make changes without the fear that you’ll put things in an unrecoverable state. And it gives you a better understanding of how the environment came to be the way it is, which allows you to be more confident to make the changes you need.” In his book, Morris outlines seven key benefits to IaC over traditional provisioning methods. These are: Using IT infrastructure as an enabler for rapid delivery of value Reducing the effort and risk of making changes to infrastructure Enabling users of infrastructure to get the resources they need, when they need them Providing common tooling across development, operations, and related functions Creating systems that are reliable, secure, and cost-effective Making governance, security, and compliance controls visible Improving the speed to troubleshoot and resolve failures Infrastructure-as-code tools The tools required to implement infrastructure as code tend to land in two camps: configuration orchestration and configuration management. The most popular orchestration tools are AWS CloudFormation, Google Cloud Deployment Manager, HashiCorp Terraform, Microsoft Azure Resource Manager, and Pulumi, which all variously allow developers to automate the deployment of infrastructure. On the configuration management side, third-party tools like Ansible, Chef, Puppet, and SaltStack remain popular ways of configuring, storing, and automating builds of virtual server environments, while many developers use Docker for their container images. Many of these tools can be used in tandem, as the likes of Ansible, Chef, Puppet, and SaltStack focus on managing configurations on infrastructure that already exists, while the provisioning tools like Terraform abstract that infrastructure layer away. Getting started with infrastructure as code Adopting infrastructure as code will typically be part of a broader organizational shift towards the cloud and devops practices. While much of this shift can sound pretty intimidating, implementing infrastructure as code is key to modernizing your approach to building and running software. “Sometimes it can take a bit longer to make changes with infrastructure as code,” Etheredge warns, “but this is one of those situations where you need to slow down to speed up. Being diligent about making changes through your scripts will undoubtedly save you countless hours during an outage or when troubleshooting. And you’ll be so much more confident in your changes because you can test that change against a test environment instead of crossing your fingers and running the update straight against production. Even in small environments the payoffs can be enormous.” Or, as Morris wrote, “Automating your infrastructure takes work, especially when you’re learning how to do it. But doing it helps you to make changes, including building the system in the first place.” Related content analysis Strategies to navigate the pitfalls of cloud costs Cloud providers waste a lot of their customers’ cloud dollars, but enterprises can take action. By David Linthicum Nov 15, 2024 6 mins Cloud Architecture Cloud Management Cloud Computing analysis Understanding Hyperlight, Microsoft’s minimal VM manager Microsoft is making its Rust-based, functions-focused VM tool available on Azure at last, ready to help event-driven applications at scale. By Simon Bisson Nov 14, 2024 8 mins Microsoft Azure Rust Serverless Computing how-to Docker tutorial: Get started with Docker volumes Learn the ins, outs, and limits of Docker's native technology for integrating containers with local file systems. By Serdar Yegulalp Nov 13, 2024 8 mins Devops Cloud Computing Software Development news Red Hat OpenShift AI unveils model registry, data drift detection Cloud-based AI and machine learning platform also adds support for Nvidia NIM, AMD GPUs, the vLLM runtime for KServe, KServe Modelcars, and LoRA fine-tuning. By Paul Krill Nov 12, 2024 3 mins Generative AI PaaS Artificial Intelligence Resources Videos