How do you treat your infrastructure as code: build it, create artifacts, test it, and deploy it iteratively? Why does this revolutionize configuration management?
- You may have created, or at least used some kind of systems automation in your career. But the DevOps approach to automation isn't just to hang some automation around your systems, it's to create and manage them as dynamic assets in the first place. - We call this approach infrastructure as code. It's where we treat infrastructure the same as we would treat code for applications. So what do we mean by that? Put simply, you write it in an ID, save it into source control, run tests on it, build it, package it and deploy it.
- Manually built and changed systems require a huge amount of work and cause a lot of trouble. The resulting systems are special snowflakes that aren't truly identical. Differences between test and production environments plague application quality. Unexpected and unreviewed changes have been proven to be the leading cause of downtime. - Yeah, so then we layer on systems and processes to control change and discover our infrastructure. This is to prevent configuration drift, but really it just adds a lot of bloat and more work without improving quality.
- That's right. We having a saying in DevOps. Servers should be cattle, not pets. You don't handcraft them and cater to their unique needs, you mass produce them using the standard mechanism, kill them and get more. Leave the cool customizations for the back of your laptop. - You know creating your infrastructure as code doesn't mean you need to learn C or Java. You'll learn some new, system specific languages, but the real difference is in your approach to systems as a whole. Infrastructure as code is about adapting a development approach to your infrastructure, and it's more of a cultural change than a technical one.
- That's right, it's hard to wean yourself from the tendency to log into the server and change it, but you'll have to. Like fixing a code bug, you'll change the code, build it, test it, and then deploy it. - When Ernest and I first worked together, it was on a web team without any build automation. We were creating systems using hundred item manual checklists. System changes and app deploys were done manually during releases, and documented in one of those right only configuration management systems that the enterprises love.
- So after awhile, the configuration of any given box was totally unreproducible. Boxes that should've been identical weren't, and troubleshooting the many production issues that resulted was a time consuming and difficult job. - Some weeks of on-call rotation, I would get 100 alerts and pages and pages of problems. - Yeah, we lost at least one pager from an on-call pager rage incident. - That wasn't me, I swear. - So when we formed a new team at the same company, to build software as a service product, we knew we couldn't repeat the past.
- [Man On Left] That's right, you know we agreed that our first priority had to be the implementation of a model-driven system that we would use to create and operate our systems and applications, even though it would take some more time to get going up front. - [Ernest] We built a tool that would simply take models that developers and operations engineers collaborated on in source control, instantiate them in the Amazon and Azure clouds, deploy code to them, and dynamically hook up the services to each other. First in a preproduction environment for testing, naturally.
- You know the difference was amazing. Suddenly ops became a nine to five job. We could focus more on design and implementation rather than on fire fighting and making manual changes. - And treating our infrastructure like it was code, was the secret sauce that made it work. - Now we talk more about the infrastructure as code approach and its role in DevOps in chapter four of DevOps Fundamentals. That's available here in the library, but now we're going to show you how to do it.
- Testing your infrastructure
- Going from infrastructure code to artifacts
- Unit testing your infrastructure code
- Creating systems from your artifacts
- Instantiating your infrastructure from a defined model
- Provisioning with CloudFormation
- Immutable deployment with Docker
- Container orchestration with Kubernetes