Infrastructure As Code: An Ultimate Guide

So you wanna learn Infrastructure As Code? Maybe you’ve heard about it and want to understand more about the topic, or maybe you’re evaluating whether it’s right for your business. Whatever your reason for needing to know what Infrastructure As Code is, you’re in the right place.

Infrastructure As Code Tool Logos

For Cloud Native software engineers, Infrastructure As Code is an essential skill. You’ll need to understand and implement Infrastructure As Code to achieve any moderately large Cloud architecture in a professional way. So it’s safe to say that learning Infrastructure As Code is a great investment.

By the end of this article you should understand what Infrastructure As Code is, what the benefits are, and how you can get started using Infrastructure As Code today.

Breaking Infrastructure As Code Down

Before we jump into the details, let me give you an idea of how we’re going to break down this big old topic of Serverless…

Part 1: Understanding Infrastructure As Code First up we’ll get a handle on what infrastructure as code is and why it’s important. 

Part 2: Infrastructure As Code Tools In the second part we’ll look at how you can implement infrastructure as code in different ways. 

Part 3: Moving To Infrastructure As Code Lastly, if you already have existing infrastructure, we’ll go through how you can convert that existing infrastructure to infrastructure as code. 

Sound good to you? Let’s get to it.

Part 1: Understanding Infrastructure As Code

What is Infrastructure As Code?

Let’s start by defining what Infrastructure As Code is…

Infrastructure As Code is the practice of keeping infrastructure definitions within code and subsequently in version control. When your code is managed in version control you get benefits such as: you can apply the same code review processes as you would to regular code.

One of the best ways to understand the definition of Infrastructure As Code is to consider the anti-thesis: Manually created infrastructure. Manually created infrastructure is infrastructure that has been created by an individual, and rather than documented in code it’s documented in textual format, or worse not at all.

Manually created infrastructure is much hard to track, often comes undocumented and ultimately ends up with a team or company unwilling to touch their infrastructure due to fear of it breaking.

For more details on the what and the why of infrastructure as code, check out: Infrastructure as Code: A quick and simple explanation.

Why Learn Infrastructure As Code?

Before we get into the benefits of infrastructure as code for a business, let’s consider the personal reasons to learn infrastructure as code. Why would you, as a software engineer, want to learn infrastructure as code?

Better Cost Management

One of the best ways to learn cloud resources is through experimentation. But one of the difficulties of experimenting is that it’s easy to leave cloud resources running and end up getting a large cloud bill. But by writing your infrastructure in code, it’s easy to rollback changes once they are applied.

Saved Change History

This ease of rollback for infrastructure can ease frustration by making the creation process of infrastructure repeatable and tracked. When you write your infrastructure as code, and not manually it’s easy to see the history of your changes and go back in time.

To learn more about the reasons you should learn Infrastructure As Code, check out: 5 Important Reasons To Learn Terraform Before Cloud Computing.

The Benefits of Infrastructure as Code

We’ve now covered some of the personal reasons that you might want to learn infrastructure as code, but these reasons are not the same as why a business might want to invest in infrastructure as code. Let’s cover those now…

Team Collaboration

When Infrastructure is written as code, different team members are able to collaborate on the software in the same way they would with regular application code through tools like Github. Code that is added can be easily linked to issue tracking systems to document reasoning.

Infrastructure As Code can then also be executed as part of a build pipeline. When you use Infrastructure As Code in a build pipeline the whole team gets visibility on what has been executed, when, and by whom. When it comes to deployments and debugging issues having traceability is a very useful feature.

Disaster Recovery

By having Infrastructure As Code it means you can usually recover from disasters quicker. If all infrastructure is all created manually, it all has to be manually rebuilt. However, when we have our infrastructure written as code we can typically just re-run our scripts to have the same software provisioned again.

Documentation

As we mentioned briefly before, Infrastructure As Code helps to document features. When commits and pull requests are made into version control it becomes easy to retrace our steps and understand why code was written.

Refactoring Existing Infrastructure

Due to the nature of being able to easily re-run Infrastructure when it’s written as code, and not manually means that refactoring existing infrastructure is more easy to achieve. If a change didn’t apply properly, the previous changes can be reverted to and rolled out.

If you’re using Terraform, you can leverage it’s features to refactor easily, for more information check out the article: 3 Terraform features to help you refactor your infrastructure effortlessly

Approaches: Declarative vs Imperative

Not allInfrastructure As Code is born the same. We have two flavours: Declarative and imperative. Declarative infrastructure as code declares the end state that you want your infrastructure as code to achieve. Then, your infrastructure as code tool will work out what changes are required in order to get there. Whereas imperative Infrastructure As Code is a step by step instruction on how to create infrastructure.

DeclarativeInfrastructure As Code typically comes with the ability to operate on the full life-cycle create, update, delete etc. Whereas imperative typically only works on the ones that have been coded for, so just creating, or updating, or deleting.

For a more in-depth explanation, read the full article on Declarative vs. Imperative Infrastructure As Code

Part 2: Infrastructure As Code Tools

Main Infrastructure As Code tools

When it comes to implementing infrastructure as code there are many different ways and tools. Simply putting an AWS CLI command into a bash script, and pushing it up to Github counts as infrastructure as code. But there are some problems with that approach that we’ll come to later.

Now that we’ve covered what Infrastructure As Code is, and why we’d want it you might be wondering: But what are the main tools that implement Infrastructure As Code, and what are their differences? Let’s quickly introduce the main Infrastructure As Code tools, and explain a little about them.

  • TerraformTerraform is a tool created by Hashicorp. It’s independent of other cloud providers and is mostly used for resource provisioning.
  • CloudFormationCloudFormation is the implementation of Infrastructure As Code in AWS.
  • Puppet / ChefPuppet and Chef are configuration management tools that help you to script your configuration changes.
  • AnsibleAnsible is a stand-alone infrastructure as code tool. Engineers use Ansible to run remote commands on servers via SSH.

When it comes to comparing Infrastructure As Code tools, a topic that comes up fairly often is the idea that Infrastructure As Code tools can be declarative, but what does that really mean? Let’s look at that now.

Which Tool Should You Start With?

Terraform

Terraform

Now that we’ve talked about the different tools you might be thinking: woah, that’s a big list! And it is. But if you’re new to infrastructure as code the number one tool that I’d recommend you start with is: Terraform. But why?

  • Cloud Agnostic — Terraform works with many cloud providers
  • Declarative — A best practice for infrastructure as code

If you want to learn more about Terraform I also created a free online email course that you can check out called Terraform Kick Start. The course is designed to take you step by step through the key concepts you’ll need to know when learning Terraform, and ultimately get you up and running.

Find out more…

Part 3: Moving To Infrastructure As Code

Can You Migrate Existing Infrastructure?

Maybe you’re sat here thinking damn: “This infrastructure as code stuff sounds great, but I’ve already created my infrastructure manually… What should I do?”

If that’s you, then not to worry because many infrastructure as code tools give you ways that you can move existing infrastructure under management. Since we’ve already discussed Terraform today let’s take a quick look at how you can import resources into Terraform.

If you scroll right to the bottom of any Terraform configuration page you’ll see a command to import the resource. Importing the resource essentially means that the resource is now under management from Terraform. Any changes such as updates or deletes will now be applied to that resource.

As you can see, managing already created infrastructure is often supported by infrastructure as code tools — so you can apply the same ideas we’ve talked about today even if you’ve already created your infrastructure as code.

To learn more about how to migrate existing infrastructure in Terraform, check out: 3 Steps To Migrate Existing Infrastructure To Terraform

Becoming An Infra Pro

And we’re now at the end of today’s ultimate guide to infrastructure as code!

Hopefully that helped clear up what the concept is, why you’d want to learn it and also how you can get started.

If you’re now itching to learn more, here’s everything we’ve written so you can dive in to the areas that you’re most curious about.