For eons, we (System Administrators, Network Administrators, and all others in the field) have been installing, managing, and monitoring servers, networks, and software deployments manually. This is a hectic and time-consuming process requiring a team of full-time engineers to curate these critical systems, so that the business keeps running smoothly. The focus was reliability at the cost of agility and innovation.
However, the sands of time have shifted, and the number of servers and services required to achieve business goals in today’s world has increased exponentially. This has made it impossible to continue classically managing the servers. Hence the advent of DevOps and concepts like Infrastructure as Code (IaC).
IaC is the methodology used to deploy datacenters, servers, networks, security solutions, software, websites and how you configure them using code in an automated and reproducible way to avoid human error.
There are many benefits to implementing IaC. These include:
In absence of manual intervention and configuration, deployments are quick, safe, and repeatable.
Any version control tool such as Azure DevOps and Github provide increased transparency and allows any size of team, from anywhere around the world, to work on same piece of code- thus increasing speed at which changes can be carried out.
Code itself is living documentation of the infrastructure you have deployed using IaC, as every aspect of it is being managed within code.
This approach makes it easy to track the configuration changes and to revert to previous configuration if something goes awry.
As everything is in code, unlike manual deployments, each deployment via IaC will be the same and consistent across the board.
DevOps provides the capability to update the whole infrastructure in a controlled manner or in a single go, with minor or major feature updates, without waiting for time consuming manual steps.
The same code could be used to create multiple environments such as dev, staging and production or components of code could be used across different products such as virtual machine or network creation.
In short, infrastructure as code offers many opportunities to ensure increased speed, agility, and consistency.
It can be a big undertaking to implement Infrastructure as Code in an existing environment because it affects not just the current infrastructure configuration, but also current integrations and management. It is highly recommended to start using IaC methodology on a new project or greenfield environment to get comfortable with it. By working with an Azure Expert MSP like InTWO, we can help identify your specific needs, challenges and support you during your move to the cloud.
The first step is to define how to approach the deployment and management of the environment. Will you be deploying the same set of resources and configuration for multiple environments (for example – Production, Acceptance, Test environments)? Is this an environment that is updated often? Will you be doing monthly updates for OS or applications within the environment? Who will be performing code updates and releases?
Depending on the type of environments, target location, triggers for initiating changes, and administration access required, your continuous integration and continuous deployment (CI/CD) approach will be shaped. Outlining the approach is crucial to understand the requirements for implementation. There are a set of Best Practices that should be followed when defining and implementing your IaC approach, namely:
As a fundamental rule, try to code and automate each and every possible part of your infrastructure requirements. There are several tools available to cater to different scenarios. For example, you can use the Azure Resource Manager (ARM) template to automate the deployment of Azure Services, while you can use PowerShell to install software on those servers or use Chef/Puppet for configuration management. There are countless other options such as YAML, Python, Terraform, Packer, Cloud Foundry suitable to your needs.
It is important to write your code in modular and independent, smallest possible deployable unit fashion, and then combine them using DevOps. Such an approach brings several benefits to the table such as:
Using a version management tool such as GitHub or Azure DevOps provides the ability to track, manage, and restore changes made to the code or configuration if the need arises. Versioning also helps with troubleshooting and diagnosing the issue, if required.
It is of paramount importance that every single piece of code and configuration is tested and ratified. This is often done using preproduction environments such as acceptance and staging to ensure that everything is within desired target parameters. This ensures that your production environment will be error-free, stable, and reliable.
There is no denying the importance of documentation, however, it is recommended that code should be the document itself and written in a way that is easy to understand and is commented in an orderly fashion. As everything is automated, documentation should be limited to operational issues and procedures only.
When the DevOps methodology has been defined according to the IaC best practices and it meets your specific requirements, the next step is to select a tool to manage your code and deployment.
At InTWO, we largely utilize Git Repositories and Azure DevOps. For Azure Cloud environments specifically, deploying and managing entire environments with their supporting resources can be handled through ARM templates and PowerShell scripts. Azure DevOps is not the only option for Azure IaC deployments, but it certainly is a great choice as pre-defined tasks are available in Azure DevOps pipelines for ARM and PowerShell along with many other Azure and third-party integrations.
Once a tool (or set of tools) is selected, just start testing! Testing IaC deployments is essential to get familiar with the tooling, scripting, and update process. There are many resources available online to help get started based on the tool and target infrastructure.
For many companies, migrating to the cloud can be an overwhelming undertaking. We can help identify your specific needs, challenges and support you during your move to the cloud.