Infrastructure as Code: Overview
The underlying process of rack and stack servers is never found to be favorable. For almost every primary setting, configuration and tweaking, the system is solely dependent upon human interventions which are risky and cumbersome. That is why the spinning idea of ‘Infrastructure as code’ sounds promising to make this process handy and efficient by capturing these granular details in a codified way-and then lead the way for automation. The real purpose is to deal with the dynamism of our infrastructure and enable it to grow as our user base grows, or the business capabilities grow.
Managing server-side configurations, and other related components of server machines, configuration files, VMs and rest of the network-level details is really challenging and overly complicated in many cases. Setting up an infrastructure or a web server is more than just installation of packages. There are several configurations that need to be done in order to have the network traffic flow for your APIs or web solutions. Even if there are no crashes or downtimes, addition of a new node in the cluster might require setup, and modifications in the load balancers that are installed.
Doing all this by hand, increases the risks of problems. Even if your infrastructure engineer is reliable, perfect with his job, and configures everything just fine, you simply cannot rely on a single resource forever. Someday a new resource might have to do these tasks, and that is when you will understand the importance of automation and DevOps: DevOps then leads to Infrastructure as Code.
Writing a piece of code would alleviate the major problems and risks associated with the iron sight configurations. Also, it gives you ease and flexibility to design a scalable infrastructure system for your company. These benefits come from the nature of Infrastructure as Code deployments:
- Infrastructure as Code are text files that store the configuration and state values; normally presented as JSON files.
- All the files are version controlled, making it easier to audit, test, upgrade and rollback as needed.
- Human-readable in nature, making it easier to debug and review.
There are other key areas of Infrastructure as Code (here after mentioned as IaC) that need some guidance, such as security principles, authentication of the tools, etc. We will mention them all in this article to give you an overview of what this concept is.
There are several tools, that I will link to in the bottom of this article that you can see to understand how Infrastructure as Code is handled usually, but throughout this article, we will focus on Resource Orchestration Service provided by Alibaba Cloud, and see how that can help organizations an easy way to automate their cloud-based infrastructure.
Major Benefits of DevOps:
Automating the processes and systems through a bunch of PowerShell or bash scripts is not enough because it can be an overhead which mitigates the overall performance and speed and provided there is no standard way of doing things, engineers can get into trouble while implementing or troubleshooting scripts. However, if we do it in a well-strategic way, then things can go better. Same is the case of Infrastructure as Code; in fact, it can make the situation worse because of many reasons: poorly designed server and machines architecture, a mess of network topologies, use of incompatible tools, etc., and the consequences could create catastrophic damage. So, the question is what are the significant benefits that the IaC model can provide to us?
Being a part of the DevOps chain, IaC can help in following ways:
- The codified way of implementing Infrastructure as Code empowers engineers to work more on infrastructure definitions rather than scripts and configurations, which ensures better scalability and more control of the centralized change. Consequently, the ground focus shifts towards the quality of automation tooling instead of server nodes and other resources.
- Repetition will neither be costly nor will consume human efforts. So, if we need to do it numerous times, we can automate that. Assume how interesting it is that with very few clicks you will be bringing up and shutting down your servers and machines daily by your requirements and usage.
- You would have the advantage of testing and comparing different configurations with different systems to analyze your decisions and strategies. These daily performance snapshots would give you an insightful summary to implement your infrastructure in an optimized way.
- At the end of the day, if your infrastructure configuration does not work, or has little benefit over the cost, you can always rollback the changes and deploy the working model of your infrastructure on the cloud.
Not just this but we would also have so many other major comforts and advantage as well which are requirement centric. Such as CI and CD pipelines, versioning and consistency with the higher degree of accuracy.
Although most of these concepts come from the development and software engineering side, but their application to infrastructure management, and operations can help organizations perform well in a cloud-first environment. Since cloud vendors support on-demand resource orchestration, IaC can help you test a new infrastructure configuration, and if that doesn’t work, go back to doing things the way they were working.
Alibaba Cloud Resource Orchestration Service
Having centralized control and responsibilities is not risky but could be a performance threat in many cases, so Resource Orchestration Service (ROS) embraces the idea of Infrastructure as code in a way that operational and the development team can collaborate and work in a simplified way. ROS provides the easy mechanism and flows to manage the configuration and storage of configurations which we face so frequently. One of the major or essential features of ROS is the resource aggregation template which offers an architectural or diagrammatical blueprint of your infrastructure (network, storage, underlying configurations, etc.) which can be used by development to implement the infrastructure in a codified way.
While working with Alibaba Cloud ROS, you need to think of your infrastructure as a Stack-not the LIFO Stack. This helps you build a complete solution on Alibaba Cloud, by combining basic services and resources such as ECS, SLB, and then making your way up to a complete web solution that customers can use.
You can create a new account for Alibaba Cloud ROS, as it is a free service that lets you make decisions on infrastructure design and components, and lets you deploy them on Alibaba Cloud platform. Most of the components also come as a sample template that you can use to deploy a complete solution on the platform. Samples and solutions range from basic Node.js apps to complex TensorFlow training solutions to Hadoop based Big Data components. We will explore that in our later articles and see how these templates can help us quickly deploy a complete cloud-native solution.
Alibaba Cloud ROS Structure and SDK
Using the ROS provided template makes things handy and quick. Resource APIs and SDK given by ROS make it hassle-free to design and develop complete operational-and-management cycle. ROS helps your DevOps team to manage and deploy your continuous integration and delivery pipelines as well which ensure the betterment of automation capabilities of your system. ROS template provides you with the following capacities:
- Redeployment capabilities for the templates.
- Linting capabilities, which can help you verify the template structure before deployment, to test against any structural problems.
- Native support for Alibaba Cloud resources, security, regions and more.
Moreover, the language and library suite of ROS includes a wide range of management console, API and CLI to ensure the support and resource availability.
Why ROS for IaC
The first and foremost reason to use ROS is that it is integrated directly with Alibaba Cloud infrastructure, that makes it easier to create resources and deploy them, from within the portal. ROS ensures the high elasticity of our infrastructure. It keeps the proper check and balance for resources and their details in a stack-which we discussed in the previous section as how we can check the status of the resources using the Stack information. We can monitor or query (delete, add, update) status updates over the stack since it provides you a wide range of different query options.
Using ROS, the creation and then the continuous modification of your resources becomes a lot easier. We can design the complete pictorial visualization of our infrastructure including all the configurations, cloud resources and dependencies which keep accumulating over time. The template you’ve written is editable so that you can reuse it as many times and as many required changes as you want. Here is a sample diagram that shows how this can be managed in ROS:
Moreover, resource creation (by writing infrastructure state in JSON format to define your dependencies and any other Alibaba cloud service etc.) management and auto-scaling are required occasionally but frequently. Hence the feature of modifying templates also helps us to reflect the updates in a managed and robust way which could be error-prone in a manual process.
Community or Third-party IaC Tools
If you are interested in community-based tools that support Alibaba Cloud resource management, then there are a bunch of other options available out there, such as Terraform. Alibaba Cloud is available as Alicloud provider and you can manage your resources using Terraform. You can learn more about Terraform usage for Alibaba Cloud resource management here.
There are bunch of other options that sometimes are used, such as Ansible, Chef, Puppet and Jenkins that can help you apply your infrastructure and DevOps containments to the cloud. We, however, in this article focused on Alibaba Cloud ROS, and in the next phase of the series we will take a deeper dive and study how we can actually create an infrastructure instance using ROS templates, and how to version control the templates.