Aws Role In The Implementation Of "Infrastructure As Code" (IaC) in DevOps

Author: Ridhi Arora

Infrastructure as code is a concept in DevOps which says "it’s equally easy to maintain your operations environment as it is easy to maintain code". You don’t need to manually do the changes in configurations of an environment just as you do in application development. Infrastructure would be treated the same way as a developer treats its code base.

IAC - Case Study

If I would be given a chance to explain IAC to a lame person then that would be a case study which says: Whenever a new resource joins a team and he or she gets a new machine to work on. Now earlier the IT staff has to manually go and do the configurations so that the machine has all the essential stuff which that resource requires. But with IAC, a code would do the configuration in the new machine. The code should be executed on the machine and the job is done! Even, this code will continuously execute on the machine and will see if the machine doesn’t diverge from the desired state. In this way, a single admin can do configuration of hundreds of machines at the same time.

How can AWS help in the implementation of IAC?

AWS CloudFormation is a configuration orchestration tool provided by Amazon Web services, which is actually going to help you in the implementation of IAC. It will help you in coding your infrastructure so that you can automate all the developments and reduce the manual efforts introduced. You have to create cloudFormation templates with YAML and JSON.

A template is basically a text file which has all AWs and non-AWS resources to run your application. Whenever a template is submitted then CloudFormation creates all the necessary resources defined by the customer. It then builds an EC2 instance which would be based on the requirement defined by the admin or network operator. This running instance E2 is generally called a stack. Basically, a stack is a collection of resources which can be managed as a single unit. Let’s see one template which looks very simple but can be used for created an s3 bucket.

AWSTemplateFormatVersion: 2010-09-09

Description: Bucket Stack

Resources:

S3Bucket:

Type: AWS::S3::Bucket

Properties:

BucketName: my-bucket

Format Version is the AWS CloudFormation template version that your template points to. You should include this in your template as you would get this as a reference in future templated whenever a new template is released. The description is an optional key but it is good to write as it provides additional information about your template. You can have the resources section as parameters which you are providing to your template to create or update a stack. You have S3 bucket name, type, IP address range and etc.

CloudFormation with other configuration management tools FOR iAC implementation

CloudFormation is a configuration orchestration tool which can be used to automate the deployments on the servers. You can use any other configuration management tools like Chef and Puppet to configure the software and systems. Suppose if you want to build an application on AWS platform, you can easily choose a simple CloudFormation template and then it will create the resources to build the application. You can easily manage creation, updating and deletion operations of resources with CloudFormation. You can set up a configuration management tool to set up the OS on the instance created by cloudFormation. With both tools in combination, you can automate the configuration and deployments which make implementation of IAC very easy. Your machines will then be considered as IAC.

AWS CloudFormation uses in IAC

  • It follows a declarative approach which means you can select the look of your environment.
  • It will even allow you to preview the changes before deploying them so that you can actually see how your proposed changes in code can impact dependent resources. ChangeFormation Cloud Sets will allow you to do it. You can even specify the threshold in it so that if your environment exceeds this threshold value then cloud set will revert the state of the environment to a stable state. Even if you have recently done a new deployment and it has adversely affected all the resources then with the help of AWS cloudFormation, you can roll back the changes made and can revert to the old state. This versioning control feature of AWC cloudFormation helps in case of adversaries.
  • With a single cloud formation account you can deploy your code to many AWS accounts. CloudFormation Stacks will allow you to do it. It will help you in deploying, updating and deleting infrastructure code across many regions. Earlier deployment on every environment has to be done on an individual basis but now CloudFormation Stacks has made our job easier.
  • Custom Resources will help you in defining custom provisioning logic. It is for all those resources or for all the services which are not yet supported by cloud formation. You can do that easily with custom resources.
  • Amazon is the owner of AWS CloudFormation so that means you don’t need to worry about updates. Amazon releases frequent updates so that you will have all useful functionalities in your account.
  • CloudFormation even automatically manages the dependencies in your environment. You don’t have to specify the order of the resources to be created, updated and deleted. It has inbuilt intelligence about the order to be followed but if you have some specific sequence to be followed then you can specify that in DependsOn attribute.
  • Conclusion

    So, you have gone through one of the important tools to implement IAC. You can imagine how the deployments and configurations can become a job of a few seconds and this is basically IAC where manual efforts have become considerably less. You can manage the deployments and configurations of your network easily and with additional features of rollback and security. With CloudFormation, you rarely have to worry about updates from Amazon. You can easily manage your network as code with the help of AWS Consulting Services and AWS CloudFormation.