Infrastructure as Code Briefing Paper

From wiki
Jump to navigation Jump to search

Back to Tech Briefs list page

Business Brief

Infrastructure as Code (IaC) is an IT infrastructure methodology that allows development teams to automate manual processes through the use of code. The process resembles that of writing scripts, except scripts are limited to automating only static steps. IaC uses high-level or descriptive languages to provide a large range of more complex processes able to be automated. There are also several virtualization tools available for configuration management such as Ansible, Vagrant, Puppet, Chef, Docker, and more. The IaC methodology for DevOps can be very useful in with regards to server management. No longer does an impaired and broken server have to be repaired, instead the processes required to deploy and configure that server in its original state can be automated. IaC also provides huge benefit on the testing side. Measuring recovery time can be accomplished much more easily. With modern cloud environments, an isolated environment can be created much faster with IaC able to create an exact copy of the production environment . This new environment can be completely isolated from the actual production environment making simulating disasters and measuring recovery time a much simpler task. The benefits to using IaC include a reduction in human error, an audit trail, a robust configuration tool, and documentation.

Technical Brief

The written code necessary to perform IaC based endeavours can be broken down into two components. Templates which are declarative definition files allow the user to provision resources from their cloud-based provider. These resources can include load balancers, networks, routers, auto-scaling groups, individual virtual machines (VM), relational database services, or even caching services. The second component is configuration management. This area focuses on producing the platform necessary to run an application. These platforms may be Linux-based or Windows-based but the focus is driven on the initialization and configuration of the platform to facilitate the proper functionality of the application being run.

IaC is very beneficial for developers who are designing software in an agile manner because of its ability to be version controlled through standard development systems. With the ability to configure servers and environments quickly, returning to a previous working version becomes a much simpler task. IaC facilitates agile design because of its iterative nature, where changes are encouraged and can be propagated through environments easier.

IaC also enable the deployment of a solution across multiple clouds by abstracting cloud specific configurations and as a result delivers a consistent solution using the same code. This reduce cloud vendor lockin by allowing parts or whole sulutions to move between different cloud providers.

By adopting IaC server Sprawl can be reduced. Server Sprawl is a challenge that arises when a system begins growing too quickly. Allocation of resources is a trivial endeavour with modern tooling, the number of servers can increase too quickly leaving teams struggling to keep servers patched and up to date. Implementing IaC into DevOps practices can eliminate this by reducing the number of active servers through code and facilitating the maintenance at the same time.

IaC is a good way to control configuration crift. This arises when a group of servers have been created but slight modifications are introduced to a few servers. Over time this can cause the server to operate differently. IaC will ensure consistency across deployments and will eliminate the drift factor.

Industry Use

The industry has been leveraging IaC to quickly and effortlessly build cloud based IT infrastructure through software and data definitions. Those businesses are able to use software development tools such as version control systems, automated testing libraries, and deployment orchestration to manage and configure their infrastructure in the cloud. The IaC methodology also provides new opportunity to use other software development tactics like, test-driven development, continuous integration, and continuous delivery. Environments capable of testing software are now be created easily and with little manual work put in. With this methodology, IT infrastructure becomes less of a constraint on development but rather supports it.

Companies like Amazon, Netflix, Google, and Facebook that provide services through the use of cloud benefit greatly from the use of IaC. By making the deployment of a server a task done through software their recovery time from a crash diminishes significantly. Companies like Amazon cannot afford to reconfigure their systems manually in the event of a crash, since thousands of transactions are being processed every minute.

With the emergence of the DevOps model IaC is being used in virtual infrastructure maintenance and design. Its premise grants the user more flexibility with the creation of their environments and how they can test their software.

Canadian Government Use

The GC has begun consuming public cloud services. These services are offered are part of the Government of Canada’s Cloud Adoption Strategy. IaC is a strategic methodology when embarking in a cloud-based endeavours since it facilitates the deployment and maintenance of virtual infrastructure. One such example is the Government of Canada Financial and Material (GCFM) solution aiming at providing central infrastructure to support financial planning and analytics in the GC. With a public cloud virtual infrastructure the need for IaC is paramount to keep cost down and maximise the use of cloud based resources.

The GC will also be adopting SAP Business Panning and Consolidation (SAP BPC), a business application which provides the end user with a target environment for planning, consolidating, and reporting of financial processes. With this application being used, IaC will prove to be useful in two ways, in automating maintenance activities and accelerating repeatable testing. IaC allows the user to retain multiple versions of the same environment and only changing small configurable data at a time. Being able to return to previous versions of the same environment prove useful in maintenance as the exact version of an environment can be redeployed and configured in the same manner without manual work.

Implications for Departments

Shared Services Canada

Value proposition

IaC can provide huge benefit for cloud based application development by allowing human resources time to be better allocated. If an environment stops functioning correctly, no longer do developers of operations teams have to reconfigure a new server. As SSC and the GC move toward cloud-based services the need for virtual infrastructure will only increase. With this greater demand, there will simply not be enough human resources to maintain and build and maintain the infrastructure if IaC is not used.


Automation fear is a risk that can plague many teams. Although automation saves time, placing trust in the system can be a difficult task especially when the code is populating a cloud full of server instances and supporting infrastructure configuration.

Dept X

Content to be added by each departments