In continuously evolving environments, operations and development teams are increasingly working together, using tools and techniques and sharing a common culture popularized as part of the DevOps movement. From development to production, a common tooling and approach emerged—often borrowed from developers and the agile techniques.
Now that APIs are everywhere in the datacenter, automation took over every aspect and every step of what used to be a sysadmin or IT job—infrastructure is now basically code, and should be considered as such while working alone in development or in production within a distributed team.
Learning the most important tools, techniques, and workflows that fit in an infrastructure-as-code description can be a daunting task, and many teams can either be misled or discouraged by the amount of information, change, and knowledge required to switch to infrastructure-as-code.
This book has been written keeping in mind all those teams that we have met in the past few years through our respective jobs—teams interested in DevOps, automation, and code, sometimes already doing part of it quite well, but willing to discover other tools and techniques, discovering how they could do better by improving the quality of their code, the stability of their infrastructure, the scalability of their services, the speed of their deployments, the efficiency of team work, and the feedback loop.
This book is a humble attempt to cover everything related to infrastructure-as-code, based on our real-life experience, from development workflows with Vagrant to complex production infrastructure deployments with Terraform or Ansible, from configuration management essentials using Chef and Puppet to advanced Test-Driven Development (TDD) techniques, and thorough infrastructure code coverage testing. It will also give insights and advanced Docker techniques, and much more. Whenever it was possible or relevant, we tried to show alternative ways of doing the same thing with another tool or approach, so that everyone with any prior knowledge of the subject can still find something to learn in any section of the book.
We hope you'll get much out of this book, and that automating and testing using infrastructure-as-code will be as fun for you as it's been for us to write about.
Chapter 1, Vagrant Development Environments, is all about automated development environments using Vagrant. Launch simple or complex environments, simulate various virtual networking configurations, combine Vagrant and Docker or the Amazon cloud, and hand over the provisioning of virtual machines to Chef and Ansible. All examples are self-contained real-life little projects.
Chapter 2, Provisioning IaaS with Terraform, is everything needed to get started with Terraform on Amazon Web Services, from managed database servers to log handling, storage, credentials, Docker registries, and EC2 instances.
Chapter 3, Going Further with Terraform, sheds light on some more advanced techniques of using Terraform code, such as dynamic data sources, separate environments, Docker, GitHub or StatusCake integration, team work, and how the code linter works.
Chapter 4, Automating Complete Infrastructures with Terraform, will show and describe complete, real-life Terraform code for infrastructures on Amazon Web Services, Digital Ocean, OpenStack, Heroku, Packet, and Google Cloud. We'll deploy a Docker Swarm cluster on a bare metal CoreOS cluster for containers, an n-tier web infrastructure, or a GitLab + CI combo.
Chapter 5, Provisioning the Last Mile with Cloud-Init, explores everything we can do with cloud-init code—file management, server configuration, adding users and keys, repositories and packages, or examples of extensions such as Chef, CoreOS, and Docker.
Chapter 6, Fundamentals of Managing Servers with Chef and Puppet, shows the essentials of using Chef code to automate an infrastructure. From the workstation setup to writing our own recipes to managing external cookbooks, this chapter contains it all—we'll manage packages, services, files, dynamic templates, dependencies, relationships, shared data, and more, all using code. Alternative ways of doing similar actions using Puppet code are also shown for you to have a better view of the ecosystem.
Chapter 7, Testing and Writing Better Infrastructure Code with Chef and Puppet, is all about advanced techniques of testing code for quality and sustainability. It also covers unit and integration testing, linters, and tools for Chef and Puppet, so that you'll produce the best infrastructure code possible.
Chapter 8, Maintaining Systems Using Chef and Puppet, shows advanced features made possible by Chef or Puppet code, such as scheduled convergence, encrypted secrets, environments, live system information retrieval, application deployments, and workflows or practices to be safe.
Chapter 9, Working with Docker, is about using Docker containers from a developer point of view—choosing a base image, optimizations, tags, versioning, deploying Ruby-on-Rails or Go applications, networking, security, linting, and using our own durable private registry—all using simple Docker instructions—as code.
Chapter 10, Maintaining Docker Containers, is showing more advanced Docker usage for developers and engineers, such as code testing, automated build pipelines and Continuous Integration, automated vulnerability scanning, monitoring, and debugging.
The essential requirement is a computer capable of running a Linux virtual machine and an Internet connection. The author's computers are laptops running Mac OS 10.11 and Fedora 25, with VirtualBox 5, but any other Linux distribution will work as well. Vagrant, Terraform, the Chef Development Kit, and Docker also work on the Windows platform, although this is untested by the authors.
As we're dealing with Infrastructure-as-a-Service (IaaS) here, also required are valid accounts with Amazon Web Services (AWS), Google Cloud, Digital Ocean, Packet, Heroku, or an OpenStack deployment.
Through the various chapters of this book, we'll also use free Software-as-a-Service (SaaS) accounts such as GitHub, Travis CI, Docker Hub, Quay.io, Hosted Chef, and StatusCake.
This book is for DevOps engineers and developers working in cross-functional teams or operations and would like to switch to IAC to manage complex infrastructures.
In this book, you will find several headings that appear frequently (Getting ready, How to do it…, How it works…, There's more…, and See also).
To give clear instructions on how to complete a recipe, we use these sections as follows:
This section tells you what to expect in the recipe, and describes how to set up any software or any preliminary settings required for the recipe.
This section usually consists of a detailed explanation of what happened in the previous section.
This section consists of additional information about the recipe in order to make the reader more knowledgeable about the recipe.
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "Include both the NGINX configuration and docker-compose.yml files from the previous recipe and you're good to go."
A block of code is set as follows:
Vagrant.configure("2") do |config|
# all your Vagrant configuration here
endWhen we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
config.vm.provision "ansible_local" do |ansible| ansible.version = "1.9.6" ansible.install_mode = :pip ansible.playbook = "playbook.yml" end
Any command-line input or output is written as follows:
$ vagrant plugin list vagrant-vbguest (0.13.0)
New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "You can see your newly created security group by logging into the AWS Console and navigating to EC2 Dashboard | Network & Security | Security Groups."
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail <[email protected]>, and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
You can download the code files by following these steps:
Log in or register to our website using your e-mail address and password.
Hover the mouse pointer on the SUPPORT tab at the top.
Click on Code Downloads & Errata.
Enter the name of the book in the Search box.
Select the book for which you're looking to download the code files.
Choose from the drop-down menu where you purchased this book from.
Click on Code Download.
Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:
WinRAR / 7-Zip for Windows
Zipeg / iZip / UnRarX for Mac
7-Zip / PeaZip for Linux
The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Infrastructure-as-Code-IAC-Cookbook. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/InfrastructureasCode_IAC_Cookbook_ColorImages.pdf
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
If you have a problem with any aspect of this book, you can contact us at <[email protected]>, and we will do our best to address the problem.