Book Image

Infrastructure as Code for Beginners

By : Russ McKendrick
4 (1)
Book Image

Infrastructure as Code for Beginners

4 (1)
By: Russ McKendrick

Overview of this book

The Infrastructure as Code (IaC) approach ensures consistent and repeatable deployment of cloud-based IaaS/PaaS services, saving you time while delivering impeccable results. Infrastructure as Code for Beginners is a practical implementation guide that helps you gain a clear understanding of the foundations of Infrastructure as Code and make informed decisions when implementing it. With this book, you’ll uncover essential IaC concepts, including planning, selecting, and implementing the right tools for your project. With step-by-step explanations and real-world examples, you'll gain a solid understanding of the benefits of IaC and the scope of application in your projects. You'll learn about the pros, cons, and best practices of different IaC tools such as Terraform and Ansible, and their use at different stages of the deployment process along with GitHub Actions. Using these tools, you'll be able to design, deploy, and secure your infrastructure on two major cloud platforms, Microsoft Azure and Amazon Web Services. In addition, you'll explore other IaC tools such as Pulumi, AWS CloudFormation, and Azure Bicep. By the end of this book, you’ll be well equipped to approach your IaC projects confidently.

Related Content you might be interested in

Current Title:

Small book image
Infrastructure as Code for Beginners
Russ McKendrick
May, 2023 | 222 pages
Small book image
HashiCorp Infrastructure Automation Certification Guide
Ravi Mishra
Jul, 2021 | 350 pages
Small book image
Terraform for Google Cloud Essential Guide
Bernd Nordhausen
Jan, 2023 | 180 pages
Small book image
Learn Ansible
Russ McKendrick
Jun, 2018 | 578 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1: The Foundations – An Introduction to Infrastructure as Code
Part 1: The Foundations – An Introduction to Infrastructure as Code
Free Chapter
2
Chapter 1: Choosing the Right Approach – Declarative or Imperative
Chapter 1: Choosing the Right Approach – Declarative or Imperative
The challenges of managing infrastructure manually
What is meant by declarative and imperative?
Pets versus cattle
What does all this mean for our Infrastructure-as-Code deployments?
Summary
Further reading
3
Chapter 2: Ansible and Terraform beyond the Documentation
Chapter 2: Ansible and Terraform beyond the Documentation
What is important when choosing a tool?
Introducing Terraform
Introducing Ansible
Introducing Visual Studio Code
Summary
Further reading
4
Chapter 3: Planning the Deployment
Chapter 3: Planning the Deployment
Planning the deployment of our workload
How to approach the deployment of our infrastructure
Exploring the high-level architecture
Summary
Further reading
5
Part 2: Getting Hands-On with the Deployment
Part 2: Getting Hands-On with the Deployment
6
Chapter 4: Deploying to Microsoft Azure
Chapter 4: Deploying to Microsoft Azure
Technical requirement
Introducing and preparing our cloud environment
Producing the low-level design
Terraform – writing the code and deploying our infrastructure
Ansible – reviewing the code and deploying our infrastructure
Summary
Further reading
7
Chapter 5: Deploying to Amazon Web Services
Chapter 5: Deploying to Amazon Web Services
Technical requirements
Introducing Amazon Web Services
Preparing our cloud environment for deployment
Producing the low-level design
Ansible – writing the code and deploying our infrastructure
Terraform – reviewing the code and deploying our infrastructure
Summary
Further reading
8
Chapter 6: Building upon the Foundations
Chapter 6: Building upon the Foundations
Understanding cloud-agnostic tools
Understand the differences between our Microsoft Azure and Amazon Web Services deployments
Understanding the differences between our Terraform and Ansible deployments
Introducing more variables
Making the code more reusable
Pop quiz
Summary
Further reading
Answers
9
Part 3: CI/CD and Best Practices
Part 3: CI/CD and Best Practices
10
Chapter 7: Leveraging CI/CD in the Cloud
Chapter 7: Leveraging CI/CD in the Cloud
Technical requirements
Introducing GitHub Actions
Running Terraform using GitHub Actions
Running Ansible using GitHub Actions
Security best practices
Pop quiz
Summary
Further reading
Answers
11
Chapter 8: Common Troubleshooting Tips and Best Practices
Chapter 8: Common Troubleshooting Tips and Best Practices
Technical requirements
Infrastructure as Code – best practices and troubleshooting
Terraform – best practices and troubleshooting
Ansible – best practices and troubleshooting
Summary
12
Chapter 9: Exploring Alternative Infrastructure-as-Code Tools
Chapter 9: Exploring Alternative Infrastructure-as-Code Tools
Technical requirements
Getting hands-on with Pulumi
Getting hands-on knowledge of Azure Bicep
Getting hands-on with AWS CloudFormation
Summary
Further reading
13
Index
Index
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

What does all this mean for our Infrastructure-as-Code deployments?

So far, we have spoken a lot about some of the approaches and journeys people take to get to the point where they are considering using Infrastructure as Code, so before we look at some of the toolings in Chapter 2, Ansible and Terraform beyond the Documentation, let’s talk about some of the actual use cases.

In my opinion, the most significant advantage of using Infrastructure as Code is consistency – if you need to repeat a process or deployment more than once, then define your deployment as Infrastructure as Code.

This will make sure that resources are deployed the same every time, no matter who is deploying them; if everyone is using the same set of code, then it stands to reason that the outputs will be the same (apart from variables you allow to override the values on such as SKUs, resource names, etc.).

An Infrastructure-as-Code approach not only gives you consistency between team members deploying the code but also between environments. Before I started defining my deployments as Infrastructure as Code, configuration drift between environments was quite a significant issue – environments were online for so long that tweaks were being applied and not carried through, so when code moved between my development, test, and finally, production environments, unexpected things would start to happen.

Next up is collaboration; as your infrastructure is defined in code, you can use the same development workflows you use for your applications. I am sure that most of you use a version control system for your code, more than likely Git via hosted services such as GitHub, GitLab, BitBucket, or Azure DevOps – if so, you have everything in place to track changes and collaborate on your infrastructure configuration.

You can also extend this further by introducing branching and pull requests based on your existing procedures to encourage change and testing, making the ongoing maintenance and development of your Infrastructure-as-Code projects genuinely collaborative.

Once you have your Infrastructure as Code hosted in version control, you can also take advantage of automation, again using the same processes and pipelines you use to build your application – using services such as GitHub Actions or Azure DevOps Pipelines.

Using services such as these gives you the ability to execute tasks from a single location that is covered by the service’s role-based access control, rather than being reliant on each member of the team downloading and running the Infrastructure-as-Code deployments locally.

If a team member would be running it locally, then that would mean that each team member who needs access to deploy would also need quite a high level of access to target resources – such as the public cloud you are deploying to.

Using automation solutions such as the ones mentioned previously means that you can allow people to use credentials in their pipelines without them having to know what the credentials are. This means you can grant the individuals a lower level of access to your resources – such as read-only – as they only need to view resources rather than manage them.

One significant side effect of this approach is that because people don’t have a level of access outside of the automation, they won’t be tempted to quickly jump into the portal and make a change to fix something manually and instead will need to update the code and do a deployment, meaning that the change is tracked and the execution logged, so you know who did what, when, and why.

Finally, something that we have already mentioned – cost savings. If you have your Infrastructure-as-Code deployments in version control and automated, then it’s not a stretch to deploy your infrastructure as needed rather than running it 24/7.

For example, if you have a pipeline to build your application, once that pipeline has successfully executed, then it can trigger, which builds the infrastructure – once built, that in turn triggers a deployment, and from there, your tests can run against the deployment and freshly deployed resources. The results of the test can be stored, and the infrastructure is then torn down as it is no longer needed.

This end-to-end process may take half an hour – but that’s that half an hour’s worth of resource cost versus paying for 24/7 resource costs – which I am sure you will agree is quite a saving.

Previous Section
End of Section 5
Next Section