Infrastructure as code (IaC) is the ability to provision and support your computing infrastructure using code instead of manual processes and settings. Any application environment requires many infrastructure components like operating systems, database connections, and storage. [AWS]

This book nearly covers everything about the subject. It includes both broad summaries and detailed explorations of key topics that directly benefited my project. I often found myself revisiting it to complete tasks. Below are my initial notes, which represent just a tiny fraction of the valuable content within.

Benefits

  • Rapid delivery values
  • Reduce effort and risk of making changes
  • Get resource that is needed, when is needed
  • Create system reliable, secure and cost-effective
  • Improve speed to troubleshoot and resolve failures

Core Practices

  • Define everything as Code
  • Continuously Test and Delivery All Work in Progress (code quality, functionality, security, compliance, performance, scalability, availability, operability). Good test scenario is when the declarative code create different results;
  • Build Small, Simple Pieces to be changed independently

Principles

  • Assume Systems are unreliable
  • Make Everything Reproducible
  • Create Disposable Things
  • Minimize Variations
  • The process can be repeated many times

Tools:

  • Ad hoc Scripts: execute some steps using a script language
  • Configuration Management: Install and manage Software on a existing server, maintains stardard structure, version control. Ex: Chef, Ansible (Procedural), Puppet, SaltStack
  • Server Templating: Pre-installed software and dependencies. The idea is to create an image of a server and use another IaC tool to install the image on all your servers. Ex; Packer, Vgrant, Docker
  • Orchestration: handle tasks like deploy and scale VM and containers. Ex: Kubernates, ECS, Docker Swarm.
  • Provisioning: responsible for create the servers (the other categories define code to run on each server). Orchestration to deploy immutable infra. Ex: OpenTofu (Declarative), CloudFormation, Terraform

Languages:

  • Declarative: the code defines the desired state for the infrastructure (e.g, packages to be on the server, how much of RAM). Good for the same outcome. Th last code represents the latest state. Tools: Terraform, CloudFormation.
  • Procedural: specify step by step how to achieve the desired end state. It limits reusability. Th last code not represent the latest state. Ex: Chef, Ansible
  • Imperative: different outcome depending the scenario where the code has to find out parameters to run. Good for reusable and sharable code. Tool: AWS CDK

Stack:

  • Definition: Collection of infrastructure resources defined, provisioned and updated as unit
  • Antipattern: Monolithic stack. Entire system into one stack. It is hard to understand and mantain, a change cause issues.
  • Pattern: Application Group Stack. Groups multiple, related pieces of system into stacks.
  • Pattern: Service Stack. All infra in a single stack.
  • Pattern: Micro Stack. brake into multiple stack. Duplicated code. It's necessary to draw boundaries to have a good division.