DEV Community

Cover image for The Benefits You Need to Know about Infrastructure as Code

The Benefits You Need to Know about Infrastructure as Code

Kyle Galbraith on August 21, 2018

If you are beginning your journey in learning a cloud provider like Amazon Web Services or Google Cloud Platform you have likely come across the te...
Collapse
 
alexito4 profile image
Alejandro Martinez

Pulumi looks awesome. I'm really new at managing any type of modern infrastructure but the abstractions that Pulumi offers are really amazing. I hope it grows quick and they refine some rough edges because being able to code your infrastructure is pretty cool :)

Collapse
 
kylegalbraith profile image
Kyle Galbraith

Pulumi is one that I meant to include. It looks very promising as it allows you to represent your infrastructure right alongside your application code.

Collapse
 
alexito4 profile image
Alejandro Martinez

Exactly. He best thing is that by being able to write just code it allows many patterns that are quite cool.
If anybody is interested in the views from a newcomer in the infrastructure world I wrote about it in my blog.. I linked there to an interesting use case, AWS Lambda Warmer as Pulumi Component.

Collapse
 
mfurmaniuk profile image
Michael

Good notes on this! We've been getting more and more into developing our resources this way, but it still doesn't mean you get away from the Administrative headaches of having to deal with AWS console. Especially when trying to configure your VPC's, IAM Users and Roles just so you can get them into your Terraform templates. I don't mind learning new tools, after all you need to keep your toolbox current, it just gets so overwhelming when even in my environment we are using Ansible, Terraform, Docker, and probably one or two more I am forgetting just to get your environments in place. At times its hard to keep up.

Collapse
 
kylegalbraith profile image
Kyle Galbraith

Michael, I think you hit on a major point that is evolving in this space. Often times more than one tool is being used.

For example, I can use Serverless Framework to provision my serverless resources and Terraform for my VPC, roles, and deployment pipeline. I could also have a Terraform template that provisions EC2 instances in AWS, and maybe I even use Puppet to configure things on those machines.

In that basic example, I am already using three tools.

I don't have the answer here, but I think the future is a bit unknown in terms of this level of complexity. Is this the right way? The wrong way? Unclear.

The one thing that seems clear to me is that an abundance of infrastructure as code is better than no IaC.

Collapse
 
mfurmaniuk profile image
Michael

I've been in this space before and in my experience all the tools end up finding either their niche or evolve so that they become the "standards" for specific groups. What we had leading up to this was a lot of flavor of the month that people in those positions decided was the one we wanted to use NOW.

Though I started with a bit of venting on the complexity its something that's endemic in our space, we are constantly moving forward. Something new comes, we take it and check it out, if we love it add it to our toolbox or drop it off. The next person who comes in either learns from what we did, if we mentor, or makes their own decisions if the company has not set a standard.

It's nice to keep learning, its the one thing that excites me about going into work every day - the intellectual challenge - but it can be draining at times.

Collapse
 
slavius profile image
Slavius

The problem is getting more apparent every year.

We're introducing more and more abstraction layers on top of physical infrastructure, making compromises, generalizing and reducing use cases to most common ones creating bottlenecks and slowdowns ignoring special requirements.

Instead of physical infrastructure we have hypervisors, running virtualized OS-es with virtualized hardware that run containers that run frameworks that transpile to intermediate languages that are translated to binary code that gets executed.
Instead of switches and routers we have SDNs that execute on CPUs sharing execution with all cloud customers. No wonder they do not ofer any SLA on the bandwidth, it's impossible to keep it!

You want cloud? For the price you get average performance shared with tons of other cloud customers, no options to resolve resource contention or hardware overutilization or any other random slowdown you experience.

They claim power efficiency, performance and internet speed has increased several ten folds over past years. I hardly noticed webpages or mobile apps loading any faster.

Are you wondering why you need new computer each time new version of Windows comes out? Shouldn't they finaly manage to fix all performance issues and make everything run smooth? Especially when SSDs now reach 5x the speed of traditional HDDs? When we have 8-16x more memory than we used to have? When we have 4-8x more CPU cores than before?

Where does all the power go?

Collapse
 
devhead profile image
dev-head

Whoa there Slavius, what are you so mad about? Your your profile says you are " Currently working as a freelancer on infrastructure, application architecture and cloud engineering."; but then you dig into them like it's going out of style. What's up? It's like you know the differences, but run away from the reasons.

We're introducing more and more abstraction layers on top of physical infrastructure...
Are you suggesting we just write in binary? or maybe you are just a functional purist who likes to rewrite the same functionality over thousands of times?

Instead of physical infrastructure we have hypervisors...
Yes, and that's good. Lets see the difference in time between purchasing your hardware, renting racks, getting auth, scheduling a time at the DC and installing 1000 servers. Compared to someone in the cloud spinning them up in an hour.

Instead of switches and routers we have SDNs that execute on CPUs sharing execution with all cloud customers.
So? Do you think cloud providers are the first to have SDNs? Anyhow, it's far easier to rebuild your network topology in an SDN than it is by hand. Also, want to duplicate it?...click, click, click; done.

They claim power efficiency, performance and internet speed has increased several ten folds over past years. I hardly noticed webpages or mobile apps loading any faster.
These two have nothing in common to compare for, you shouldn't. If you "notice" that website A is slow, did you also notice that it was slow yesterday ? did you track that? did you notice if you had five other tabs open or ten ? did you notice if you visited the same pages? did you notice if they changed their web servers? did you notice a change in speed from a third party resource on the html page you are looking at? Did you notice they have an over utilized server?

Are you wondering why you need new computer each time new version of Windows comes out?
No. I know why, if you have to buy a new computer when the new OS comes out, it's because the hardware you purchased back then, is no longer good enough to run their newer code which has been designed to run on more powerful hardware. it's like you are trolling or maybe you just are just so blinded by the topic, what the heck does Windows have to do with any of this anyways?

I'm not sure what upset you so much from an IAC article to begin lamenting and ranting about all of this with your ill-informed opinion. Please have yourself a better day/week/year fam.

Collapse
 
slavius profile image
Comment marked as low quality/non-constructive by the community. View Code of Conduct
Slavius

I'm unfortunately not interested to reply to your comment for obvious reasons - you are part of a cult and I don't buy it.

You are the one ill-informed. I am long term cloud end-user, renting physical servers and several years working as part of cloud provider company. I have my reasons to write what I write and those are facts I face every day.

Good day, sir!

Collapse
 
buinauskas profile image
Evaldas Buinauskas • Edited

Not everything you said is truth. What you described as a cloud is commonly known as public cloud and you share resources with other tenants.

But then there's private cloud where tenant will be given its own resources that won't be shared with anyone else.

Also, public cloud is far more performant for cloud provider because they can use hardware more efficiently by not having it idle.

Collapse
 
slavius profile image
Slavius

But then there's private cloud where tenant will be given its own resources that won't be shared with anyone else.

You get your resources that may not be shared with anyone else - while at the same time they are far from being neither performant nor flexible.

You get the same cheap CPUs bought for public cloud because their ROI is so fast (lot of core count, small caches, low frequencies) you get one fixed storage of unknown configuration that will 100% not suit your use case. You will be lucky if it's SAS based, in most cases it's NLSAS OR staight SATA. You luckily may get your own RAID controller with some cache but no control over read/write ratio. In most cases tho, you get shared NAS with other tennants because that's where they invested tons of money and they need to monetize on it.
Then you get a network connectivity. That's also shared. Not only with tennants but while doing your backups it will cut from it. If you're lucky they did invest into dedicated NIC for NAS connectivity.

How is that better than public cloud? It is simply not!

Collapse
 
ben profile image
Ben Halpern

Folks are gonna like this one

Collapse
 
okolbay profile image
andrew • Edited

one thing to keep in mind, that terraform, comparing to ansible, offers more declarative way of describing desired infrastructure - if in ansible you say “add one node”, in terraform you say “I want to have 10 nodes”

both approaches have their pros and cons )

Collapse
 
michael profile image
Michael Lee 🍕

Really enjoyed this read Kyle. Loved how you broke things down and did a great job of weighing both the pros and cons of Infrastructure as Code (IaC). Need to look into learning more about this. Also thanks for spelling out some of these acronyms, learned a few new ones :)

Collapse
 
kylegalbraith profile image
Kyle Galbraith

Thank you for the comment Nick.

One thing I don't touch on here is the idea of moving from manual provisioning to IaC and converting existing infrastructure. This is a tricky problem and requires even more time and effort because we don't want to break production.

Therefore, my advice is to start with IaC on any new services/resources. Establish the culture and process around it. Get used to operating in this way and then tackle your existing infrastructure.

Collapse
 
twigman08 profile image
Chad Smith

Great post. I hope to at some point be able to finally get the time to finally implement this at my work. We really need it.