If you are beginning your journey in learning a cloud provider like Amazon Web Services or Google Cloud Platform you have likely come across the te...
For further actions, you may consider blocking this person and/or reporting abuse
Pulumi looks awesome. I'm really new at managing any type of modern infrastructure but the abstractions that Pulumi offers are really amazing. I hope it grows quick and they refine some rough edges because being able to code your infrastructure is pretty cool :)
Pulumi is one that I meant to include. It looks very promising as it allows you to represent your infrastructure right alongside your application code.
Exactly. He best thing is that by being able to write just code it allows many patterns that are quite cool.
If anybody is interested in the views from a newcomer in the infrastructure world I wrote about it in my blog.. I linked there to an interesting use case, AWS Lambda Warmer as Pulumi Component.
Good notes on this! We've been getting more and more into developing our resources this way, but it still doesn't mean you get away from the Administrative headaches of having to deal with AWS console. Especially when trying to configure your VPC's, IAM Users and Roles just so you can get them into your Terraform templates. I don't mind learning new tools, after all you need to keep your toolbox current, it just gets so overwhelming when even in my environment we are using Ansible, Terraform, Docker, and probably one or two more I am forgetting just to get your environments in place. At times its hard to keep up.
Michael, I think you hit on a major point that is evolving in this space. Often times more than one tool is being used.
For example, I can use Serverless Framework to provision my serverless resources and Terraform for my VPC, roles, and deployment pipeline. I could also have a Terraform template that provisions EC2 instances in AWS, and maybe I even use Puppet to configure things on those machines.
In that basic example, I am already using three tools.
I don't have the answer here, but I think the future is a bit unknown in terms of this level of complexity. Is this the right way? The wrong way? Unclear.
The one thing that seems clear to me is that an abundance of infrastructure as code is better than no IaC.
I've been in this space before and in my experience all the tools end up finding either their niche or evolve so that they become the "standards" for specific groups. What we had leading up to this was a lot of flavor of the month that people in those positions decided was the one we wanted to use NOW.
Though I started with a bit of venting on the complexity its something that's endemic in our space, we are constantly moving forward. Something new comes, we take it and check it out, if we love it add it to our toolbox or drop it off. The next person who comes in either learns from what we did, if we mentor, or makes their own decisions if the company has not set a standard.
It's nice to keep learning, its the one thing that excites me about going into work every day - the intellectual challenge - but it can be draining at times.
The problem is getting more apparent every year.
We're introducing more and more abstraction layers on top of physical infrastructure, making compromises, generalizing and reducing use cases to most common ones creating bottlenecks and slowdowns ignoring special requirements.
Instead of physical infrastructure we have hypervisors, running virtualized OS-es with virtualized hardware that run containers that run frameworks that transpile to intermediate languages that are translated to binary code that gets executed.
Instead of switches and routers we have SDNs that execute on CPUs sharing execution with all cloud customers. No wonder they do not ofer any SLA on the bandwidth, it's impossible to keep it!
You want cloud? For the price you get average performance shared with tons of other cloud customers, no options to resolve resource contention or hardware overutilization or any other random slowdown you experience.
They claim power efficiency, performance and internet speed has increased several ten folds over past years. I hardly noticed webpages or mobile apps loading any faster.
Are you wondering why you need new computer each time new version of Windows comes out? Shouldn't they finaly manage to fix all performance issues and make everything run smooth? Especially when SSDs now reach 5x the speed of traditional HDDs? When we have 8-16x more memory than we used to have? When we have 4-8x more CPU cores than before?
Where does all the power go?
Whoa there Slavius, what are you so mad about? Your your profile says you are " Currently working as a freelancer on infrastructure, application architecture and cloud engineering."; but then you dig into them like it's going out of style. What's up? It's like you know the differences, but run away from the reasons.
I'm not sure what upset you so much from an IAC article to begin lamenting and ranting about all of this with your ill-informed opinion. Please have yourself a better day/week/year fam.
I'm unfortunately not interested to reply to your comment for obvious reasons - you are part of a cult and I don't buy it.
You are the one ill-informed. I am long term cloud end-user, renting physical servers and several years working as part of cloud provider company. I have my reasons to write what I write and those are facts I face every day.
Good day, sir!
Not everything you said is truth. What you described as a cloud is commonly known as public cloud and you share resources with other tenants.
But then there's private cloud where tenant will be given its own resources that won't be shared with anyone else.
Also, public cloud is far more performant for cloud provider because they can use hardware more efficiently by not having it idle.
You get your resources that may not be shared with anyone else - while at the same time they are far from being neither performant nor flexible.
You get the same cheap CPUs bought for public cloud because their ROI is so fast (lot of core count, small caches, low frequencies) you get one fixed storage of unknown configuration that will 100% not suit your use case. You will be lucky if it's SAS based, in most cases it's NLSAS OR staight SATA. You luckily may get your own RAID controller with some cache but no control over read/write ratio. In most cases tho, you get shared NAS with other tennants because that's where they invested tons of money and they need to monetize on it.
Then you get a network connectivity. That's also shared. Not only with tennants but while doing your backups it will cut from it. If you're lucky they did invest into dedicated NIC for NAS connectivity.
How is that better than public cloud? It is simply not!
Folks are gonna like this one
one thing to keep in mind, that terraform, comparing to ansible, offers more declarative way of describing desired infrastructure - if in ansible you say “add one node”, in terraform you say “I want to have 10 nodes”
both approaches have their pros and cons )
Really enjoyed this read Kyle. Loved how you broke things down and did a great job of weighing both the pros and cons of Infrastructure as Code (IaC). Need to look into learning more about this. Also thanks for spelling out some of these acronyms, learned a few new ones :)
Thank you for the comment Nick.
One thing I don't touch on here is the idea of moving from manual provisioning to IaC and converting existing infrastructure. This is a tricky problem and requires even more time and effort because we don't want to break production.
Therefore, my advice is to start with IaC on any new services/resources. Establish the culture and process around it. Get used to operating in this way and then tackle your existing infrastructure.
Great post. I hope to at some point be able to finally get the time to finally implement this at my work. We really need it.