What is Infrastructure as Code (IaC)? How Does Infrastructure as Code on AWS work? 

Overview

Infrastructure as Code (IaC) is the managing and provisioning of infrastructure through code instead of through manual processes.

With IaC, configuration files are created that contain your infrastructure specifications, which makes it easier to edit and distribute configurations. It also ensures that you provision the same environment every time. By codifying and documenting your configuration specifications, IaC aids configuration management and helps you to avoid undocumented, ad-hoc configuration changes.

Version control is an important part of IaC, and your configuration files should be under source control just like any other software source code file. Deploying your infrastructure as code also means that you can divide your infrastructure into modular components that can then be combined in different ways through automation.

Automating infrastructure provisioning with IaC means that developers don’t need to manually provision and manage servers, operating systems, storage, and other infrastructure components each time they develop or deploy an application. Codifying your infrastructure gives you a template to follow for provisioning, and although this can still be accomplished manually, an automation tool. 

Declarative vs. imperative approaches to IaC

There are 2 ways to approach IaC: declarative or imperative. 

A declarative approach defines the desired state of the system, including what resources you need and any properties they should have, and an IaC tool will configure it for you. 

A declarative approach also keeps a list of the current state of your system objects, which makes taking down the infrastructure simpler to manage.

An imperative approach instead defines the specific commands needed to achieve the desired configuration, and those commands then need to be executed in the correct order. 

Many IaC tools use a declarative approach and will automatically provision the desired infrastructure. If you make changes to the desired state, a declarative IaC tool will apply those changes for you. An imperative tool will require you to figure out how those changes should be applied.

IaC tools are often able to operate in both approaches, but tend to prefer one approach over the other.

Benefits of IaC

Provisioning infrastructure has historically been a time consuming and costly manual process. Now infrastructure management has moved away from physical hardware in data centers, though this still may be a component for your organization, to virtualizationcontainers, and cloud computing

With cloud computing, the number of infrastructure components has grown, more applications are being released to production on a daily basis, and infrastructure needs to be able to be spun up, scaled, and taken down frequently. Without an IaC practice in place, it becomes increasingly difficult to manage the scale of today’s infrastructure.

IaC can help your organization manage IT infrastructure needs while also improving consistency and reducing errors and manual configuration.

Benefits:

  • Cost reduction
  • Increase in speed of deployments
  • Reduce errors 
  • Improve infrastructure consistency
  • Eliminate configuration drift

How IaC Works on AWS

Amazon’s market-leading, comprehensive cloud-computing platform, AWS (Amazon Web Services), combines Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and packaged Software as a Service (SaaS). It provides flexible, reliable, scalable, and easy-to-use computing power, database storage, analytics, networking, development tools, enterprise applications, and content delivery services. Launched in 2006 and built on Amazon’s internal infrastructure, AWS was also one of the first companies to introduce these services on a pay-as-you-go model. It dominates cloud computing for several compelling reasons. 

CloudFormation on AWS
Source: https://aws.amazon.com/cloudformation/

AWS covers 245 territories and countries and provides a vast array of

  • Automated services
  • Comprehensive functionality
  • State-of-the-art security
  • Cost-efficiency
  • Scalability
  • Performance
  • Quick and straightforward deployment
  • Systems integration
  • Support and proven operational expertise. 

Meet CloudFormation

So CloudFormation is the AWS IaC tool that serves as an automation platform that allows you to implement services or applications without having to set up and configure each one manually, saving you considerable time and avoiding the potential for mistakes and inconsistencies. Given its ease of use and wide-ranging capabilities, CloudFormation has helped make AWS so popular with companies of all sizes and types. Domain registrar and web-hosting company GoDaddy serves as a perfect example. 

Automating infrastructure management to focus on innovation

With more than 78 million domain names under management, more than 19 million daily entrepreneur/users, and handling more than 300,000 DNS queries per second, GoDaddy is the largest domain registrar/web hosting company in the world. And in 2018, they decided to transform their digital architecture from the on-premises, in-house, data-center model and move everything to the cloud. In doing so, they had three core objectives:

  • Accomplish the migration as quickly as possible.
  • Increase how application stacks are performed and operated.
  • Extend reliability and availability.

They did precisely that when they partnered with AWS and used CloudFormation, AWS Service Catalog and AWS Systems Manager.  

As a result, they could onboard and provision more than 200 accounts (more than 500 landing zones) within approximately one year, automatically provisioning each new onboard in under 2 hours. In addition, by automating the process through IaC, they saved approximately 25,000 hours and about $5,000 per account. They’ve saved more than 100 daily compute rotations just from automating the process and eliminating patching in terms of patching and updating.  This also freed up GoDaddy staff to spend more time working with and innovating for customers. But GoDaddy is by no means the only organization that benefits from IaC and AWS. 

Scaling as needed to support critical applications

In 2018, the Expedia Group planned to migrate 80 percent of its mission-critical apps from on-premises to the cloud. One of the world’s largest full-service online travel agencies, Expedia provides leisure and business travel services to customers around the globe. Committed to innovation and technology, Expedia began using AWS in 2010 when it launched its Expedia Suggest Service (ESS), a typeahead suggestion service that prompts customers to enter correction travel information. But ESS was not created solely for convenience. Expedia metrics showed that error pages were the greatest reason for customer site abandonment. But Expedia faced another challenge: time. 

On-premise vs cloud hosted
Source: https://www.ebcgroup.co.uk/news-insights/on-premises-vs-cloud

On-premises data-center solutions could not compete with decentralized, automated cloud services in terms of eliminating user lag and delays. So, Expedia took to the cloud. In the case study Expedia Group Increases Agility and Resiliency by Going All In on AWS, Expedia Principal Architect Magesh Chandramouli explains, “If an application processes 3,000 requests per second, we would have to configure our physical servers to run at about 30 percent capacity to avoid boxes running hot. On AWS, we can push CPU consumption close to 70 percent because we can always scale-out. Fundamentally, running in AWS enables a 230 percent CPU consumption efficiency in the data processing. We run our critical applications on AWS because we can scale and use the infrastructure efficiently.” 

This kind of success prompted the migration of other Expedia services to AWS. For example, to enable continuous deployment and speed, they used a blue-green deployment approach to create parallel production environments on AWS. They also used the deployment to troubleshoot effectively, scale, and develop applications faster. Expedia Principal Software Engineer Jun-Dai Bates-Kobashigawa also highlights the multifold value of IaC for provisioning, “If there are 100 boxes running, you might have to take 20 boxes out to apply new code. Using AWS, we don’t have to take capacity out; we just add new capacity and send traffic to it.” 

viVietnamese