What Are the Benefits of IaC?
From an automation standpoint, Infrastructure as Code can help ensure efficiency when building out resources. It also allows consistent configuration and flexible deployment. Resources can be distributed through the cloud or on-premises as needed. This can come in handy during major crises — such as the start of the COVID-19 pandemic, when many higher education institutions found themselves suddenly needing to scale.
Sometimes, universities and colleges only need a specific piece of infrastructure for a few days or weeks, rather than years. There’s always the risk that something you expect to stay online might break. In these instances, IaC can help universities and colleges stay flexible and ease the recovery process, notes Frank.
“Consider that there is a disaster, and your infrastructure goes down or is otherwise in a corrupted state,” she explains. “If implemented correctly, you can automatically provision your entire infrastructure stack from scratch.”
Having room for detailed customization can make it simple to re-create testing or production environments as needed, Frank says.
There can be challenges in how IaC is managed, however. One example of this is configuration drift, which Frank says happens when changes are made to existing infrastructure without updating the code to match. This can create significant security issues and long-term compliance challenges, ITProPortal reports. Even a small divergence can create big problems down the line.
“In a perfect world, all infrastructure changes are done in the code, so this wouldn’t be a problem,” Frank adds.
RELATED: Get the script for creating S3 buckets in AWS via CloudFormation.
The Best Tools for IaC
A variety of IaC use cases exist for AWS, along with other common cloud distribution platforms such as Microsoft Azure and Google Cloud Platform.
For its cloud offerings, IBM supports the open-source software offering Terraform, a tool developed by HashiCorp that allows users to provision infrastructure using either HashiCorp’s own configuration language or in JSON. Frank notes that this offers a lot of flexibility when building out infrastructure.
“One of the greatest things about Terraform is that it is a declarative language rather than imperative,” she says. “Would you rather tell your taxi driver every step it takes to get to your destination, or simply call an Uber that automatically calculates the best route? A declarative language lets you declare the final state of your infrastructure. It lets the tool handle the individual steps to get there. This is crucial in any IaC solution you look to adopt.”
Other well-known open-source tools for IaC provisioning and configuration include Chef, Puppet and Ansible.
How IaC Can Work with Existing Infrastructure
When implementing an Infrastructure as Code solution, one potential challenge that universities might face is integration with existing infrastructures. This could slow down efforts to introduce the technology.
In the case of Terraform, Frank says that there’s an open-source analysis tool called Terraformer that can find opportunities to convert existing infrastructure into something that can be automated through IaC.
“In the absence of this tool, developer teams can manually replicate their existing stack by building out their IaC scripts,” she says.
There are also ways to extend the use of IaC offerings beyond the surface level, notes Gardner.
“Most folks stop at the container level, but Infrastructure as Code goes all the way down to the bare metal,” he says. “I expect IaC developers to continue the trend of codifying downward via APIs while application developers increasingly leverage higher-level abstraction above it, such as PaaS and serverless.”