Jun 29 2021

Infrastructure as Code: A Developer-Minded Approach to Higher Ed Cloud Computing

Tech teams can speed up infrastructure scaling consistently and safely through code-based provisioning.

It can be challenging for higher education IT departments to manage cloud infrastructure. Complicated setups can topple over at scale without the right architecture. But of the many benefits that cloud computing and virtualization tools offer, the most important one may be improvements in infrastructure management.

One way to manage infrastructure in a consistent way that’s easy to replicate is through Infrastructure as Code. IaC creates an abstraction layer for building out cloud environments through automated scripts. For those working with complex cloud builds, it allows simpler management in the long run.

DIVE DEEPER: Learn how Infrastructure as Code and Amazon Web Services work together.

What Is Infrastructure as Code?

IaC is not a particularly new trend. According to author and consultant Stephen Nelson-Smith, the concept dates to the earliest days of Amazon’s Elastic Compute Cloud in 2006, as well as the release of version 1.0 of the Ruby on Rails application framework during the same period. These two events lowered the barrier of entry for scalable infrastructure, but they also added complexity by requiring configuration tools that can deploy new resources as needed.

In many ways, the IaC philosophy is about packaging and organizing cloud infrastructure in a way that allows it to be built on demand. Since it is built from an existing model, it saves developers the headache of having to rebuild from scratch each time. This takes advantage of the instant resource capabilities that cloud computing and virtualization technologies offer, which use automated programming to complete tasks. This makes it easy to scale and redistribute infrastructure as needed.

Briana Frank, director of product management for IBM Cloud, says that IaC breaks down the process of building new infrastructure. It allows developers to approach it in the same way they might approach toolkits when they work on new applications.

“A developer wouldn’t write every line of code each time they had to run their application,” Frank says. “Similarly, an operations engineer shouldn’t have to click through every button in their cloud provider each time they want to deploy a new environment. They must be able to store everything that defines their Infrastructure as Code. This is generally stored in something like GitHub — the same place that developers maintain their app code.”

Thinking about infrastructure in the same way programmers think about toolkits opens up opportunities for scale. Chris Gardner, vice president and research director at Forrester, says that beyond the ability to store tools in source code repositories like GitHub, this approach allows a continuous delivery pipeline.

“Since you’re modeling infrastructure as software, you get all of the benefits typically afforded to application developers,” Gardner says.

As Gardner notes in a 2018 report, “‌Become a Unicorn with Infrastructure as Code,” nearly 90 percent of global enterprise infrastructure decision-makers emphasized the importance of having a comprehensive cloud strategy. IaC could be one element of building a strategic approach toward cloud.

What Are the Benefits of IaC?

From an automation standpoint, Infrastructure as Code can help ensure efficiency when building out resources. It also allows consistent configuration and flexible deployment. Resources can be distributed through the cloud or on-premises as needed. This can come in handy during major crises — such as the start of the COVID-19 pandemic, when many higher education institutions found themselves suddenly needing to scale.

Sometimes, universities and colleges only need a specific piece of infrastructure for a few days or weeks, rather than years. There’s always the risk that something you expect to stay online might break. In these instances, IaC can help universities and colleges stay flexible and ease the recovery process, notes Frank.

“Consider that there is a disaster, and your infrastructure goes down or is otherwise in a corrupted state,” she explains. “If implemented correctly, you can automatically provision your entire infrastructure stack from scratch.”

Having room for detailed customization can make it simple to re-create testing or production environments as needed, Frank says.

There can be challenges in how IaC is managed, however. One example of this is configuration drift, which Frank says happens when changes are made to existing infrastructure without updating the code to match. This can create significant security issues and long-term compliance challenges, ITProPortal reports. Even a small divergence can create big problems down the line.

“In a perfect world, all infrastructure changes are done in the code, so this wouldn’t be a problem,” Frank adds.

RELATED: Get the script for creating S3 buckets in AWS via CloudFormation.

The Best Tools for IaC

There are many offerings that help higher education institutions take advantage of IaC. For example, Amazon Web Services natively offers two tools for building infrastructure through a codebase. These are AWS CloudFormation, which is built by using templates in the JavaScript Object Notation (JSON) format, and Amazon Machine Image, which allows users to deploy services with the Amazon Elastic Compute Cloud.

A variety of IaC use cases exist for AWS, along with other common cloud distribution platforms such as Microsoft Azure and Google Cloud Platform.

For its cloud offerings, IBM supports the open-source software offering Terraform, a tool developed by HashiCorp that allows users to provision infrastructure using either HashiCorp’s own configuration language or in JSON. Frank notes that this offers a lot of flexibility when building out infrastructure.

“One of the greatest things about Terraform is that it is a declarative language rather than imperative,” she says. “Would you rather tell your taxi driver every step it takes to get to your destination, or simply call an Uber that automatically calculates the best route? A declarative language lets you declare the final state of your infrastructure. It lets the tool handle the individual steps to get there. This is crucial in any IaC solution you look to adopt.”

Other well-known open-source tools for IaC provisioning and configuration include ChefPuppet and Ansible.

How IaC Can Work with Existing Infrastructure

When implementing an Infrastructure as Code solution, one potential challenge that universities might face is integration with existing infrastructures. This could slow down efforts to introduce the technology.

In the case of Terraform, Frank says that there’s an open-source analysis tool called Terraformer that can find opportunities to convert existing infrastructure into something that can be automated through IaC.

“In the absence of this tool, developer teams can manually replicate their existing stack by building out their IaC scripts,” she says.

There are also ways to extend the use of IaC offerings beyond the surface level, notes Gardner.

“Most folks stop at the container level, but Infrastructure as Code goes all the way down to the bare metal,” he says. “I expect IaC developers to continue the trend of codifying downward via APIs while application developers increasingly leverage higher-level abstraction above it, such as PaaS and serverless.”

Yuichiro Chino/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.