Introduction to Infrastructure As Code
Discuss the reasons for and progressions of infrastructure as code.
Moving toward infrastructure as code
Are there problems with using a tool such as Terraform to create a cluster in a browser-based console provided by a vendor, so that infrastructure can be managed as code? We think so. Let’s take a look at that in detail.
Usage of UI in comparison with CLI
Let’s discuss how user interfaces (UI) and command line interfaces (CLI) can be used for managing clusters and what problems arise in their usage.
Using UI to create clusters
Clicking buttons and filling in forms on a browser can result in undocumented and unreproducible processes. It’s much better to document what we did so we can refer to that later. We also probably want our colleagues to know what we did so they can collaborate. Finally, we probably want to be fast.
Ad hoc actions in web-based consoles don’t provide any of those things. We’d need to write Wiki pages to document the steps. But if we do that, we’ll quickly find out that it’s easier to write something like “Execute aws …” than it is to write pages filled with “Go to this page,” “Fill in this field with that value,” “Click that button,” and similar tedious entries that are often accompanied by screenshots.
We want to define the instructions on how to create and manage infrastructure as code (IaC). We want them to be executable, stored in Git, and, potentially, executed whenever we push a change.
From UI to CLI
So, if a Web UI is not the right place to manage infrastructure, how about commands? We can surely do everything we need to do with a CLI. We can handle everything related to GCP with gcloud
. We could use aws
for the tasks in AWS, and Azure is fully covered with az
CLI. While these options are better than the click-click-click type of operations, we’ll see in this chapter that they’re also not good options.
Using CLI to create clusters
Using a CLI might seem like a good idea at first. We can, for example, create a fully operational Google Kubernetes Engine (GKE) cluster by executing:
gcloud container clusters create
However, that’s not idempotent. So the next time we want to upgrade it, the command will be different. On top of that, CLIs don’t tend to provide dependency management, so we need to make sure that we execute them in the right order. They also don’t have state management, so we cannot easily know what is done and what isn’t. They cannot show us which changes will be applied before we execute a command.
The list of things that CLI commands often do not do is vast. Now, if our only choices are click-click-click through UI and CLI commands, we should choose the latter. But those are not the only options.