IaC: Maturity Model
• Mark Eschbach
As apart of bringing in Terraform where I am currently working, I need to give a presentation on the technologies. This is specifically through the lens of supporting for Infrastructure fo Code (IaC). I am interested in presenting the successful business cases for Infrastructure as Code.
What is IaC?
Infrastructure as Code is component of the devops movement advocating for applying software lifecycle practices to the the underlying infrastructure supporting application. As a result the configuration management of the servers themselves and the control systems of the cluster come under self documenting code. This code follows the rigors of the SDLC within an organization, being built within a development environment, going through an automated QA process, and finally shipping through a fully automated process.
Like applications there are definitely distinct stages of maturity along these lines:
- Cowboy: There is no formal change process for infrastructure. All changes are completed by hand, usually through a user interface. Operators regularly log into machines or systems to modify settings. If you were to lose an entire data center it would be unlikely you could recreate the exact configuration. Each system is configured differently, with specific administrators owning each one.
- Configuration Management: Your server configurations stored somewhere in source control. Each server is still a pet, cared for and fed by an administrator. Chances are you configuration management solution helps orchestrate changes, however they are triggered by hand. There is no formal pre-production environment for the infrastructure.
- Cluster Management: Instances are apart of a heard, configured through source and immutable. You monitor those instances and terminate unhealthy ones instead of trying to fix them. Occasionally your centralized logging systems don’t provide enough information so you must SSH into a machine to get more details. You’ve switched from thinking of individual nodes to instance roles within the cluster. Auto-Scale Groups are critical to keeping systems up and functional. Tasks are automated instead of done by hand.
- Continuous Infrastructure: After bootstrap you no longer have the need for an operator to directly interact with the servers. Changes go through a formal review, verified in preview environments, then role out into the infrastructure environments automatically.
Underlying this is a split. Infrastructure sits below the standard application environments. Your infrastructures production environments will all your application production and pre-production environments. Ideally by the time you get to level 4 above this is a super easy since your pre-production environments are spun on and down on-demand. Generally real infrastructure will take a while to come up, with 10+ minutes not being abnormal for a full preview environment.
What is next?
Shoot, I’m going to have to turn this into a series of posts. Next up is on Business Case Studies, Terraform, and Packer. Let’s see how far I get on those.