New Case Study: Continual Modernization and Synergy .NET Propel Fuel Industry App
September 27, 2024Have you ever migrated a database, server, or network from one environment to another? This could include duplicating it for both development and production instances, executing disaster recovery procedures, or transitioning from a local server to a cloud service. If you’ve experienced any of these scenarios, I’m sure you felt some frustration and worry as you endeavored to replicate all settings exactly as they were in the source. Shouldn’t there be an easier way?
Enter infrastructure as code (IaC), which is designed to handle and set up computing infrastructure through script files that are machine-readable, as opposed to traditional methods involving manual configuration or interactive tools. With IaC, code is used to define and manage infrastructure components like servers, networks, and databases, typically in a declarative language.
In this article, I’ll discuss how our company has benefited from leveraging IaC for some of our Azure Cloud–hosted systems.
How we use IaC at Synergex
As a member of the Information Systems team here at Synergex, I help manage a fair portion of our internal cloud infrastructure. I recently performed conversions for multiple systems to leverage Terraform, one of the many IaC tools openly available. We had established systems on Azure Cloud, initially created through the Azure Cloud UI. Below is the step-by-step process I employed to transition those systems to leverage infrastructure as code:
- Identified the resources currently in use.
- Located the Terraform configuration definitions for these resources by referring to the documentation available on the HashiCorp website.
- Integrated Terraform configuration files into either existing or new project repositories.
- Configured a continuous integration/continuous development (CI/CD) pipeline to utilize Terraform commands, enabling the deployment of configurations to the cloud environment.
An important detail to note when I performed step 1: Every resource, whether it was a database, web service, function app, CosmosDB account, or storage account, had its own distinct resource definition in Terraform. Some of these resources also required additional supporting resource configurations to be defined.
How Synergex benefits from IaC
By leveraging IaC we can now manage development and production resources individually while retaining the core configuration common between the two. IaC enables swift resource provisioning when needed, allowing us to reduce costs by removing redundant development resources.
We can also easily iterate on upgrades and configuration changes to resources by quickly spinning up and tearing down development resources until we achieve the desired configuration. In Terraform, when an upgrade or configuration change is made and applied, the tool will detect changes in the configuration files compared to what is currently running in an environment and update the resources in place. Therefore, when the changes are applied to production, no manual work is required since Terraform performs all resource provisioning, including creating, updating, and deleting. Additionally, by storing our Terraform configuration in version control, we have a record of any changes made, allowing us to roll back and use Terraform to spin up previous versions of resources.
I have mentioned IaC’s functionality in provisioning resources; this is possibly the most important benefit. Since IaC can manage the entire lifecycle of resources, there is no longer a need to grant individual users any additional permissions besides viewing. As an organization, we can disable the capability of individual users to delete resources through the UI, a potentially dangerous action in practice due to the risk of accidental deletion of critical resources.
Although some of these benefits can also be achieved using the UI, IaC further enhances those benefits while also encouraging software development best practices when paired with version control. The use of version control, CI/CD pipelines, and Terraform has been instrumental in our organization’s increased security practices and preferred processes.
Considerations
Although it takes time for developers to learn the declarative language and familiarize themselves with best practices, conventions, and standards, it is a worthy investment. These skills can be adapted and leveraged from project to project and will also be used during maintenance processes. Furthermore, these skills can be applied in both local and cloud environments, where otherwise developers would need to familiarize themselves with different UIs if they were performing infrastructure lifecycle management manually.
While I focused predominantly on Terraform in the context of Azure Cloud throughout most of this article, it’s important to note that Terraform extends its utility beyond Azure Cloud, and there are numerous other infrastructure as code tools available. Some other popular IaC tools include
- Ansible
- AWS CloudFormation
- Azure Resource Manager
- Chef
- Crossplane
- Google Cloud Deployment Manager
- Pulumi
- Puppet
- Saltstack
- Vagrant
Please note that further research is required to determine the IaC tool applicable to your individual use case, as they are all different in their own regard and serve their own individual purpose.
Through this article, I hope I have answered some questions you may have had regarding infrastructure management and the benefits of using IaC. I believe IaC has greatly improved our processes and procedures while also reducing organizational costs.