Understanding Infrastructure as Code (IaC)

I recently had a wonderful opportunity to contribute to the Computer Weekly Developer Network (CWDN) ultimate series on “Infrastructure as Code” that collected articles and overviews from vendors and experts operating in the IaC space to form a formidable reference on all aspects of IaC.

My contributions were to offer some insight into our architecture that has been designed to monitor infrastructure that has been deployed as code automatically and without tedious manual configuration. The wider series has under the editorship of Adrian Bridgwater, collated a fascinating and extensive collection of articles that are superb for gaining insight into IaC (Infrastructure as Code) from multiple perspectives.

The full series is available over on CWDN and includes:

  1. Infrastructure-as-Code series: What is IaC? A good overview to get started!
  2. eG Innovations – Practical monitoring in an IaC universe Covers the key features of monitoring architecture in an IaC world and considerations for those looking to implement automated monitoring such as auto-scaling, auto-discovery, and agented vs agentless models.
  3. Morrell on Microsoft’s march & maturity: Linux veteran and developer advocate Dick Morrell covers how the current ramp up to Infrastructure as Code first started being seen when organizations, that had played with both CloudStack and later OpenStack, had created three tiers of applied architecture.
  4. BlackSwan: Configurations, challenges & CDKs A fascinating article covering Cloud Development Kits and the application of AI (Artificial Intelligence) to optimize Cloud infrastructure deployed via IaC.
  5. BlackSwan: Defining Infrastructure-from-Code (IfC) Covers Infrastructure-from-Code, an emerging technology that potentially offers substantial advances over Infrastructure-as-Code. With IfC, your DevOps team does not need to code and maintain extensive configuration specifications, or even learn an IaC language.
  6. GitLab: Control, efficiency & paths to GitOps Includes a good explanation of Policy as Code tools, which automatically ensure that every change introduced meets policies set by the organization e.g. HashiCorp’s Sentinel framework. Overviews how GitOps applies automated operations to versioned definition files and the benefits. A must read if leveraging Git within your IaC strategies.
  7. Kong: APIOps is IaC for APIs. APIs are key to IaC; this article considers APIOps and the need for those APIs to be managed and version controlled and best practices for managing API (Application Programming Interface) lifecycles.
  8. Couchbase: new skills, but still not child’s play This article focuses on some of the softer challenges around IaC, particularly around staffing skillsets and the expertise to know when and how to implement IaC (just because you can does not mean you necessarily should).
  9. Kyndryl: Beyond the ‘box’, into workable cloud Covers Systems Monitoring, Configuration Management Database, Service Management, Asset Management, and the need for ongoing change in cloud environments to be controlled.
  10. Copado: The ephemeral cow & the stateful cat This is my favorite article in the series as it contains some great insight into ephemeral and stateful systems via the type of cat/dog and pet/cattle explanations that even your elderly grandma will understand and engage with. There is also some technical information on the Distributed, Immutable, and Ephemeral (DIE) security model.
  11. KPMG UK: IaC’s critical role in cybersecurity This is a comprehensive overview outlining the specific security benefits a good IaC strategy facilitates – a particularly useful read for those looking to justify budget and investment in IaC.
  12. Ondat: IaC is the means to a DevOps end Ondat is a Kubernetes-native platform for running stateful applications and delivers persistent storage directly onto any Kubernetes cluster for running business-critical, stateful applications safely across any public, private, and hybrid clouds i.e., it provides an agnostic platform to run data services.
  13. PagerDuty: From the declarative to the imperative This is a great read with real customer case studies and code examples of how PagerDuty customers are integrating the product within IaC workflows and leveraging Terraform etc. to gain tangible benefits including documenting configurations.
  14. HashiCorp: no, it’s not just “the code” From the makers of Terraform a nice overview touching on the challenges in scaling IaC and the importance of ownership models with RBAC (role-based access control).
  15. CircleCI: Standing on the shoulders of DevOps giants written by those at a developer-centric automation software company known for its specializing in Continuous Integration & Continuous Deployment (CI/CDD) it covers real world implementations of Terraform and similar and how it can meet the needs of both DevOps and DevSecOps to achieve security governance.
  16. Druva: A clear path to the virtualised app stack Druva are well known as a cloud data management platform, and they cover Data-as-Code (DaC) with some specific details around Kubernetes CSI volumes.
  17. OutSystems: The road to an ‘intentive’ IaC Presents concepts such as fully automated Infrastructure-as-Code generated to match the needs of the application code with no humans involved. Rather than imperative IaC or declarative IaC… an ‘intentive IaC’ approach.
  18. Red Hat senior architect: Into DevOps version control 2.0 Discusses how automating interactions between developers and operations teams reduces both of their workloads and removes room for errors or inconsistencies. Some salient points on the human workflows around DevOps pipelines and CI/CD methodologies.
  19. Shipa: Bridging the IaC–app disconnect Yet another deep dive, as IaC scales with frameworks such as Kubernetes and functionality such as autoscaling and load-balancing comes into play. Concepts such as Application-as-Code (AaC) become relevant, and this article discusses how to automate the application behavior and deployment within an environment of dynamic infrastructure.
  20. DataStax: Making data services as easy as code This is quite a deep technical one about applying principles of IaC to data management, including concepts of data gateways and the use of APIs – one for anyone with significant database and data handling requirements, especially if looking to the cloud.
  21. Tenable: The joy of enforced immutability An article covering immutability and concepts such as Policy as Code.

Related Reading: