adam's notes

Uses for Infrastructure as Code

  • center around the deployment of VMs and containers to cloud infrastructure

Non-persistence and Templates

  • Automation works best in an environment designed for non-persistence
    • means that any given instance is completely static in terms of processing function
    • Data is kept separate from the instance OS/app
      • so instance can be swapped out for an “as new” copy without suffering any configuration problems
  • when provisioning a new instance,
    • automation system may use two types of mastering instructions:
      • Master Image
        • the “gold” copy of a VM or container instance
          • OS, applications, and patches all installed and configured
        • faster than using a template
        • keeping the image up to date can involve more work than updating a template
      • Automated build from a template
        • build instructions (imperative automation) or desired configuration (declarative automation) for an instance
        • Rather than storing a master image,
          • software builds and provisions an instance according to the template instructions or desired configuration

Upgrades

  • upgrade process can be highly complex
    • can have unforeseen impact
  • upgrade project must be treated as a major change
    •  should be supported by test and rollback plans
  • project must identify:
    • dependencies between systems
    • how they will be impacted by the upgrade
  • Automation can assist by:
    • speeding up deployment of systems into a test network
    • performing scripted test suites to check for known or anticipated compatibility issues
    • deploy the upgraded systems on the production network

Dynamic Inventories

  • Instances of VMs and containers launched into a cloud environment need to be tracked as inventory
  • cloud instances are ephemeral
  • need to be identified by tags
    • Rather than fixed asset IDs
    • can be assigned in the cloud management system when the instance is launched
  • imperative to devise and enforce a tagging system that properly identifies ownership and roles for all instances
  • important to manage instances to avoid sprawl
    • where undocumented instances are launched and left unmanaged
    • manage by:
      • restricting rights to launch instances
      • configure logging and monitoring to track usage

A dynamic inventory queries the cloud API to return a list of instances and their properties for storage in a database.

  • feature in many automation suites

Reusable Tasks

A reusable task or module is a block of code that can perform a function in multiple different contexts.

  • e.g., given different inputs
    • same block of code could
      • launch a Windows VM into subnet A
      • launch a Linux VM into subnet B
  • Rather than separate scripts, develop function libraries that can be reused for multiple tasks

Graph View

Backlinks