-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinfrastructure-as-software.html
18 lines (17 loc) · 12.9 KB
/
infrastructure-as-software.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<!DOCTYPE html><html lang="de-ch"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><title>Infrastructure as Software - Finecloud</title><meta name="description" content="Summary This post is my summary (for my own sake) of the original full length post: https://www.justingarrison.com/blog/2022-06-01-infrastructure-as-software/ Writing your infrastructure in a DSL or any other general purpose coding language like Ansible, Pulumi, Terraform is not Infrastructure as Software. Any managed service to deploy infrastructure…"><meta name="generator" content="Publii Open-Source CMS for Static Site"><link rel="stylesheet" href="https://www.finecloud.ch/media/plugins/syntaxHighlighter/prism-black.css"><link rel="canonical" href="https://www.finecloud.ch/infrastructure-as-software.html"><link rel="alternate" type="application/atom+xml" href="https://www.finecloud.ch/feed.xml"><link rel="alternate" type="application/json" href="https://www.finecloud.ch/feed.json"><meta property="og:title" content="Infrastructure as Software"><meta property="og:site_name" content="Finecloud"><meta property="og:description" content="Summary This post is my summary (for my own sake) of the original full length post: https://www.justingarrison.com/blog/2022-06-01-infrastructure-as-software/ Writing your infrastructure in a DSL or any other general purpose coding language like Ansible, Pulumi, Terraform is not Infrastructure as Software. Any managed service to deploy infrastructure…"><meta property="og:url" content="https://www.finecloud.ch/infrastructure-as-software.html"><meta property="og:type" content="article"><link rel="shortcut icon" href="https://www.finecloud.ch/media/website/finecloud.png" type="image/png"><link rel="stylesheet" href="https://www.finecloud.ch/assets/css/style.css?v=39da73365516a098a9b73b721fc970e2"><script type="application/ld+json">{"@context":"http://schema.org","@type":"Article","mainEntityOfPage":{"@type":"WebPage","@id":"https://www.finecloud.ch/infrastructure-as-software.html"},"headline":"Infrastructure as Software","datePublished":"2022-09-03T21:19","dateModified":"2022-09-03T21:19","description":"Summary This post is my summary (for my own sake) of the original full length post: https://www.justingarrison.com/blog/2022-06-01-infrastructure-as-software/ Writing your infrastructure in a DSL or any other general purpose coding language like Ansible, Pulumi, Terraform is not Infrastructure as Software. Any managed service to deploy infrastructure…","author":{"@type":"Person","name":"Finecloud","url":"https://www.finecloud.ch/authors/finecloud/"},"publisher":{"@type":"Organization","name":"Finecloud"}}</script><meta name="google-site-verification" content="seFY9U12uiEq5U3_MyZiX6XWzk0AVFl9zITr2ZKsytY"></head><body><div class="site-container"><header class="top" id="js-header"><a class="logo" href="https://www.finecloud.ch/">Finecloud</a><nav class="navbar js-navbar"><button class="navbar__toggle js-toggle" aria-label="Menu" aria-haspopup="true" aria-expanded="false"><span class="navbar__toggle-box"><span class="navbar__toggle-inner">Menu</span></span></button><ul class="navbar__menu"><li><a href="https://www.finecloud.ch/" target="_self">Blog</a></li><li><a href="https://www.finecloud.ch/tags/" target="_self">Tags</a></li></ul></nav><div class="search"><div class="search__overlay js-search-overlay"><div class="search__overlay-inner"><form action="https://www.finecloud.ch/search.html" class="search__form"><input class="search__input js-search-input" type="search" name="q" placeholder="search..." aria-label="search..." autofocus="autofocus"></form><button class="search__close js-search-close" aria-label="Close">Close</button></div></div><button class="search__btn js-search-btn" aria-label="Search"><svg role="presentation" focusable="false"><use xlink:href="https://www.finecloud.ch/assets/svg/svg-map.svg#search"/></svg></button></div></header><main><article class="post"><div class="hero"><figure class="hero__image hero__image--overlay"><img src="https://www.finecloud.ch/media/website/download.jpg" srcset="https://www.finecloud.ch/media/website/responsive/download-xs.jpg 300w, https://www.finecloud.ch/media/website/responsive/download-sm.jpg 480w, https://www.finecloud.ch/media/website/responsive/download-md.jpg 768w, https://www.finecloud.ch/media/website/responsive/download-lg.jpg 1024w, https://www.finecloud.ch/media/website/responsive/download-xl.jpg 1360w, https://www.finecloud.ch/media/website/responsive/download-2xl.jpg 1600w" sizes="100vw" loading="eager" alt=""></figure><header class="hero__content"><div class="wrapper"><div class="post__meta"><time datetime="2022-09-03T21:19">September 3, 2022</time></div><h1>Infrastructure as Software</h1></div></header></div><div class="wrapper post__entry"><div class="post__toc"><h3>Table of Contents</h3><ul><li><a href="#mcetoc_1gc2cjg0h1a1">Summary</a></li><li><a href="#mcetoc_1gc2ckge01a3">What is not IaS</a></li><li><a href="#mcetoc_1gc2cl9vm1a5">Downsides of IaC</a></li><li><a href="#mcetoc_1gc0s4fdi128">Downsides of IaD</a></li><li><a href="#mcetoc_1gc0s4fdi129">Downsides of managed services</a></li><li><a href="#mcetoc_1gc0s4fdi12a">So why IaS?</a></li><li><a href="#mcetoc_1gc2ci10e19t">Examples of IaS</a><ul><li><a href="#mcetoc_1gc2ci10e19u">Kubernetes controllers</a></li><li><a href="#mcetoc_1gc2ci10e19v">GitOps</a></li></ul></li></ul></div><h2 id="mcetoc_1gc2cjg0h1a1">Summary</h2><p>This post is my summary (for my own sake) of the original full length post:<a href="https://www.justingarrison.com/blog/2022-06-01-infrastructure-as-software/"> https://www.justingarrison.com/blog/2022-06-01-infrastructure-as-software/</a></p><h2 id="mcetoc_1gc2ckge01a3">What is not IaS</h2><p>Writing your infrastructure in a DSL or any other general purpose coding language like Ansible, Pulumi, Terraform is not Infrastructure as Software. Any managed service to deploy infrastructure without acting like a one-time shoot action (AWS CloudFormation) is also not IaS. Also not ment is Infrastructure as Data (IaD).</p><h2 id="mcetoc_1gc2cl9vm1a5">Downsides of IaC</h2><h2 id="mcetoc_1gc0s4fdi125"></h2><p>The big benefit of IaC is that your developers can write code that creates infrastructure and you can use coding practices to create libraries other people can share. But lets look the downsides of Infrastructure as code:</p><ul><li>Writing an application with (for example) Java and also IaC in (for example) Java: if you want to upgrade your Java version, you need to upgrade both! Another maintenance tasks which can cause conflicts.</li><li>What if you need to transition the IaC and the hole infrastructure to a new team or person which doesn't know anything like (for example) Java? They will for sure rewrite the hole IaC stuff in a language they know or even worse they will do everything manually by hand.</li><li>Writing IaC in different languages means you can't reuse or integrate modules together. One is in Java, one in Ansible, one in Terraform's HCL.</li></ul><h2 id="mcetoc_1gc0s4fdi128">Downsides of IaD</h2><p>The goal if IaD is separating your declarative requirements from the implementation code. With Terrafrom I can roll out IaC like this:</p><p><code>terraform apply</code></p><p>or I can separate the requirements in variables (which represents the unique data) apart from the generic IaC-code:</p><p><code>terraform apply -vars-file data.tfvars</code></p><p>The challenge with IaD is, what it relies on general purpose infrastructure reconcilers. In other words you fall back to combining your data with some form of automation or templating your data into something that can be compiled. Examples for k8s are helm charts and kustomize.</p><h2 id="mcetoc_1gc0s4fdi129">Downsides of managed services</h2><p>The problem with managed services is, that its only a one-way sync automation. It requires you to send data it can deploy, but when things change those services are ignorant and do not correct the differences between your desired state and the actual state in your production. Well there are a few mechanisms to detect drifts, but they always require manual interaction.</p><h2 id="mcetoc_1gc0s4fdi12a">So why IaS?</h2><p>The big deal of IaS is that it allows you to continually reconcile state and sync state into the stack. It manages your infrastructure continuously. <strong>The main difference between IaC or IaD to IaS is that IaS is a continually running process, your code is always in action. IaS reads your data, stores it, reads the infrastructure state, stores it, and then checks if the two matches. It's a two-way sync automation that knows how to imperatively get from one state to another.</strong></p><h2 id="mcetoc_1gc2ci10e19t">Examples of IaS</h2><p>Two famous examples of IaS are:</p><ul><li>Kubernetes controllers</li><li>GitOps</li></ul><h3 id="mcetoc_1gc2ci10e19u">Kubernetes controllers</h3><p>Kubernetes controllers ares used as example in Cloud Native Infrastructure. The idea of this is to use K8s CRDs + a controller to manage infrastructure. Examples are<a href="https://crossplane.io/"> crossplane</a>, <a href="https://github.com/aws-controllers-k8s/community">AWS Controllers for Kubernetes (ACK)</a>, and GitOps. It’s also been used for managing state of applications in Kubernetes with <a href="https://kubernetes.io/docs/concepts/extend-kubernetes/operator/">operators</a>.</p><h3 id="mcetoc_1gc2ci10e19v">GitOps</h3><p>GitOps is a idea for using a general purpose reconciler to manage more resources. Let's have a look a the GitOps principles:</p><ol><li><strong>Declarative</strong>: A system managed by GitOps must have its desired state expressed declaratively</li><li><strong>Versioned and Immutable</strong>: Desired state is store in a way that enforces immutability, versioning and retains a complete version history</li><li><strong>Pulled Automatically</strong>: Software agents automatically pull the desired state declarations from the source</li><li><strong>Continuously Reconciled</strong>: Software agents continuously observe actual system state and attempt to apply the desired state</li></ol><p>There are multiple options for controllers that implement GitOps. <a href="https://fluxcd.io/" rel="nofollow">Flux</a> and <a href="https://argoproj.github.io/" rel="nofollow">Argo</a> are the two most popular GitOps controllers known so far.</p></div><footer class="wrapper post__footer"><p class="post__last-updated">This article was updated on September 3, 2022</p><ul class="post__tag"><li><a href="https://www.finecloud.ch/tags/docker/">docker</a></li><li><a href="https://www.finecloud.ch/tags/git/">git</a></li><li><a href="https://www.finecloud.ch/tags/gitops/">gitops</a></li><li><a href="https://www.finecloud.ch/tags/ias/">ias</a></li><li><a href="https://www.finecloud.ch/tags/infrastructure-as-code/">infrastructure as code</a></li><li><a href="https://www.finecloud.ch/tags/k8s/">k8s</a></li><li><a href="https://www.finecloud.ch/tags/kubernetes/">kubernetes</a></li><li><a href="https://www.finecloud.ch/tags/terraform/">terraform</a></li></ul><div class="post__share"></div></footer></article><nav class="post__nav"><div class="post__nav-inner"><div class="post__nav-prev"><svg width="1.041em" height="0.416em" aria-hidden="true"><use xlink:href="https://www.finecloud.ch/assets/svg/svg-map.svg#arrow-prev"/></svg> <a href="https://www.finecloud.ch/java-basics-dates-and-time.html" class="post__nav-link" rel="prev"><span>Previous</span> Java basics: Dates and Time</a></div><div class="post__nav-next"><a href="https://www.finecloud.ch/java-working-with-a-database.html" class="post__nav-link" rel="next"><span>Next</span> Java working with databases </a><svg width="1.041em" height="0.416em" aria-hidden="true"><use xlink:href="https://www.finecloud.ch/assets/svg/svg-map.svg#arrow-next"/></svg></div></div></nav></main><footer class="footer"><div class="footer__copyright"><p>Powered by Publii</p></div><button onclick="backToTopFunction()" id="backToTop" class="footer__bttop" aria-label="Back to top" title="Back to top"><svg><use xlink:href="https://www.finecloud.ch/assets/svg/svg-map.svg#toparrow"/></svg></button></footer></div><script>window.publiiThemeMenuConfig = {
mobileMenuMode: 'sidebar',
animationSpeed: 300,
submenuWidth: 'auto',
doubleClickTime: 500,
mobileMenuExpandableSubmenus: true,
relatedContainerForOverlayMenuSelector: '.top',
};</script><script defer="defer" src="https://www.finecloud.ch/assets/js/scripts.min.js?v=6ca8b60e6534a3888de1205e82df8528"></script><script>var images = document.querySelectorAll('img[loading]');
for (var i = 0; i < images.length; i++) {
if (images[i].complete) {
images[i].classList.add('is-loaded');
} else {
images[i].addEventListener('load', function () {
this.classList.add('is-loaded');
}, false);
}
}</script><script defer="defer" src="https://www.finecloud.ch/media/plugins/syntaxHighlighter/prism.js"></script></body></html>