my cheat sheet on Infrastructure as Code
1 IAC Infrastructure as Code
Traditional workflow that needs to be fixed:
- problem is realized
- user calls the helpdesk, and opens a new ticket
- engineer opens the ticket and investigates using tools at hand (cli, gui, device-by-device show commands)
- ticket might get escalated to next-level engineer
- repeat until problem is resolved, or goes away.
This process is too slow, too decentralized, too manual to scale.
IAC lives by the DRY code, Don't Repeat Yourself. Automate!
IaC is a way of defining, managing
, and interacting
with your physical
and
virtual resources
by using machine-readable configuration files and scripts
instead of an interactive GUI or CLI.
Often these machine-readable configuration files and scripts
are part of the
application itself & contain instructions on how to configure
, create
, destroy
resources
in the infrastructure on demand
or automatically
.
Tools for provisioning such an infrastructure are
- text editors, (emacs or visual studio)
- version control systems (git)
- scripts (bash, python, perl)
The tools are maturing still, but their focus is typically on:
- centralized storage (which becomes the source of truth)
- collaboration
- life-cycle management
- automation
1.1 New workflow
Typically it flows like:
- edit a config file or a script
- apply config to infrastructure
- commit changes to a remote code repo
(No more copy paste from notepad for each individual device)
2 Starting with IAC
First identify steps and tasks that are repetitive. Do you check status of devices and routing tables every morning before staff move in?
Second, record the steps you took in checking the status of the routing tables
Thirdly, code those steps in a script to produce the desired outcome
Fourthly, repeat the code whenever you want, quickly and accurately.
2.1 Network as Code
Just a specific implementation of IAC. The network infrastructure is refered to as "networking domain".
NetDevOps is the practice of ongoing development of your network infrastructure using DevOps tools and processes to automate and orchestrate your network operations.
3 IAC Benefits
- capture your actions "as code" allows you to capture the result or desired state configuration
- let's you compare known state to current state very easily. Just run the process again, and compare with previous known state using diff -u
- The declarative model allows you to focus on the state instead of which actions are needed to get there.
- Life-cycle management helps you wih evolution of your code from concept to creation to collaboration and use.
When desired state of your infrastructure is defined within code, you can:
Store
your code in a repo for safe keeping and as a backup of your network configurationEvolve
as your needs change or your network