What is Infrastructure as Code?
One trend, is the ongoing transition to the cloud. Many companies are shifting databases from on-site location to cloud infrastructure. These companies want maximum value from the same & they are finding out that they can move faster by taking advantage of the flexible options available today. This is where Infrastructure as Code tools come into play.
Infrastructure as Code (IaC) is the application and usage of code to define and manage cloud infrastructure. It is about using software engineering principles and approaches into the cloud infrastructure space.
- Use code to manage cloud database.
- Apply same principles as of a familiar language.
- Latest step in defining & managing cloud infrastructure.
Before IaC, infrastructure was run by many methods such as pointing and clicking in a user interface, batch scripts, and configuration management tools. These may not have been designed by the cloud. These days, companies prefer platforms such as Pulumi, which embrace and support familiar software engineering principles.
Importance of Infrastructure as Code
The rate at which a company’s infrastructure changes, is increasing. Adoption and modernisation of the cloud are two of the reasons this is happening. This frequently involves adopting technologies such as server-less, containers and Kubernetes. When applied correctly, these technologies enable teams to deliver value more quickly, and use managed services to offload some of the heavy tasks to the cloud provider.
These technologies and services generally require a more precise management of infrastructure. Putting together all the features that the cloud provider offers, into solutions that serve the business is a great fit for infrastructure as code. Also, cloud-based infrastructure is provisioned via APIs and as a result, can be easily managed with infrastructure as code tools.
Benefits of Infrastructure as Code
Infrastructure as code simplifies the cloud database because it uses the same software engineering principles that have enabled other software-based systems to scale up.
Here are some of the features Infrastructure as Code tools offer:
- Version control
When infrastructure is described as code, it can be checked into source control, versioned and code-reviewed. Changes to infrastructure can be deployed using existing CI/ CD tools.
Teams can write tests for their infrastructure to ensure its correctness. They can put forth policies so that all of cloud base and its configurations are compliant. Once they’re tested, infrastructure components can become reusable pieces of code that can be shared across teams.
- Use of IDEs
We can take advantage of all the features that an IDE offers, such as autocompletion and the ability to look up methods and their properties.
When infrastructure is code and is integrated into a company’s core software, there’s a common language and a common set of practices that engineers already understand. That common understanding results in cross-team collaboration, which is fundamental to DevOps.
Introduction to Pulumi
Pulumi is a modern infrastructure as code platform that allows us to use familiar programming languages and tools to build, deploy, and manage cloud infrastructure.
- Pulumi works with traditional infrastructures like VMs, networks, and databases.
- Modern architectures including containers, Kubernetes clusters, and server-less functions are also supported.
- It supports 70+ public, private and hybrid cloud service providers such as AWS, Azure, etc.
A downloadable CLI, runtime, libraries, and a hosted service work together to deliver a robust way of applying, updating, and managing cloud infrastructure.
This diagram illustrates the structure and major components of Pulumi:
- Programs are written in general-purpose programming languages.
- They describe how our cloud database should be composed.
- To declare new infrastructure in our program, we allocate resources whose properties reflect the desired state of our infrastructure.
- These properties are also used between resources to handle any necessary dependencies and can be exported outside of the stack, if needed.
Programs reside in a project, which is a directory that contains source code for the program and metadata on how to run the program. After writing our program, we run the Pulumi CLI command
from within our project directory. This command creates an isolated and configurable instance of our program, known as a stack. Stacks are similar to different deployment environments that we use when testing and rolling out application updates. We can have distinct development, staging, and production stacks that we create and test against.
How Pulumi Works?
- Pulumi uses a desired state model for managing infrastructure.
- The program is executed by a language host to compute a desired state for a stack’s infrastructure.
- The deployment engine compares this desired state with the stack’s current state and determines what resources need to be created, updated or deleted.
- The engine uses a set of resource providers (such as AWS, Azure, Kubernetes, and so on) in order to manage the individual resources.
- As it operates, the engine updates the state of our infrastructure with information about all resources that have been provisioned as well as any pending operations.
The following diagram illustrates the interaction between these parts of the system:
Pulumi supports many clouds using the same languages, CLI and deployment workflow. Each language is as capable as the other and supports the entire bandwidth of all of the clouds available in Pulumi Registry.
The following language runtimes are currently supported by Pulumi:
The Pulumi Service web application automatically manages deployment state and enables collaboration between developers and operators. The Pulumi CLI automatically uses it unless we explicitly opt out.
In your browser, navigate to app.pulumi.com and create an account.
When you sign in to the Pulumi Service, a personal account is automatically created on the Individual Edition. The Pulumi Individual Edition is free forever for unlimited individual use.
You can create an unlimited number of stacks, encrypt configuration and resource secrets, and browse stack history. To collaborate with other developers or use advanced features like SAML SSO, you’ll need to create a Pulumi organisation.
The following editions are also available as upgrade options:
- Pulumi Team
It is ideal for teams of up to 15 members and provides the basics of infrastructure as code in popular languages, enabling teams to ship faster.
- Pulumi Enterprise
It is ideal for large teams and organisations in production. It offers an unlimited number of members and teams and provides full cloud engineering capabilities.
- Pulumi Business Critical
It is ideal for enterprises that have specific requirements, like advanced security and compliance features, premium support, and self-hosting options.
For more information about the specific differences and capabilities offered for the Pulumi Team, Enterprise and Business Critical editions, refer to the pricing page.
If you’ve fallen in love with Pulumi, it might not be obvious how to adopt it.
For brand new projects, it’s easy: simply start writing your infrastructure as code using Pulumi from the start. But what if you already have infrastructure stood up? And perhaps even actively serving a critical business need? In these cases, you may wonder, is it even possible to adopt Pulumi, without downtime or a major disturbance to your existing infrastructure? The answer is yes!
The user guide offers a tour of tried-and-true tools and techniques that can be used to migrate any infrastructure to Pulumi, regardless of how that infrastructure was originally structured in the cloud tooling ecosystem. These techniques range from coexisting with this infrastructure, either temporarily or permanently, as well as adopting infrastructure and/or converting existing infrastructure as code projects.
Download & Installation
This was a brief introduction on Infrastructure as Code and Pulumi. Inspiration for this blog came from Kunal's YouTube video on the same. Check it out here.
Thanks for reading!
You can connect with me here: