Jump to content

Infrastructure as Code Vs Configuration Management Vs Infrastructure Provisioning

DevOpsCube
 Share

Recommended Posts

DevOpsCube Newbie

DevOpsCube

Posted
Posted

In this blog, you will learn the concept and differences between Infrastructure as Code, Configuration Management, and Infrastructure Provisioning. We will also look at popular tools for each, and how they can be used together.

If you are trying to become a DevOps engineer, you might get confused between the use cases of Terraform and configurations management tools like Ansible, Chef, Puppet, etc. Therefore, it is essential to understand the difference between infrastructure as code, infrastructure provisioning, and configuration management.

Let’s make sure the following fundamentals are understood from an infrastructure standpoint before moving on to the key concepts.

  1. Infrastructure: IT infrastructure is a combination of hardware and software components. (Servers, Storage, Network, Firewall Devices, Routers, etc)
  2. Provisioning: In IT, provisioning is the process of creating infrastructure and making it available to end users.
  3. Configuration: It is the process of configuring the provisioned IT infrastructure resources. For example, installing and configuring a database on a server or configuring a firewall device.
  4. Automation: Process of automating an infrastructure task. For example, automating Nginx installation on a server.
  5. Orchestration: It is the process of coordinating multiple automation. Output from one automation can be used as input from another automation. For example, to deploy a server you need a network. So one automation will provision network resources and its output will be used by another automation pipeline to deploy servers.

Infrastructure as Code (IaaC)

Traditionally, IT infrastructure (Servers, storage, network, etc) was provisioned manually or using tools. There was no self-service portal. A server or network provisioning request might tasks days to weeks to get fulfilled.

But with the advent of cloud computing, provisioning infrastructure has become easy as most of the complex configurations are abstracted away by the cloud providers using virtualization and software-defined networking (Both private and public clouds). In a matter of minutes, you can provision network, servers, and storage.

And the best part is, everything is API driven. Meaning, all cloud providers expose APIs to interact with their platform to provision infrastructure.

If it is API driven, you can use any programing language to manage your IT infrastructure. Not only just provisioning, but you can also configure the provisioned resources using code.

If you use code to provision and configure the infrastructure, it is called Infrastructure as code (IaaC). To put it simply, codifying the infrastructure provisioning and configuration.

With the concept of Infrastructure as code, you can follow the same workflow you use for application development for Infrastructure as code development. Meaning, versioning the infrastructure code in git, running unit tests, and integration tests, and then deploying it.

Over time, many tools have evolved to make Infrastructure as code simple. These tools further abstracted away the code complexity using their domain-specific languages. At the backend, it uses cloud-specific API calls to provision and manage the resources. It helps sysadmins and engineers without programming knowledge to adopt infrastructure as code.

🚀  Benefits of IaaC

Following are some of the key benefits of IaaC

  1. With IaaC you can recreate any complex infrastructure with one click.
  2. You can version control your infrastructure state in the form of IaaC.
  3. Developer-centric workflow in infrastructure management.

🛠 IaaC Tools

The popular IaaC tools are Terraform, Pulumi, Ansible, Chef, and Puppet. Also, there are cloud-specific IaaC services like Cloudformation, AWS CDK, etc.

All these IaaC tools primarily fall under two categories.

  1. Infrastructure Provisioning tools (Terraform, Cloudformation, etc)
  2. Configurations management tools (Ansible, Chef, Puppet, etc)

The primary goal of IaaC tools is to bring the infrastructure component to the desired state declared by the user. If someone makes a manual change to the resource created by an IaaC tool, you can re-run the code and bring it back to the desired state.

🧘 Idempotency

All the IaaC tools follow the concept of idempotency. Meaning, no matter how many times you run the code, if the infrastructure or configuration is already present, it won’t make any change.

For example, you created two servers using Terraform. If you re-run the same terraform code again, it won’t make any changes. However, if you manually delete one server and re-run the terraform code, it will create only one server that was manually deleted and maintains the state of two servers declared by the user in the code.

🏋 IaaC High-Level WorkFlow

The following image shows a high-level overview of Infrastructure as code development and deployment workflow. I have used AWS cloud as an example. Here the CI/CD server orchestrates the whole provisioning workflow.

image 18

Infrastructure Provisioning

Infrastructure provisioning is the process of provisioning IT infrastructure resources like Virtual Servers, Storage, Networking, Cloud managed services, etc.

Terraform, Pulumi and Cloudformation are classic examples of infrastructure provisioning tools. It creates networks, servers, managed services, etc. Its primary goal is to keep the infrastructure in its desired state and reproduce or update it any time we need.

With infrastructure provisioning tools, you can also trigger configuration management tools. For example, you can have Terraform code to create Virtual machines and have logic to run Ansible provisioners on the created Virtual Machines.

Configuration Management

Configuration management is the process of configuring provisioned infrastructure resources. For example, configuring a server with required applications or configuring a firewall device.

The primary goal of configuration management tools is to configure the server. Meaning, if you want to automate the installation and configuration of an application(e.g., Nginx) in a server, we use a tool like Ansible and Chef. It does all the configurations in an idempotent manner.

Also, these tools help in managing the configuration drift. It ensures all the servers are running in the same configuration mentioned in the ansible-playbook or a chef cookbook. In the case of an agent-based chef/puppet, if someone makes a manual change to the server config, the chef agent brings it back to the desired state as mentioned in the cookbook.

All the configuration management tools keep an inventory of the server’s IP address and SSH credentials to connect to the servers. In cloud environments where servers are dynamically provisioned, it uses API-based dynamic inventory to get the server details.

The following image shows a high-level overview of how a configuration management tool works.

image 17

Another practical use case of configuration management tools is to create virtual machine images for immutable infrastructure deployments. For example, tools like Packer has provisioner functionality where you can use Ansible, Chef, or Puppet modules to configure the server image with application code.

Infrastructure Provisioning Vs Configuration Management

The following image shows the clear difference between Infrastructure Provisioning and configuration management

  1. Infrastructure provisioning tool Terraform is responsible for providing the network and servers
  2. Configuration management tool Ansible configures applications inside servers provisioned by Terraform.
Infrastructure as Code Vs Configuration Management

FAQ’s

Can you use configuration management tools to provision resources?

Yes. Configuration management tools support provisioning servers using their resources, however, using full-fledged infrastructure provisioning tools is recommended.

What is the difference between orchestration and configuration management?

Orchestration is the process of coordinating multiple automation pipelines and integrating different toolsets. Whereas configuration management is the process of configuring a server with required applications and configurations.

What is a Practical Example of Orchestration in DevOps?

One practical example of Orchestration is a Jenkins CI/CD pipeline. The moment a developer commits code to git, Jenkins takes care of testing, packaging, creating infrastructure resources, and deploying applications to the server. Here Jenkins orchestrates the whole process integrating multiple DevOps tools and executing the automation in order.

Summary

In this blog, I have answered the following questions.

  1. What is Infrastructure as code?
  2. What is infrastructure provisioning and
  3. What is configuration management?

We also looked at practical examples of all the concepts. If you have any doubts or queries, do let me know in the comments section.

Also, you can look at the best infrastructure automation tools and container orchestration tools to understand more about the tools landscape.

View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...