chapter two

2 Writing infrastructure as code

 

This chapter covers

  • Learning how current infrastructure state affects reproducibility of infrastructure
  • Detecting and remediating infrastructure drift because of mutable changes
  • Implementing best practices for writing reproducible infrastructure as code

Imagine you’ve created a development environment for a “hello-world” application. You built it organically, adding new components as you needed them. Eventually, you need to reproduce the configuration for production use, which people can publicly access. You also need to scale production across three geographic regions for high availability.

If you did not use infrastructure as code to build the development environment, you might try to reverse engineer a weeks’ worth of work. If you used infrastructure as code, you might have started by copying and pasting some configuration from a website or introductory tutorial and manually editing the resources just to get it running. In either scenario, you need to remember what you configured and how you can reproduce it. If you need to do this for two or even three more environments, you will have difficulty scaling your system.

2.1     Understanding infrastructure change

2.2     Understanding immutability

2.2.1     Immutable infrastructure

2.2.2     Remediating out-of-band changes

2.2.3     Migrating to immutability

2.2.4     Dependency graphing

2.3     Clean infrastructure as code

2.3.1     Version control communicates context

2.3.2     More on Version Control

2.3.3     Linting & formatting

2.3.4     Naming resources

2.3.5     Describe the resource to someone else

2.3.6     Variables & constants

2.3.7     Parametrize dependencies

2.3.8     For more about Terraform

2.3.9     AWS Equivalent

2.3.10     Keeping it a Secret

2.4     Summary