What is IaC and Why Terraform?

Infrastructure as Code is a widely used terminology by DevOps professionals. Before understanding what IaC is, you should first try to understand the reason behind why IaC came into existence and why is it so popular.

📌 Rapid Adoption of Devops Culture

The ever-increasing popularity of DevOps has led to the use of IaC. A decade ago, if you had to build software and make it available to the world online you had to set up the servers in datacenters, hook up wiring and have redundant power systems. There were separate teams called the developers, who used to write code and the operations team (sysops), who used to manage the hardware. Most of the deployment related work such as installing the application and its dependencies was done manually by the Ops team. As the number of applications grew, it got difficult to manage the deployment process. As the number of servers increased, the release of the software became slower. The Ops team occasionally made mistakes that ended up being snowflake servers, wherein each server has a slightly different configuration than others leading to configuration drift. Nowadays the adoption of DevOps culture has led to the use of automation to bring down these manual errors significantly. To know more about DevOps click here.

📌 The Rise of Public Cloud

Of late, rather than managing datacenters, companies are moving their workloads to cloud providers such as AWS, Azure, GCP and many more. The Ops team that once used to set up hardware is now spending time writing operational code using tools such as Terraform, Ansible, Docker and Kubernetes. As a result of this, the gap between the Dev teams and Ops teams is closing. The Devs now write operational code whereas the Ops guys write operational code using DevOps processes and techniques. PS: If you've received an unexpected bill from AWS despite being cautious, you're not alone!

📌 What is Infrastructure as Code?

Infrastructure as Code (IaC) is the managing and provisioning of infrastructure through code instead of following manual processes. The end goal is to automate the software delivery process as much as possible. You write code to define, deploy, update and destroy your infrastructure.

There are majorly two types of IAC tools:

📍 Configuration Management tools

📍 Provisioning tools

🟢 Configuration management tools

These tools are designed to install and manage software on existing servers. Ansible, Chef and Puppet are some of the well-known configuration management tools. Nowadays these tools are replacing bash scripts as tools like Ansible offers lots of features such as Idempotence, wherein it will make changes only if those changes are not already applied. For example, if you write an Ansible playbook to install an apache webserver, Ansible will only install apache on servers where an apache webserver is absent. Another advantage of ansible is that it can be used to manage a large number of remote servers.

🟢 Provisioning tools

Provisioning tools such as Terraform, Azure Biceps and CloudFormation are responsible for creating servers, unlike configuration management tools which are responsible for managing servers. Provisioning tools are not only used to create servers but also can be used to create other services such as Load Balancers, Databases, Monitoring, Virtual Networks and Subnets and almost every infrastructure component.

📌 Configuration Management versus Provisioning

Configuration management tools like Ansible can do provisioning to some extent, for example you can deploy a server using ansible whereas provisioning tools such as Terraform can do configuration management to some extent, for example you can run scripts using Terraform. The choice of tool depends on what is best for a given use case. However a popular combination is to use terraform to provision the infrastructure and ansible to configure and manage the infrastructure.

🟢 Procedural Language versus Declarative Language

Tools like Chef and Ansible utilize procedural language where you write code that specifies how the tasks have to be achieved. Terraform and CloudFormation use declarative language in which you write the code that specifies the desired end state and IaC tool is responsible to figure out how it can be achieved.

Procedural code does not capture the state of the infrastructure and limits reusability whereas the declarative approach used in Terraform always captures the latest state of the infrastructure.

🟢 Mutable versus Immutable Infrastructure

The word Mutable means "prone to change", Mutable infrastructure is an infrastructure that is capable of being modified and updated in-place on a regular basis. Configuration management tools like Ansible, Puppet and Chef are used for this purpose. These tools can be used to roll out updates and fix problems quickly. One of the major cons of mutable infrastructure is that it is more likely to cause configuration drift.

The word Immutable means "unable to change", the infrastructure, once deployed, cannot be modified. Terraform is immutable, if changes or updates need to be made, an entirely new instance with the proper modifications is deployed onto the server. This avoids configuration drift to a large extent. One of the major cons of immutable infrastructure is that the infrastructure cannot be modified in-place. In case of modification, a new environment with required changes has to be spawned.

📌 What is Terraform ?

Terraform is an open-source tool built by HashiCorp and is written in Go programming language. Terraform makes API calls to the providers such as AWS, Azure, GCP and more to deploy infrastructure. Terraform determines the API calls by referring to terraform configuration file, which are text files that contain code to specify what infrastructure has to be created. When someone wants to make changes to the infrastructure, they can make changes in Terraform configuration files , validate those changes and update code to version control and then run terraform apply to make necessary changes.

What makes terraform an excellent choice is that it is open source and cloud agnostic tool that supports immutable infrastructure and declarative language making it easier for enterprises to start their cloud journey.