Infrastructure as Code – Orchestration, Provisioning & Configuration Management (Ansible & Terraform)
Now a days in DevOps world we come across many terms like Infrastructure as Code – Orchestration, Provisioning & Configuration Management. In this article we will learn everything about these terms.
Image : https://medium.com
Infrastructure as Code
Infrastructure as Code (IaC) is a method to provision and manage IT infrastructure through the use of source code, rather than through standard operating procedures and manual processes. We are treating our servers, databases, networks, and other infrastructure like software. And this code can help us configure and deploy these infrastructure components quickly and consistently. IaC helps us automate the infrastructure deployment process in a repeatable, consistent manner, which has many benefits.
A long time ago, in a data center far, far away, an ancient group of powerful beings known as sysadmins used to deploy infrastructure manually. Every server, every route table entry, every database configuration, and every load balancer was created and managed by hand. It was a dark and fearful age: fear of downtime, fear of accidental misconfiguration, fear of slow and fragile deployments, and fear of what would happen if the sysadmins fell to the dark side (i.e. took a vacation). The good news is that thanks to the DevOps , we now have a better way to do things: Infrastructure-as-Code (IAC). We no longer have to rack and stack servers, which alleviates all of the issues and costs that come with human capital and real estate. Also, you could spin up servers, databases, and other necessary infrastructure very quickly, which would address the scalability, high availability, and agility problems.But the configuration consistency issue, where manual setup of cloud infrastructure can lead to discrepancies, still remains. That’s where Infrastructure as Code comes into play.
Deployment, Provisioning, Orchestration & Configuration Management
‘Deployment’ is the process of putting a new application, or new version of an application, onto a prepared application server. As per developer, it may also mean the process of preparing the server, perhaps by installing libraries or daemons. As per operations professional, it DOES NOT. They use the word “provisioning” for that.
The word ‘Provisioning’ is normally used by Ops folks to refer to getting computers or virtual hosts to use, and installing needed libraries or services on them. The thing to remember is that ‘deployment’ does not, as a rule, include ‘provisioning’. Infrastructure as code (IaC) is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. Infrastructure as Code (IaC) is the management of infrastructure
(networks, virtual machines, load balancers, and connection topology) in a descriptive model, using the same versioning as DevOps team uses for source code. CloudFormation and Terraform are provisioning tools, which means they are designed to provision the servers themselves (as well as the rest of our infrastructure, like load balancers, databases, networking configuration, etc), leaving the job of configuring those servers to other tools.
These two categories are not mutually exclusive, as most configuration management tools can do some degree of provisioning and most provisioning tools can do some degree of configuration management. But the focus on configuration management or provisioning means that some of the tools are going to be a better fit for certain types of tasks.
Orchestration means arranging or coordinating multiple systems. It’s also used to mean “running the same tasks on a bunch of servers at once, but not necessarily all of them.”
Config Management is part of provisioning. Basically, that’s using a tool like Chef, Puppet or Ansible to configure our server. “Provisioning” often implies it’s the first time we do it. Config management usually happens repeatedly. Configuration management (CM) is a systems engineering process for establishing and maintaining consistency of a product’s performance, functional, and physical attributes with its requirements, design, and operational information throughout its life Configuration management is all about bringing consistency in the infrastructure. Configuration management helps record all the changes made in the system. As a broader subject, configuration management (CM) refers to the process of systematically handling changes to a system in a way that it maintains integrity over time. The primary benefit of configuration management is consistency of systems and software. With configuration management, we no longer guess or hope that a configuration is current. It is correct because the configuration management system ensures that it is correct.When combined with automation, configuration management can improve efficiency because manual configuration processes are replaced with automated processes. This also makes it possible to manage more targets with the same or even fewer resources. Chef, Puppet, Ansible, and SaltStack are all configuration management tools, which means they are designed to install and manage software on existing servers.
Configuration Orchestration vs Configuration Management
The first thing that should be clarified is the difference between “configuration rchestration” and “configuration management” tools, both of which are considered IaC tools and are included on this list. Configuration orchestration tools, which include Terraform and AWS CloudFormation, are designed to automate the deployment of servers and other infrastructure. Configuration management tools like Chef, Puppet, and the others on this list help configure the software and systems on this infrastructure that has already been provisioned. Configuration orchestration tools do some level of configuration management, and configuration management tools do some level of orchestration. Companies can and many times use both types of tools together.
Provisioning plus Configuration Management
Example: Terraform and Ansible. We use Terraform to deploy all the underlying infrastructure, including the network topology (i.e., VPCs, subnets, route tables), data stores (e.g., MySQL, Redis), load balancers, and servers. We then use Ansible to deploy our apps on top of those servers. Every growing startup or tech organization wants to automate apps and IT infrastructure. Ansible is a simple way to do that. An open-source software provisioning, configuration management, and application-deployment tool comes with its own declarative language. Ansible is an automation tool that helps drive complexity away and accelerate DevOps initiatives. Backed by RedHat Terraform acts like an orchestrator, using Packer for automation. Terraform is more of an infrastructure provisioning tool. Terraform talks to VMWare, AWS, GCP, and deploys infrastructure. From the house of HashiCorp, Terraform allows the creation, management and improvement
of infrastructure. An open source code drives APIs into declarative configuration files.
Ansible & Terraform
What is Ansible?
Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates. Ansible’s goals are foremost those of simplicity and maximum ease of use.
What is Terraform?
With Terraform, wer describe our complete infrastructure as code, even as it spans multiple service providers. Our servers may come from AWS, our DNS may come from CloudFlare, and our database may come from Heroku. Terraform will build all these resources across all these providers in parallel.
|Ansible is a configuration management tool||Terraform is an orchestration tool|
|Ansible provides support for mutable infrastructure (Mutable systems are changed and updated directly)||Terraform provides support for immutable infrastructure (Immutable images are static and any updates must generate a new version of the base image.)|
|Ansible follows a procedural language
(With procedural programming, you have to specify exact steps to get the result)
|Terraform follows a declarative language (Declarative programming is where you say what you want without having to say how to do it)|
|Ansible provides partial VM provisiining,networking and stroage management||Terrafor provide comprehensive VM provisioning, networking and storage management|
|Ansible provides complete support for packaging and templating||Terraform provides partial support for packing and templating|
|Ansible does not have lifecycle management||Terraform is heavily dependent on lifecycle or state management|