Infrastructure as Code on Amazon Web Services
1. What is infrastructure as code?
Infrastructure as code is the process of provisioning and managing your cloud resources by writing a template file that is both human-readable, and machine consumable. Infrastructure as Code enables you to encode the definition of infrastructure resources into configuration files and control versions, just like application software.
2. Why use infrastructure as code?
Let think about some scenarios bellow:
1.You are a DevOps, your task is building infrastructure for 10 systems that have the same resources such as ec2, s3, ELB, auto-scale…
=> How do you build 10 infrastructures quickly and correctly?
2. You are a new member of the maintenance project. There is no document to know which resource or AWS service are using.
=> How do you know the resources are using? When have urgent issue happens how to investigate it?
3. If you got an accident delete ec2 or changing the SG rule when working on the console.
=> How can you recover the previous state?
If you built the infra by console Oops :( There are many problems you may get when working. above just some simple sample.
But with the infrastructure as code everything easier.
Infrastructure as code brings a lot of benefits:
- Speed: You can implement it for one system then copy it for many systems
- Visibility: An infrastructure as code template serves as a very clear reference of what resources are on your account, and what their settings are. You don’t have to navigate to the web console to check the parameters.
- Stability: If you accidentally change the wrong setting or delete the wrong resource in the web console you can break things. Infrastructure as code helps solve this, especially when it is combined with version control, such as Git.
- Scalability: With infrastructure as code you can write it once and then reuse it many times. This means that one well-written template can be used as the basis for multiple services, in multiple regions around the world, making it much easier to horizontally scale.
- Security: Once again infrastructure as code gives you a unified template for how to deploy your architecture. If you create one well-secured architecture you can reuse it multiple times, and know that each deployed version is following the same settings.
- Transactional: CloudFormation not only creates resources on your AWS account but also waits for them to stabilize while they start. It verifies that provisioning was successful, and if there is a failure it can gracefully roll the infrastructure back to a past known good state.
- Cost-effective: Of course when you build the infra quickly, correctly you can save the cost.
Until now, after knowing the benefit of infrastructure as code I think you have the answer to the above questions.
3. How It works
Actually, you can write the template with JAML or JSON format then upload it to AWS, the stack will be created then OK. But It is hard to write code, you need to learn a lot about the format, properies name… Today, I will introduce to you the way that we are doing is using the CDK. With CDK writing code infra easier.
4. What is AWS CloudFormation?
AWS CloudFormation is the code template that describes the intended state of the resource, gives developers and systems administrators an easy way to create, manage, provision, and update a collection of related AWS resources in an orderly and predictable way. AWS CloudFormation uses templates written in JSON or YAML format to describe the collection of AWS resources. With AWS CloudFormation, you can maintain your infrastructure just like application source code.
5. AWS CDK -Cloud Development Kit
The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation.It offers a high-level object-oriented abstraction to define AWS resources imperatively using the power of modern programming languages. Using the CDK’s library of infrastructure constructs, you can easily encapsulate AWS best practices in your infrastructure definition and share it without worrying about boilerplate logic.
6. Advantages of the AWS CDK
- Use logic (if statements, for-loops, etc) when defining your infrastructure
- Use object-oriented techniques to create a model of your system
- Define high level abstractions, share them, and publish them to your team, company, or community
- Organize your project into logical modules
- Share and reuse your infrastructure as a library
- Testing your infrastructure code using industry-standard protocols
- Use your existing code review workflow
- Code completion within your IDE
7. How to create a resource with CDK
With CDK use can create a project with family language then insert the CDK contructor to support it. Each AWS resource has contructor.
Link refer:https://docs.aws.amazon.com/cdk/latest/guide/home.html
8. Developing with the AWS CDK
The AWS CDK Toolkit is a command-line tool for interacting with CDK apps. It enables developers to synthesize artifacts such as AWS CloudFormation templates, deploy stacks to development AWS accounts, and diff against a deployed stack to understand the impact of a code change.
Link refer: https://docs.aws.amazon.com/cdk/latest/guide/cli.html
