When I first started experimenting with the public cloud providers I, like many, began by setting up demo accounts and creating virtual servers. It isn’t a complicated process to create servers, particularly if you compare it to the process of buying hardware and loading software that was required 10 years ago. Cloud computing’s self service capabilities have caused a major disruption in the business of information technology. But even as I “spun-up” servers in a matter of minutes or seconds I began to wonder; how does the large enterprise migrate to and manage their cloud environment? How do they maintain the IT governess and framework with their cloud infrastructure as they have with their on premises infrastructure? How do they maintain standards considering all the ever-changing choices so commonly provided by the cloud vendors? I could see these questions as an issue with small implementations, but how does the enterprise handle this across dozens or even hundreds of cloud architects creating virtual servers? In short, the question I attempt to answer here is what tools are available to maintain IT governance and security compliance in the “move fast and break things” world of the cloud? The answer to all the questions can be found it what has been coined as Code as a Service (CaaS) or Infrastructure as Code (IaC).
Automation with Code as a Service
CaaS’s primary service or function is automation. It uses software to automate repetitive practices to hasten and simplify implementations and processes. A valuable byproduct of this automation is consistency. When processes are automated they can be designed from the start to follow the rules of regulation and governance of the organization. They help assure that no matter how fast process is moving or how many users are involved, governance is maintained.
Popular Code as a Service tools
There are a host of these tools designed to automate and govern the development of software and IT infrastructure. To follow are examples, starting with the most general IT automation systems and moving to tools designed to work more specific to work with cloud infrastructure.
Ansible is an open source automation software promoted by Redhat Corporation. In addition, to cloud provisioning, it assists in application development, intra-service orchestration, and configuration. Ansible uses the simple programming language YAML to create playbooks for automation. Ansible has many modules that integrate with the most common cloud solutions such as AWS, Google Cloud Platform (GCP) and VMware.
Terraform is an infrastructure as code software by Hashi Corporation. It primarily focuses on creating data center infrastructure that is provided by large public clouds. Teraform utilizes JSON language to define infrastructure templates with integrations such as AWS, Azure, GCP, and IBM cloud.
Kubernetes is an open source project started by Google and donated in its entirety to the Cloud Native Computing Foundation (CNCF). It orchestrates and automates the deployment of containers. Containers are a different type of virtual server that has promoted and added to the popularity of micro services. Micro services create business applications by combining many smaller applications to create the entire solution. Micro Services are used to increase agility and uptime and make maintenance of the application easier and less disruptive.
CloudFormation is Amazon Web Services CaaS application that is provided to its customers at no charge. CloudFormation templates can be written in YAML or JSON and make the deployment of AWS services at scale quicker and more secure. CloudFormation saves massive amounts of time for the enterprise cloud architect and insurers all instances maintain the IT governance of the organization.
Code as a Service is a valuable tool for cloud architects and businesses to create cloud native applications or migrate their applications to cloud service providers. There are many products, but most are opensource and will utilize playbooks or templates to assist in creating the cloud infrastructure in a compliant manner.