Infrastructure as Code - bobbae/gcp GitHub Wiki

Infrastructure as Code (IAC) refers to the process of managing and provisioning computer data centers. It’s a strategy for managing data center servers, networking infrastructure, and storage. Its purpose is to simplify large-scale management and configuration dramatically.

Provisioning compute resources has traditionally been hard to manage, not scalable, and prone to error, so what other techniques can you use to make sure you’re ready to meet demand? You can automate the creation of your cloud resources, create templates, and store config files with the help of tools like Google Cloud Deployment Manager and Terraform.

Cloud Foundation Toolkit

The Cloud Foundation Toolkit is designed specifically to meet the compliance and security needs of enterprises.

https://github.com/terraform-google-modules

Immutable infrastructure

Immutable infrastructure is a philosophy that builds on the benefits of infrastructure as code.

Immutable infrastructure mandates that resources never be modified after they're deployed. If a virtual machine, Kubernetes cluster, or firewall rule needs to be updated, you can update the configuration for the resource in the source repository. After you've tested and validated the changes, you fully redeploy the resource using the new configuration. In other words, rather than tweaking resources, you re-create them.

Creating immutable infrastructure leads to more predictable deployments and rollbacks. It also mitigates issues that are common in mutable infrastructures, like configuration drift and snowflake servers.

GitHub Actions

https://medium.com/@irem.ertuerk/iac-with-github-actions-for-google-cloud-platform-bc28f1c4b0c7

Other IAC Tools

Pulumi

Pulumi is open source infrastructure as code SDK that enables you to create, deploy, and manage infrastructure on different clouds in various programming languages.

Ansible

Ansible is a way to automate apps and IT infrastructure. Application Deployment + Configuration Management + Continuous Delivery.

Ansible and terraform can complement one another.

Using Ansible to deploy Nomad and Consul

https://medium.com/google-cloud/deploy-nomad-and-consul-using-ansible-on-gcp-478b39e7818b

AWS Cloud formation

AWS Cloud Formation lets users model a collection of related AWS and third-party resources, provision them quickly and consistently, and manage them throughout their lifecycles, by treating infrastructure as code. A CloudFormation template describes your desired resources and their dependencies so you can launch and configure them together as a stack.

Azure Resource Manager

https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/overview

Openstack Heat

The OpenStack Foundation has a tool called Heat for specifying resources and the orchestrations for managing infrastructure, and application lifecycles. The heat-translator project was one of the first to adopt TOSCA for standardized templating.

TOSCA

Topology and Orchestration Specification for Cloud Applications (TOSCA), is an OASIS standard language to describe a topology of cloud based web services, their components, relationships, and the processes that manage them.