Infrastructure as Code
With the growing need for more agility in the data center came the idea of changing the way we look at the configuration of the infrastructure by looking at it as code. By creating definitions of the desired infrastructure and then applying them to the needed devices and components, we can create the needed environment in our data centers much faster. Infrastructure as Code (IaC) is this process, and it uses machine-readable definitions to orchestrate the infrastructure.
One of the best examples of why such an approach is needed is to look at the flow of the DevOps. In a very simplified way, three major teams are involved in the DevOps—the developers, the testers, and the operations team. The developers have the task of developing an application. For this purpose, they set up an environment in the data center infrastructure using some servers running in the needed software environment, with the needed security, network, and storage connectivity. After the application is developed in this environment, it needs to be tested. However, in order for the results from the testing to be valid and to find any real issues, the application needs to be run in an environment that is the same as the development environment. The third stage is when the application needs to be deployed into production. The production environment also needs to be the same as the development and testing environments in order to be sure the application will behave as planned during the development and testing phases. An operations team is usually responsible for setting these environments, and they need to be able to quickly replicate the same environment—for development, then testing, and finally production—and they might have to be able to scale it. That’s why defining the state and configuration of the environment as a machine code makes the process easier and faster and helps reduce the risk of human-induced errors. Also, it guarantees that the environment will be the same. This is guaranteed by a characteristic of the IaC called idempotence, which means that certain mathematical or computer operations can be applied multiple times with the same result. Put in a different way, the idempotence of the IaC approach guarantees that every time the same configuration is applied, the result will be the same.
There are two approaches with the IaC:
- Declarative: This approach is also known as functional, as it focuses on what the configuration should be by defining a desired state, and the system performs the needed actions to get to this state.
- Imperative: This is a procedural approach that focuses on how to achieve the needed configuration state by defining the specific commands needed to achieve the desired configuration.
Examples of IaC tools include Chef, Puppet, Ansible, Terraform, and PowerShell DSC. We will take a look at some of these tools that are supported by Cisco NX-OS.