Hi, I’m Kenichi Ogawa, a full-stack engineer at AnyMind Group. Today I’ll be introducing our processes with Infrastructure as Code (IaC) for our internal systems.
■ We’re all on public clouds
Today we provide many products:
We don’t have any on-premise servers to provide them, so we’re using public clouds service like Amazon Web Services (AWS) or Google Clouds (GCP).
■ Example infrastructure
I’m working on our internal system for employee management. Here’s the infrastructure map running on AWS.
If I try to construct this system manually, … I don’t want to imagine that I will do it manually. Login to the console, find services, click, type, click, click, type… I can’t remember the instruction to build some infrastructure by Web console..
■ That’s why Infrastructure as Code (IaC)
As shown literally, IaC manages these cloud infrastructures as code — like program’s source code.
Pros of IaC are the following:
- – It will be part of the design (you can refer to the diagrams above)
- – We can keep tracking the history with VCS (git, Mercurial or something else)
- – It will reduce the mistakes from constructing and maintaining
- – We can share the whole infrastructure among developers
■ Example: Terraform
On our employee management system, 14 AWS services are being used.
- – ACM (AWS Certification Manager)
- – ALB (Application Load Balancer)
- – CloudFront
- – CloudWatch
- – EC2 (Elastic Computing Cloud)
- – ECR (Elastic Container Registry)
- – ECS (Elastic Container Service)
- – IAM (Identity and Access Management)
- – RDS (Relational Database Service)
- – Route53
- – S3 (Simple Storage Service)
- – SNS (Simple Notification Service)
- – SQS (Simple Queue Service)
- – VPC (Virtual Private Cloud)
All of these can be managed with Terraform.
■ Resource management by code
For example, configuring CloudFormation is complicated, but we can easily manage on the code.
It can connect with another resource.
In the example above, line 30 indicates usage the SSL certification. There is another file to manage this resource.
Like this example, we can manage all resources in one place by code.
■ Many platforms, one code
I also manage other systems currently running on Google Cloud Platform (GCP). In this system, almost all resources are located on GCP, however DNS configurations relies on AWS.
Terraform can also manage cross-platform resources.
Define both Google and AWS providers.
Define a resource on GCP.
Define a resource on AWS. It uses Google’s resource value on line 20.
■ State management by Terraform Cloud
Terraform also has a feature to manage state on their cloud, named Terraform Cloud.
By using this, we are able to manage state, run remotely, and migrate with CI/CD.
When working with cloud platform, using Infrastructure as Code (IaC) solution makes:
- – Standardize best practices across your team
- – Minimizes documentation, reduce the time spent on training and reduces confusion
Thanks for reading! Hopefully you’ve found some good ideas on how to manage your IT infrastructure. Happy coding — not only source code but with infrastructure — and see you next time!