Cloud Success Flashcards
What is Terraform?
What is Terraform?
Terraform allows you to automate and manage your infrastructure and your platform, and services that run on that infrastructure. Terraform is a tool to provision and then manage the infrastructure. That said, it can also be used for the initial installation or configuration of software on that infrastructure, but not for further maintenance of that software.
It’s open source, and it uses declarative language, meaning you don’t have to define every step of how this automation in management is done, you just declare what you want, the final result, or end result, and Terraform will figure out how to execute it. Unlike the “Imperative Style”, where you specify how to execute each step.
Terraform is a tool for infrastructure provisioning.
So what does it mean exactly?
Let’s say you just started a project where you create some application, and you want to set up an infrastructure from scratch where this application will run. Let’s say you want to spin up several servers where you will deploy your micro-service applications that make up your application as Docker containers. Also, you plan to deploy a database container. You decide to use the AWS platform to build your whole infrastructure on it. So first step will be to go to AWS, and prepare the setup so the applications can be deployed there. This means you create your Private Network Space. You create an employee server, an EC2 server instance, you install Docker on each one of those plus any other tools that you might need for your application. You set up security on your servers like firewalls. You set up network, etc. Once the infrastructure is prepared, you can now deploy your Docker applications or Docker containers on that prepared infrastructure. So as you see, these are two different tasks or two separate steps of creating the whole. One is provisioning the infrastructure, preparing everything so the application can be deployed. The second one is actually deploying the applications on it, so you might even have two separate teams, or two individuals who do these two separate tasks. So possible scenario DevOps team member configures the infrastructure and the developer then deploys the applications on the prepared infrastructure.
So, where does terraform come into this whole thing?
Terraform is used for the first part where you provision the infrastructure to prepare it for the application deployment, creating the VPC spinning up the servers, creating the security, the AWS user with its permissions, maybe installing Docker specific version on servers, etc. Obviously, all this needs to be done in a correct order, because one task maybe depends on the other.
Terraform and Ansible are both infrastructure as a code, meaning they’re both used to automate provision configure and manage the infrastructure. However, terraform is mainly an infrastructure provisioning tool. That’s where its main power lies, but it also has possibilities to deploy applications in other tools on that infrastructure.
Ansible on the other hand, is mainly a configuration tool. So once the infrastructure is provisioned and it’s there, Ansible can now be used to configure it and deploy applications, install and update software on that infrastructure, etc. So as you see there, overlaps of what each tool does and this creates the confusion.
Provision Configure Automate Deploy Manage (Applications) The Infrastructure Build
Automate: Declarative vs. Procedural
Declarative: You tell it or code what you require from end to end and it takes care of the process automatically.
Procedural: You need to write down what you want manually, step by step throughout the infrastructure architecting procedure.
What is Infrastructure as Code IAC
Infrastructure as Code (IaC) is a combination of standards, practices, tools, and processes to provision, configure, and manage computer infrastructure using code and other machine-readable files.
Before automation, when you wrote an application that you wanted to deploy, you would get some servers, set them up, configure networking on those servers, create route tables, install all the necessary software, configure the software to be installed in order to make your application run on that server. All these things would be done manually by system administrators and it was an arduous task fraught with human error.
In today’s DevOps world, you don’t have to do all this manually. You can actually automate the complete process, thanks to infrastructures as code, also abbreviated as IAC.
Infrastructure as code is a super simple way of automating all of these tasks end-to-end, instead of doing it manually. So all the knowledge and expertise of system administrators and operations team packed into various programs or applications that carry out all these tasks are superfluous. Infrastructure is code is a concept and the infrastructure as code tools are these specific programs like Ansible, Puppet Terraform Cloudformation and many more that you can use for different tasks.
PROVISIONING
One, there is provisioning of infrastructure which is the very first step. This is spinning up fresh new servers, doing the network configuration on them, creating load balancers and configuring all this other stuff on the infrastructure level.
CONFIGURING
The next step, or category would be configuring the already provisioned infrastructure like installing applications and software on the servers and managing those applications. This step would be needed to prepare the infrastructure or the servers, with all the necessary stuff to deploy your own application, as I mentioned at the beginning. This could be installing Java or a database or any other service or process your application needs.
DEPLOYING
And the third step would be actually deploying your application on that provisioned, and configured infrastructure which is actually the main reason why you’re doing all this setup.
So you provision and configure infrastructure, the first time. That’s the first initial setup and afterwards you have the maintenance phase. So you do adjustments to the infrastructure, you change stuff, you add servers you remove servers you change network configuration, etc, same way you do initial installation and configuration of software. And then you have the maintenance phase of that software updates changes reconfiguration, all sorts of things. So the difference between the infrastructures code tools, is that the automate tasks in different categories for different phases in those categories. So in most cases you would use a combination of two or more tools to automate the whole process end to end. So for example, terraform is a tool to provision and then manage the infrastructure, but can also be used for the initial installation or configuration of software on that infrastructure, but not for further maintenance of that software. On the other hand, Ansible chef puppet tools can be used to configure and deploy applications, and also manage them afterwards, as well as do some tasks of configuring an already provisioned infrastructure, but it can be used to provision the initial setup of servers. Therefore, a common example is people using terraform to provision infrastructure and configure it, and then use Ansible to install and deploy applications on that provision infrastructure. There is also a difference between those tools in the way they work, among others. These differences are declarative versus procedural approach with procedural you write, step by step, what you need to be executed. Like, create a server at a server, etc. With declarative approach you declare what you want. As an end result. I want to servers and other difference is mutable infrastructure versus immutable immutable being you create three servers then you add one change network configuration maybe you remove two servers, whatever. So you make those changes with immutable infrastructure instead of adding, removing or doing changes, you always create a new one and discard the old, so you always replace instead of changing. I also explained both of these concepts in more detail in the terraform video. there are also agent versus agent list tools master versus master lists and some other differences. So maybe depending on your preferences and needs, you can choose the right tool, and that is essentially the reason why we have multiple infrastructures code tools, instead of just having one. I hope.
What is infrastructure as code in DevOps?
Infrastructure as Code (IaC) is the management of infrastructure (networks, virtual machines, load balancers, and connection topology) in a descriptive model, using the same versioning as DevOps team uses for source code. … IaC is a key DevOpspractice and is used in conjunction with continuous delivery.
What is Kubernetes and containers?
Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management. … It aims to provide a “platform for automating deployment, scaling, and operations of application containers across clusters of hosts”.
What is docker in automation?
Docker is an open platform that helps developers and system admins to build, ship and run applications on a number of platforms like laptop, data centers, VMs, cloud and so on.
What is difference between Jenkins and Docker?
Docker is a container engine that can create and manage containers, whereas Jenkins is a CI engine that can run build/test on your app. Docker is used to build and run multiple portable environments of your software stack. Jenkins is an automated software testing tool for your app.
Docker is a software platform for building applications based on containers — small and lightweight execution environments that make shared use of the operating system kernel but otherwise run in isolation from one another.
What is CI/CD?
CI/CD
DevOps a set of practices to build, test, and release your code in small frequent steps. One of the core practices of DevOps is Continuous Integration, which has developers commit their code to a shared repository, often on a daily basis.
Each commit triggers an automated workflow on a CI server that can notify developers that have any issues integrating their changes. When a repo evolves in small steps like this, it prevents what is known as merge hell. Let’s go ahead and build a continuous integration pipeline now to see how it prevents issues like this here on GitHub.
I have a Nodes js. web app, in order to deliver this app to my customers, I need to run three commands, test, build and deploy this entire process in the cloud by using a CI service like GitHub actions.
First, I create a workflow, and then I tell it to run on every push to the master branch. The event triggers a job that runs on a Linux container in the cloud. And we tell the container what to do as a series of steps. First, it checks out the code in this GitHub repo, and sets up Node js. installs my dependencies and runs my test build and deploy commands. Now, anytime we commit code to the master branch in this repo, it will run this workflow. If any of the steps fail, the bad software won’t be delivered to our customers and will automatically know there’s an issue that needs to be addressed. At the end of the day, CI/CD offers two main benefits, it helps you automate things that would otherwise have to be done manually by developers, that will increase your velocity, but it also detects small problems early before they can grow into major disasters, and that results in higher code quality.
What is the Provision Process?
Provisioning is the process of setting up IT infrastructure. It can also refer to the steps required to manage access to data and resources, and make them available to users and systems. Provisioning is not the same thing as configuration, but they are both steps in the deployment process.
What does it mean to automate?
IT automation is using a system of instructions to execute a repeated set of processes – taking the place of IT work performed manually. Automated processes can increase IT productivity and efficiency – and reduce human errors.
