What is Infrastructure as Code?
by Dominik Tornow and Maegan Jong
Infrastructure as a Service, Infrastructure as Code, or recently Infrastructure as Data — certainly infrastructure comes in many forms, shapes, and sizes. Yet, even though these terms sound deceptively similar and deceptively simple, they denote fundamentally different and intricate concepts.
After Infrastructure as a Service — or Cloud Computing — entered the stage, the software engineering community had to determine just out how to work with Infrastructure as a Service.
This blog post discusses some of the most popular methods and provides concise and accurate definitions to both technical and non-technical stakeholders.
TL;DR
- Infrastructure as a Service refers to the capability of acquiring and releasing resources on demand.
- Infrastructure as Code or Data refers to a method of acquiring and releasing resources on demand.
Infrastructure as a Service
This blog post is based on a minimal model of Infrastructure as a Service: The term Infrastructure as a Service refers to the capability of a resource consumer to acquire and release a set of resources from a resource provider on-demand.
The term Resource refers to any component that is consumed by a consumer and therefore provided by a provider, for example, virtual machines, containers, or load balancers.
Infrastructure as Code
This blog post is based on a minimal model of Infrastructure as Code based on the model of Infrastructure as a Service: The term Infrastructure as Code refers to the provisioning method of acquiring and releasing a set of resources on-demand.
Infrastructure as Code or as Data or as …
Arguably, Infrastructure as Code is the most well-known and most frequently discussed provisioning method today. However, in this blog post, we will discuss five distinct methods to acquire and release resources.
The resource consumer determines the required set of resources, the desired state. The provisioning method determines how the desired state is expressed and how or when the sequence of commands that transform the current state into the desired state are calculated or performed.
For example, the resource consumer may determine that they need one Load Balancer Resource in addition to three Compute Resources to run their application.
But how may the resource consumer get there? And what happens if the resource consumer encounters any adversarial effects triggered by the environment e.g. a compute resource becomes unavailable?
Imperative Provisioning Methods
Imperative provisioning methods refer to the set of provisioning methods where
- the resource consumer does not formally encode the desired state and
- the resource consumer determines the sequence of commands
Most notably, imperative methods are not repeatable and therefore neither automatable as the resource consumer must determine the sequence of commands that leads to the desired state for each given current state.
1. Infrastructure as Tickets
Infrastructure as Tickets refers to the method of submitting a support ticket in the enterprise’s support ticketing system. The resource consumer submits the description of the desired resources as a support ticket. The support agent acquires or releases resources on the consumer's behalf and shares the connection information and credentials with the consumer.
2. Infrastructure as Clicks
Infrastructure as Clicks refers to the method of using a resource provider’s user interface to acquires and release resources.
3. Infrastructure as Scripts
Infrastructure as Scripts refers to the method of using a resource provider’s command-line interface to acquire and release resources.
Declarative Provisioning Methods
Declarative provisioning methods refer to the set of provisioning methods where
- the resource consumer formally encodes the desired state and
- a component determines the sequence of commands
Most notably, declarative methods are repeatable and therefore automatable as a component determines the sequence of commands that leads to the desired state for any possible current state.
4. Infrastructure as Code
Infrastructure as Code refers to the method of using an additional component to acquire and release resources. The resource consumer encodes the desired state in a component-specific format and the component determines and executes the required sequence of commands. Additionally, “as Code” implies the presence of control flow statements.
As of today, available implementations of this component have the quality of a tool that executes once when triggered by the resource consumer — manually or automatically in the context of a Continuous Deployment or Continuous Delivery Pipeline.
Well-known examples include Hashicorp Terraform or Pulumi’s Pulumi.
5. Infrastructure as Data
Infrastructure as Data refers to the method of using an additional component to acquire and release resources. The resource consumer encodes the desired state in a component-specific format and the component determines and executes the required sequence of commands. Additionally, “as Data” implies the absence of control flow statements.
As of today, available implementations of this component have the quality of a platform that executes continuously.
Well-known examples include The Cloud Native Computing Foundation’s Kubernetes Platform or AWS’s Fargate.
Infrastructure as Code vs Infrastructure as Data
The defining characteristic of Infrastructure as Code is the presence of control flow in the encoding of the desired state while the defining characteristic of Infrastructure as Data is the absence of control flow in the encoding of the desired state.
Infrastructure as Code is often associated with the manually triggered detection and mitigation of state drift by the resource provider. Similarly, Infrastructure as Data is often associated with the continuously executed detection and mitigation of state drift by a component.
However, the manually triggered or continuously performed reconciliation is not a defining characteristic:
- The association that Infrastructure as Code is manually triggered stems from the popularization of Infrastructure as Code by manually triggered tools like Terraform or Pulumi
- The association that Infrastructure as Data is continuously performed stems from the popularization of Infrastructure as Code by continuously performing platforms like Kubernetes.
Conclusion
Whether we are reasoning about Infrastructure as Tickets, as Clicks, as Script, as Code, or as Data, we are reasoning about an Infrastructure Provisioning Method, that is, how we interact with Infrastructure as a Service.
About this post
Concise and accurate definitions are essential to communicate complex concepts, both to technical and non-technical stakeholders. If we do not share a common vocabulary, we cannot share a common understanding!
Thank you to Maegan Jong, Software Engineering Intern at Cisco in 2020/2021.