Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
2 likes•3,356 views
The document is a primer on Infrastructure as Code (IaC), discussing its significance for infrastructure teams and providing educational use cases. It emphasizes the importance of coding principles for infrastructure, version control, and the ability to quickly troubleshoot and test different infrastructure configurations. The document also highlights how IaC can streamline deployment processes and enhance the resilience of systems.
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
- 1. © 2014 VMware Inc. All rights reserved. Infrastructure as Code 101 A Primer for Infrastructure Teams May 5, 2016 Steve Tegeler [email protected] @vstegeler Nathan Ness [email protected] @nvpnathan
- 2. 2 Practice Infrastructure as Code Want to Understand Infrastructure as Code Better Help articulate and educate others Get some solid use cases
- 3. 3 Who am I, and How did I learn about IaC? • Director of Pre-Sales engineering for OpenStack + VMware • Infrastructure Background – Compute Storage Networking Server Virt Network Virt (Nicira) • At Nicira our success was bound to the success of CMP/IaaS – CMP Drives Consumption of Virtual Networks • Watched a YouTube video and felt my career pivot
- 4. 4 “Infrastructure in the Cloud Era" • 2009 Velocity Conference
- 5. 5 Who am I, and How did I learn about IaC? • Director of Pre-Sales engineering for OpenStack + VMware • Infrastructure Background – Compute Storage Networking Server Virt Virt Networking • At Nicira realized our success was bound to the success of IaaS – CMP Drives the Consumption of Network • Watched a YouTube video and felt my career pivot • Must learn coding principles to stay relevant • OpenStack success is bound by the ability to consume it – IaC education/adoption will help
- 6. 6 "Enable the reconstruction of the business from nothing but a source code repository, an application data backup, and bare metal resources.“ - Adam Jacob, CTO Chef Infrastructure as Code – Common Definition App Code Infrastructure Code Configuration Code Your Data App State Compute Network Security Storage
- 8. 8 Infrastructure & ConfigurationInfrastructure & Configuration Typical CI Development Process Build/CI Source Code Management Repository Testing Frameworks Provisioning / Deployment 1. Commit/Check-in 2. Build & Test 4. Deploy vRA 3. Artifacts W W AA R Manual?
- 9. 9 App Devs Ops Teams Network StorageCompute WW A A R Web 2 VMs, 2CPU, 2GB mem, 10GB disk, RHEL LoadBalancer Open 80,443 App 2 VMs 4CPU, 4GB mem, 30GB disk Open 22 internal only, 8443 from Web Request Infrastructure web_instance: webxyz flavor: m1.small image: RHEL-x86_64-chef network: web-net security: web-sec quantity: 2 -------<snip>---------- Web-net: web-net Subnet: 10.10.0.0 Mask: 255.255.255.0 Web-sec: name: web-sec in: allow: tcp: 22 out: allow: tcp: 80, 443 Describe Infrastructure Days & Variability Fast & Predictable flavor: m1.small Cpu: 2 Mem: 2 Disk: 10 Cloud APIs “Consumer”
- 10. 12 Why Code is so Great for Infrastructure When things break, I can troubleshoot easily – Version Control Easily test infrastructure permutations - CPU/Mem/Storage/Net/Sec Re-useable I can build topology templates for apps – Fast & Consistent Configuration
- 11. Application Anatomy The Various Code Used in Deployment
- 12. 14 Application v12.34 Types of Code Which Make up an Application Application Code Infrastructure Code Configuration Code
- 13. Use Cases
- 14. 16 Deployment Pipeline Infrastructure Site 1 Existing Business Apps Ultimate IaC Test – Day 0 CONFIDENTIAL App Code Infrastructure Code Configuration Code Your Data Source Code App_1 App_2 App_n Infrastructure Site 2 Your Data Business Apps Up! App_1 App_2 App_n R R UPS
- 15. 17 Seems Like Utopia, Does it Actually Work? • If it doesn’t work, you are DOING IT WRONG – The more often you practice it, the more resilient it makes it (lifting weights) • Test it in a different OpenStack cloud – Considerations: Defcore compliant, feature set same?
- 17. 19 Version Control • Definition: A system that records changes to a file or set of files over time so that you can recall specific versions later • Main Benefit: Complete visibility to any changes Application v12.34 Application Code Infrastructure Code Configuration Code
- 18. 20 IaC_v123 • TCP 8081 IaC_v456 • TCP 8081 IaC_v457 • TCP 22, 8081 February March April May Day 2 Value: Incident, Cause Security Policy Incident/Audit Code Development Source Code diff
- 19. 21 Use Cases for Infrastructure as Code • Test Firewall Changes • Test your application to see if it is IP address dependent – Change a subnet address range used (192.x.y.z 172.x.y.z) • Test different performance permutations – CPU – multi-threaded/scale out – Disk – SATA, SSD, etc • Rollback
- 20. Getting Started
- 21. 23 IT, we have a Problem! • Infrastructure Teams SW development practices – Learn Version Control and ways to “Describe” Infrastructure • Devs Understand Infrastructure – Developers learn proper ways to deploy infrastructure “primitives” Developers Infra
- 22. 24
- 23. 25 Version Control App Code Infrastructure Code Configuration Code Application: GoReminder GoRem.v34 Ext Security Test (nmap) GoRem.v35 Open: 8080,22 Open: 8081 FAIL PASS! Go.v34 Heat_v34 Cook_v34 GoRem.v34 Go.v35 Heat_v35 Cook_v35 GoRem.v35 Security Testing a GoReminders Application