01 - IaC Concepts
When you launch a cloud service and configure it you are "_"
"provisioning"
How to prevent configuration drift?
Immutable infrastructure, always create and destroy, never reuse, Blue, Green deployment strategy.
What is Infrastructure Lifecycle? a number of clearly defined and distinct _ _ which are used by DevOps Engineers to _, _, _, _, _, _ and _ cloud infrastructure
a number of clearly defined and distinct work phases which are used by DevOps Engineers to plan, design, build, test, deliver, maintain and retire cloud infrastructure
Terraform is declarative but the terraform language features _-_ _
imperative-like functionality
GitOps
is when you take Infrastructure as Code (IaC) and you use a git repository to introduce a formal process to review and accept changes to infrastructure code, once that code is accepted, it automatically triggers a deploy
What are some declarative languages?
ARM Azure BluePrints CloudFormation Cloud Deployment Manager (google cloud) Terraform
What are some Imperative tools?
AWS CDK Pulumi
Terraform encourages you towards an Immutable Infrastructure architect so you get the following guarantees. (4)
Cloud Resource Failure - What if an EC2 instance fails a status check? Application Failure - What if your post installation script fails due to change in package? Time to Deploy - What if I need to deploy in a hurry? Worst Case Scenario - • Accidental Deletion • Compromised by malicious actor • Need to Change Regions (region outage)
What is day0-day2? Day0? Day1? Day2?
Day 0-2 is a simplified way to describe phases of an infrastructure lifecycle • Day 0 — Plan and Design • Day 1 — Develop and Iterate • Day 2 — Go live and maintain
IaC allows you to easily _, _or _ your cloud infrastructure.
IaC allows you to easily share, version or inventory your cloud infrastructure.
IaC is a _ of your infrastructure
IaC is a blueprint of your infrastructure.
Define Idempotent in terms of IaC infrastructure lifecycle
No matter how many times you run IaC, you will always end up with the same state that is expected
Define Reliability in terms of IaC infrastructure lifecycle
Reliability IaC makes changes idempotent, consistent, repeatable, and predictable.
Terraform is an _-_ and _-_ Infrastructure as Code (IaC) tool. Terraform uses _ configuration files
Terraform is an open-source and cloud-agnostic Infrastructure as Code (IaC) tool. Terraform uses declarative configuration files
Declarative (3)
What you see is what you get. Explicit • More verbose, but zero chance of mis-configuration • Uses scripting languages eg. JSON, YAML, XML
You write a configuration script to automate _, _, or _ _ _
You write a configuration script to automate creating, updating or destroying cloud infrastructure.
Define Sensibility in terms of IaC infrastructure lifecycle
avoid financial and reputational losses to even loss of life when considering government and military dependencies on infrastructure
HashiCorp is a company specializing in managed open-source tools used to support the
development and deployment of large-scale service-oriented software installations
Imperative. (3)
• You say what you want, and the rest is filled in. Implict • Less verbose, you could end up with misconfiguration • Does more than Declarative Uses programming languages eg. Python, Ruby, JavaScript
Define Manageability in terms of IaC infrastructure lifecycle
• enable mutation via code • revised, with minimal changes
Configuration Drift is when provisioned infrastructure has an unexpected configuration change due to (3)
• team members manually adjusting configuration options • malicious actors • side affects from APIs, SDK or CLIs.