Infrastructure as Code: Is it so hard?

Learn how to manage infrastructure using a declarative approach, benefits, and how to get started.

6 min readJan 5, 2022

Traditionally, managing infrastructure is difficult especially when there is an increasing demand to provision and/or de-provision resources at regular intervals. Keeping track of this can be overwhelming, risky, and time-consuming which often leads to reduced efficiency due to errors that can affect uptime and disrupt service delivery.

As you may already know, the major advantage of cloud solutions is availability and scalability which depends solely on the ability to modify resources quickly without having to disrupt the architecture. Infrastructure as code(IaC) concept evolved to solve the problem of environment drift in the release pipeline. Without IaC, teams must maintain the settings of individual deployment environments which causes inconsistency among environments and leads to issues during deployments

1. Overview

Infrastructure as Code (IaC) is the management of infrastructure (networks, virtual machines, load balancers, and connection topology) in a descriptive model, using the same versioning as the DevOps team uses for source code. Like the principle that the same source code generates the same binary, an IaC model generates the same environment every time it is applied.

2. Benefits of Infrastructure as Code

Speed and simplicity: You can do this quickly and easily for development, staging, and production environments, which can make your software development process much more efficient
Configuration consistency: Human error will always rear its ugly head, which may leave you with subtle differences in configurations that may be difficult to debug. IaC completely standardizes the setup of infrastructure so there is a reduced possibility of any errors or deviations which will decrease the chances of any incompatibility issues with your infrastructure and help your applications run more smoothly.
Minimization of risk: Imagine having a team where only one engineer knows the full details of your infrastructure setup. What happens if the engineer leaves your team or is in a state where he/she cannot be reached. What would you do then? There’d be a bunch of questions, some fear and panic, and many attempts at reverse engineering.
Increased efficiency in software development: Developer productivity drastically increases with the use of IaC. Cloud architectures can be easily deployed in multiple stages to make the software development life cycle much more efficient.
Cost savings: IaC script can automatically spin down environments when they’re not in use, which will further save on cloud computing costs.

3. Getting started with IaC using Terraform

Terraform is the most popular infrastructure provisioning tool created by Hashicorp. It allows you to describe your infrastructure as code, creates “execution plans” that outline exactly what will happen when you run your code, builds a graph of your resources, and automates changes with minimal human interaction.

Terraform uses its own domain-specific language (DSL) called Hashicorp Configuration Language (HCL). HCL is JSON-compatible and is used to create these configuration files that describe the infrastructure resources to be deployed.

There are other tools like AWS CloudFormation, Azure Resource Manager, and Google Cloud Deployment Manager.

4. How to Install Terraform

4.1 Windows:

>>> choco install terraform

4.2 Linux:

>>> curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -.
>>> sudo apt-add-repository “deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main”
>>> sudo apt-get update && sudo apt-get install terraform

4.3 MacOS:

>>> brew tap hashicorp/tap
>>> brew install hashicorp/tap/terraform
>>> brew update
>>> brew upgrade hashicorp/tap/terraform

4.4 Verify the installation

>>> terraform -help or terraform -help plan

5. Sample Terraform Configuration

5.1 Terraform Block: The terraform {} block contains Terraform settings, including the required providers Terraform will use to provision your infrastructure. For each provider, the source attribute defines an optional hostname, a namespace, and the provider type. Terraform installs providers from the Terraform Registry by default. In this example configuration, the azurerm provider’s source is defined as hashicorp/azurerm, which is shorthand for registry.terraform.io/hashicorp/azurerm.

5.2 Providers: The provider block configures the specified provider, in this case, azurerm. A provider is a plugin that Terraform uses to create and manage your resources. You can define multiple provider blocks in a Terraform configuration to manage resources from different providers.

5.3 Resource: Resource blocks define components of your infrastructure. A resource might be a physical component such as a server, or it can be a logical resource such as a Heroku application. Resource blocks have two strings before the block: the resource type and the resource name. In this example, the resource type is azurerm_resource_group and the name is rg. The prefix of the type maps to the name of the provider. Resource blocks contain arguments which you use to configure the resource. The Azure provider documentation provides a list of supported resources and their configuration options, including azurerm_resource_group and its supported arguments.

6. Initialize your Terraform configuration

Initialize your directory in your terminal. The terraform commands will work with any operating system.

>>> terraform init

6.2 Format and validate the configuration

I recommend using consistent formatting in all of your configuration files. The terraform fmt command automatically updates configurations in the current directory for readability and consistency.

>>> terraform fmt

You can also make sure your configuration is syntactically valid and internally consistent by using the terraform validate command.

>>> terraform validate

6.3 Plan your Terraform Configuration

To be certain of your configuration outcome, run a terraform plan to create a deployment plan, this interacts with your state and now shows the changes the new configuration will make to your infrastructure.

>>> terraform plan

>>> terraform plan --out main.tfplan # optionally specify a filename to save your plan details

6.4 Apply your Terraform Configuration

Run the terraform apply the command to apply your configuration.

>>> terraform apply

>>> terraform apply “main.tfplan” #specify a plan file to apply in case you have multiple plans.

6.5 Destroy

This terminates resources managed by your Terraform project. This command is the inverse of terraform apply in that it terminates all the resources specified in your Terraform state. It does not destroy resources running elsewhere that are not managed by the current Terraform project.

Destroy the resources you created.

>>> terraform destroy

The - prefix in the output indicates that the instance will be destroyed. As with apply, Terraform shows its execution plan and waits for approval before making any changes.

For more detail on the concepts used in this tutorial:

Read about the Terraform configuration language in the Terraform documentation.
Learn more about Terraform providers.

7.0 Next Steps:

Learn more about Infrastructure as Code using the links below to help you get started and create a simple deployment using IaC https://learn.hashicorp.com/tutorials/

https://docs.microsoft.com/en-us/devops/deliver/what-is-infrastructure-as-code

8.0 Conclusion

Infrastructure as Code can simplify and accelerate your infrastructure provisioning process, help you avoid mistakes and comply with policies, keep your environments consistent, and save your company a lot of time and money.