It’s easy to deploy cloud resources and services. It can be as simple as the touch of a button.
But that’s only part of the story. Often, dozens of small steps need to be completed in a particular way to set the environment to your specific requirements and standards. Provisioning cloud resources is really part of an end-to-end business process — one that’s ideal for automation. And that’s where infrastructure-as-code (IaC) comes in.
What is Infrastructure as Code?
Infrastructure-as-code (IaC) is the automated management and provisioning of infrastructure, such as cloud resource deployment, version upgrades, backup and data recovery, and security administration. The practice leverages version-controlled descriptive models to create repeatable, predictable, and resilient systems.
For example: because of the rapid growth and popularity of the Universal Automation Center (UAC) SaaS solution, the Stonebranch CloudOps team uses the UAC itself to automate some of the most common tasks on this service. So far, the team has automated all of its cloud deployments, upgrades, patch management, and even some housekeeping items. Keep scrolling to see what these automations look like in action.
Benefits of Infrastructure as Code
There are many benefits to implementing infrastructure as code practices, including:
- Speed. What once took days can be completed in minutes. Before Stonebranch automated cloud infrastructure management, it took almost two business days to deploy a single customer instance. Now it only takes 15 minutes.
- Simplicity. Reduce dozens of manual steps, across multiple infrastructure management tools, to a few high-level steps. Then, let automation take care of the rest. Stonebranch started with 60+ manual steps to deploy a single instance. This process has been simplified to just five high-level steps.
- Consistency. Minimize the risk of human error and ensure that your processes are followed exactly as defined, every time. Chances are high that an employee will make a mistake. Requiring a second employee to review the first employee’s work can help reduce that risk. Automating the workflow can all but remove the risk.
- Scalability. Meet the growing needs of your organization, without hiring and training additional employees. Stonebranch no longer has to train new CloudOps team members in complicated manual processes, which reduces onboarding time and overhead.
- Cost Control. Instead of arbitrarily spinning up too much or too little cloud space, IaC allows you to proactively control resource consumption with pre-approved configuration templates.
With IaC, you gain the confidence that your cloud environments are set up exactly as you intend, consistent with your existing instances, and essential security controls and configurations.
Infrastructure as Code Best Practices
As mentioned before, IaC is really part of an overall automated business process. When Stonebranch implements IaC for new SaaS deployments, that process starts with a customer’s signature on a contract. It moves forward when a request ticket is submitted via the SaaS operations helpdesk and approved for initiation. Once the request is approved, the CloudOps team runs the automated deployment. The result is documented and finally handed over to the customer.
In a recent webinar, Stonebranch’s senior cloud engineer Matthew Burke demonstrated the entire end-to-end business process his team uses to deploy new cloud instances. The video below shows a preview of that webinar.
The full session covers everything from helpdesk ticket submission to validation of the successful orchestration. You’ll see how:
- The necessary data flows from Jira to Terraform to Ansible, and back into UAC for later use.
- The first environment “base” build establishes the virtual private cloud (VPC), security groups, firewalls, routing, and internet gateway.
- The second environment build creates all required server instances.
- The team validates the successful completion of all tasks in the orchestration workflow
You’ll also get the answers to the attendee questions asked during the original live broadcast of the webinar, including:
- Can you describe how you maintain the automation source code through a dev-test deployment style of process?
- Can we automate the migration of on-premises VMs to the cloud using UAC?
- Is it possible to migrate enterprise applications and its database from on-premises to any cloud?
- Is the automation specific to AWS, or is it usable on other cloud platforms?
Why Automate Cloud Infrastructure with a SOAP?
Infrastructure as code has many benefits. Using a service orchestration and automation platform (SOAP) like Stonebranch UAC amplifies the effect of those benefits and adds some of its own.
Best of all, by using UAC to orchestrate infrastructure-as-code instead of something like Jenkins, you gain:
- Observability into any errors in real-time (speeding up your ability to root-cause issues), as well as audit trails and historical reporting.
- Visualization of the overall workflow and the individual tasks within, versus maintaining one long script of text code. The drag-and-drop designer makes it easy to see how it’s running, and get alerts when any parts of the process fail.
- Agility to update all cloud instances quickly, instead of taking days or weeks to go through every environment and do it manually.
- Version control maintenance and updates can consume a lot of your employees’ workhours. With templated automation, every Stonebranch cloud deployment uses the most current Amazon machine image (AMI) template and the latest-and-greatest version of Universal Controller directly from the repository.
- Secure agent-based and REST API integrations between the UAC and cloud infrastructure tools like Terraform, Ansible, and Jira, so there’s no need to build anything new or rely on open source.
- Flexibility to use with any other tool. For example, Stonebranch uses several tools to support automated SaaS deployments:
- Helpdesk: Jira service management
- Pre-approved templates: Stonebranch Universal Templates
- Infrastructure build: Terraform
- Configuration utility: Ansible
- Orchestration: Stonebranch Universal Controller
Stonebranch Universal Controller is totally agnostic — it’s compatible with any other tool. That means the automation workflows are completely malleable and flexible to any tools you use now or may use in the future. For instance, in the list of IaC tools above, we could easily switch to Remedy or ServiceNow without affecting any other tasks in the workflow.
The end-to-end business processes that wrap around new cloud infrastructure can involve hundreds and hundreds of steps. If done manually, it’s time consuming and error prone. With the repeatable, automated practices that are the cornerstone of IaC, you gain speed, consistency, and scalability.
If you’d like to learn more, reach out to your Stonebranch representative or request a demo.