© 2014 VMware Inc. All rights reserved. Infrastructure as Code 101 A Primer for Infrastructure Teams May 5, 2016 Steve Tegeler [email protected] @vstegeler Nathan Ness [email protected] @nvpnathan
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
© 2014 VMware Inc. All rights reserved.
Infrastructure as Code 101A Primer for Infrastructure Teams
May 5, 2016
Steve [email protected]@vstegeler
Nathan [email protected]@nvpnathan
2
Practice
Infrastructure as Code
Want to Understand
Infrastructure as Code Better
Help articulate and
educate others
Get some solid use
cases
3
Who am I, and How did I learn about IaC?
• Director of Pre-Sales engineering for OpenStack + VMware
• Infrastructure Background
– Compute � Storage � Networking � Server Virt � Network Virt (Nicira)
• At Nicira our success was bound to the success of CMP/IaaS
– CMP Drives Consumption of Virtual Networks
• Watched a YouTube video and felt my career pivot
4
“Infrastructure in the Cloud Era"
• 2009 Velocity Conference
5
Who am I, and How did I learn about IaC?
• Director of Pre-Sales engineering for OpenStack + VMware
• Infrastructure Background
– Compute � Storage � Networking � Server Virt � Virt Networking
• At Nicira realized our success was bound to the success of IaaS
– CMP Drives the Consumption of Network
• Watched a YouTube video and felt my career pivot
• Must learn coding principles to stay relevant
• OpenStack success is bound by the ability to consume it
– IaC education/adoption will help
6
"Enable the reconstruction of the business from nothing but a source code repository, an application data backup, and
bare metal resources.“- Adam Jacob, CTO Chef
Infrastructure as Code – Common Definition
App Code
Infrastructure
Code
Configuration
Code
Your Data
App State
Compute NetworkSecurity
Storage
Infrastructure Provisioning
8
Infrastructure & ConfigurationInfrastructure & Configuration
Typical CI Development Process
Build/CISource Code
Management
Repository
Testing
Frameworks
Provisioning /
Deployment
1. Commit/Check-in2. Build & Test
4. Deploy
vRA
3. Artifacts
W W
AA
R
Manual?
9
App Devs
OpsTeams
Network StorageCompute
WW
A A
R
Web
2 VMs, 2CPU, 2GB mem, 10GB disk, RHEL
LoadBalancer
Open 80,443
App2 VMs 4CPU, 4GB mem, 30GB disk
Open 22 internal only, 8443 from Web
Request Infrastructure
web_instance: webxyz
flavor: m1.small
image: RHEL-x86_64-chef
network: web-net
security: web-sec
quantity: 2
-------<snip>----------
Web-net: web-net
Subnet: 10.10.0.0
Mask: 255.255.255.0
Web-sec: name: web-sec
in: allow: tcp: 22
out: allow: tcp: 80, 443
Describe Infrastructure
Days & Variability Fast &
Predictable
flavor: m1.small
Cpu: 2
Mem: 2
Disk: 10
Cloud APIs
“Consumer”
12
Why Code is so Great for Infrastructure
When things break, I can troubleshoot easily – Version Control
Easily test infrastructure permutations - CPU/Mem/Storage/Net/Sec
Re-useable
I can build topology templates for apps – Fast & Consistent Configuration
Application AnatomyThe Various Code Used in Deployment
14
Application v12.34
Types of Code Which Make up an Application
Application Code
Infrastructure Code
Configuration Code
Use Cases
16
Deployment
Pipeline
Infrastructure Site 1
Existing Business Apps
Ultimate IaC Test – Day 0
CONFIDENTIAL
App CodeInfrastructure
Code
Configuration Code
Your Data
Source Code
App_1 App_2 App_n
Infrastructure Site 2
Your Data
Business Apps Up!
App_1 App_2 App_n
R R
UPS
17
Seems Like Utopia, Does it Actually Work?
• If it doesn’t work, you are DOING IT WRONG
– The more often you practice it, the more resilient it makes it (lifting weights)
• Test it in a different OpenStack cloud
– Considerations: Defcore compliant, feature set same?
Ongoing Ops Benefits
19
Version Control
• Definition: A system that records changes to a file or set of files over time so that you can recall specific versions later
• Main Benefit: Complete visibility to any changes
Application v12.34
Application Code
Infrastructure Code
Configuration Code
20
IaC_v123
• TCP 8081
IaC_v456
• TCP 8081
IaC_v457
• TCP 22, 8081
February
March
April
May
Day 2 Value: Incident, Cause
Security Policy Incident/Audit
Code Development Source Code
diff
21
Use Cases for Infrastructure as Code
• Test Firewall Changes
• Test your application to see if it is IP address dependent
– Change a subnet address range used (192.x.y.z � 172.x.y.z)
• Test different performance permutations
– CPU – multi-threaded/scale out
– Disk – SATA, SSD, etc
• Rollback
Getting Started
23
IT, we have a Problem!
• Infrastructure Teams � SW development practices
– Learn Version Control and ways to “Describe” Infrastructure
• Devs � Understand Infrastructure– Developers learn proper ways to deploy infrastructure “primitives”
Developers Infra
24
25
VersionControl
App Code
Infrastructure
Code
Configuration
Code
Application:GoReminder
GoRem.v34Ext Security Test (nmap) GoRem.v35
Open: 8080,22
Open: 8081
FAIL
PASS!
Go.v34
Heat_v34
Cook_v34
GoRem.v34
Go.v35
Heat_v35
Cook_v35
GoRem.v35
Security Testing a GoReminders Application
Related Documents
