Understanding DevOps and Infrastructure as Code(IaC) in Cloud

devops google cloud iac Jun 04, 2020

Why every organization needs to use IaC when using the cloud.

Infrastructure as code is the prerequisite for common DevOps practices such as version control, code review, continuous integration and automated testing. These practices provide continuous delivery of quality software that meets the requirements set. DevOps and solid infrastructure best practices are a must have for leading software development organizations.

When considering moving your on premises resources to a cloud environment it is important to realize some important changes we need to consider.

1.Availability of higher elasticity of infrastructure, meaning that cloud resources can be scaled up or down as well as removed on the fly.

2. Understanding that cloud environments are API Driven which generally can reduce development overhead. API’s supported are one of more types such as REST or Open APIs.

3. Integrating of your Cloud based resources would be fully supported and any on premises deployments would still likely require a separate local IaC solution such as Terraform.

NOTE: There are exciting new capabilities I will review in another post such as Anthos, Knative and GKE on premises.

4. Realizing consistency of deployments, pipelines and services can produce greater returns with a solid DevOps culture and the implementation of baseline requirements.

DevOps pipelines are covered in detail here.

Deploying you code overview.

Deploying your code via an Infrastructure as Code utility can be a bit challenging at first until really grasp the concepts.  Here is a short workflow. 

For example, In AWS the developers generally would have a development environment. Then they would create their services via the templates they created. The code could be stored in a repository locally or in the cloud. 

There would be a trigger to invoke the appspec.yml file which will describe to the AWS CodeDeploy deployment on how to manage the lifecycle of your application. 

Diagram (AWS) – high-level approach to how code is deployed in AWS for an application running EC2 virtual machines. AWS has its own Infrastructure as Code service called CodeDeploy. 

Some great benefits can be realized with IaaC, lets discuss .

Benefits of Infrastructure as Code (IaC)

Some of the major benefits of Infrastructure as Code (IaC) are:

  • Tools have direct integration and application of software delivery principles.
  • Improving Customer Satisfaction
  • Reducing OPEX and CAPEX requirements
  • Standardization (consistency) of deployments thru declarative formats and templates.
  • Safer Change Management (aka using best practices)
  • Audit Trails to meet compliance
  • Integration with cloud provider tools and even third party tools such as Terraform or Jenkins.

Benefits will of course vary between cloud providers and each organization. I have worked with clients that really care more about compliance and governance due to their regulatory compliance than they care about standardization for example.

Major Cloud Provider Infrastructure as Code (IAC) Tools

Amazon Web Services

Amazon Web Services CloudFormation is their Infrastructure as Code tool. It is written in JSON and runs via the AWS Console or AWS CLI . The tool allows you to build and manage your infrastructure as code in AWS.

AWS provides a lot of templates that can be used to get started with CloudFormation so it’s pretty easy to get up and running.

Below is a post of how to Deploy Hyperledger Fabric Blockchain on AWS in a jiffy.

For more information on AWS CloudFormation


MS Azure

Microsoft Resource Manager (ARM) templates are Microsoft Azure’s implementation of IaC and allow you to provision Microsoft Azure Resources using a Declarative template. You will use management features, like access control, locks, and tags, to secure and organize your resources after deployment. ARM supports all the tools you need with MS such as Powershell, REST APIs and the MS CLI.

For more information on Microsoft Resource Manager (ARM)


  Google Cloud Platform

   Google Cloud Deployment Manager allows you to specify all the resources needed for your application in a declarative format using yaml. You can also use Python or Jinja2 templates to parameterize the configuration and allow reuse of common deployment paradigms such as a load balanced, auto-scaled instance group. Treat your configuration as code and perform repeatable deployments.

Below is an example of how to deploy Facebook Libra Testnet on GCP.

For more information on GCP Cloud Deployment Manager


Here is a chart that I put together compares AWS and GCP I use in GCP for AWS pros in how IaaC is supported and the basic capabilities compared to each other.

GCP is somewhat more flexible in regards to syntax and the scope of deployments.

What is a configuration?

Configurations describes typically in a “declarative” format all the cloud resources you want for a single deployment. YAML or JSON. Configurations are also known in some cloud environments as a deployment or rollout.

Example below. YAML configuration file for Google Cloud Platform. You can see it declares resources, properties, etc. 

For example, in Google Cloud Platform you can use Deployment Manager. Deployment Manager uses a configuration that is a file written in YAML syntax that lists each of the resources you want to create and its respective resource properties.

Automation and Orchestration

Automation is generally referring to a single task or function that is accomplished without human intervention usually via a script or a utility.  Another way it may defined is automation is simply creating a single task that can run automatically without any human intervention.

Automation might involve sending a response email to a customer who has contacted you through your website which would be triggered with a webhook. Could also be adding a record to a database when a batch job is run. You can automate both cloud-based and on-premise tasks

DevOps (Development & Operations) is an enterprise software development phrase used to mean a type of agile relationship between development and IT operations. The goal of DevOps is to change and improve the relationship by advocating better communication and collaboration between these two business units. Before we discuss DevOps pipelines lets review what a container. What are Containers? Containers are

Orchestration is about automating more than one task together and therefore integrating them to actually achieve a specific outcome.  Orchestration can happen across multiple technologies, applications, datasets, middleware, systems, and more

Orchestration is a good way to optimize repeatable processes that don’t need human interaction. Implemented well, orchestration will streamline workflows, lower costs, and significantly reduce issues and errors.

For example, orchestration can be used to run batch jobs in your computer systems or run a payroll deposit services on Thursday evenings

What is the Difference between Orchestration and Automation?

This is one of more common questions that comes in the world IT and especially around DevOps.

  • Orchestration is automating more than one tasks together and integrating them to achieve a specific outcome. Basically, bunching tasks together in a workflow to reach an objective outcome.
  • Automation on the other hand focuses on one task, orchestration combines all of those individual tasks

What are the Benefits of Orchestration and Automation

This benefits of Orchestration and Automation are multifold.  

  • Signification reduction of human errors and mistakes
  • Elimination of low-value, repeatable tasks for employees
  • Greater cost and worker efficiencies for the enterprise.
  • Standardized processes and procedures that eliminate work and provide standardization.

Carry on my cloud friends and please do let me know any feedback or suggestions.

Joe Holbrook, the Cloud Tech Guy

Join TechCommanders Today. 

Over 60 Courses and Practice Questions! 

Coaching and CloudINterviewACE

Join TechCommanders

Stay connected with news and updates!

Join our mailing list to receive the latest news and updates from our team.
Don't worry, your information will not be shared.

We hate SPAM. We will never sell your information, for any reason.