Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
-
Upload
openstack -
Category
Technology
-
view
732 -
download
0
Transcript of Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
© 2014 VMware Inc. All rights reserved.
Infrastructure as Code 101A Primer for Infrastructure Teams
May 5, 2016
Steve [email protected]@vstegeler
Nathan [email protected]@nvpnathan
2
Practice
Infrastructure as Code
Want to Understand
Infrastructure as Code Better
Help articulate and
educate others
Get some solid use
cases
3
Who am I, and How did I learn about IaC?
• Director of Pre-Sales engineering for OpenStack + VMware
• Infrastructure Background
– Compute � Storage � Networking � Server Virt � Network Virt (Nicira)
• At Nicira our success was bound to the success of CMP/IaaS
– CMP Drives Consumption of Virtual Networks
• Watched a YouTube video and felt my career pivot
5
Who am I, and How did I learn about IaC?
• Director of Pre-Sales engineering for OpenStack + VMware
• Infrastructure Background
– Compute � Storage � Networking � Server Virt � Virt Networking
• At Nicira realized our success was bound to the success of IaaS
– CMP Drives the Consumption of Network
• Watched a YouTube video and felt my career pivot
• Must learn coding principles to stay relevant
• OpenStack success is bound by the ability to consume it
– IaC education/adoption will help
6
"Enable the reconstruction of the business from nothing but a source code repository, an application data backup, and
bare metal resources.“- Adam Jacob, CTO Chef
Infrastructure as Code – Common Definition
App Code
Infrastructure
Code
Configuration
Code
Your Data
App State
Compute NetworkSecurity
Storage
8
Infrastructure & ConfigurationInfrastructure & Configuration
Typical CI Development Process
Build/CISource Code
Management
Repository
Testing
Frameworks
Provisioning /
Deployment
1. Commit/Check-in2. Build & Test
4. Deploy
vRA
3. Artifacts
W W
AA
R
Manual?
9
App Devs
OpsTeams
Network StorageCompute
WW
A A
R
Web
2 VMs, 2CPU, 2GB mem, 10GB disk, RHEL
LoadBalancer
Open 80,443
App2 VMs 4CPU, 4GB mem, 30GB disk
Open 22 internal only, 8443 from Web
Request Infrastructure
web_instance: webxyz
flavor: m1.small
image: RHEL-x86_64-chef
network: web-net
security: web-sec
quantity: 2
-------<snip>----------
Web-net: web-net
Subnet: 10.10.0.0
Mask: 255.255.255.0
Web-sec: name: web-sec
in: allow: tcp: 22
out: allow: tcp: 80, 443
Describe Infrastructure
Days & Variability Fast &
Predictable
flavor: m1.small
Cpu: 2
Mem: 2
Disk: 10
Cloud APIs
“Consumer”
12
Why Code is so Great for Infrastructure
When things break, I can troubleshoot easily – Version Control
Easily test infrastructure permutations - CPU/Mem/Storage/Net/Sec
Re-useable
I can build topology templates for apps – Fast & Consistent Configuration
14
Application v12.34
Types of Code Which Make up an Application
Application Code
Infrastructure Code
Configuration Code
16
Deployment
Pipeline
Infrastructure Site 1
Existing Business Apps
Ultimate IaC Test – Day 0
CONFIDENTIAL
App CodeInfrastructure
Code
Configuration Code
Your Data
Source Code
App_1 App_2 App_n
Infrastructure Site 2
Your Data
Business Apps Up!
App_1 App_2 App_n
R R
UPS
17
Seems Like Utopia, Does it Actually Work?
• If it doesn’t work, you are DOING IT WRONG
– The more often you practice it, the more resilient it makes it (lifting weights)
• Test it in a different OpenStack cloud
– Considerations: Defcore compliant, feature set same?
19
Version Control
• Definition: A system that records changes to a file or set of files over time so that you can recall specific versions later
• Main Benefit: Complete visibility to any changes
Application v12.34
Application Code
Infrastructure Code
Configuration Code
20
IaC_v123
• TCP 8081
IaC_v456
• TCP 8081
IaC_v457
• TCP 22, 8081
February
March
April
May
Day 2 Value: Incident, Cause
Security Policy Incident/Audit
Code Development Source Code
diff
21
Use Cases for Infrastructure as Code
• Test Firewall Changes
• Test your application to see if it is IP address dependent
– Change a subnet address range used (192.x.y.z � 172.x.y.z)
• Test different performance permutations
– CPU – multi-threaded/scale out
– Disk – SATA, SSD, etc
• Rollback
23
IT, we have a Problem!
• Infrastructure Teams � SW development practices
– Learn Version Control and ways to “Describe” Infrastructure
• Devs � Understand Infrastructure– Developers learn proper ways to deploy infrastructure “primitives”
Developers Infra