At the heart of a reliable and repeatable software delivery process, there is version control. Everything required to perform that process should be in version control. So not just the source code of your application. But also your tests, deployment scripts, application configuration, dependencies, infrastructure, etc. This is important because it helps you to achieve reproducibility and traceability.
At many occasions, I find that this is not done or not completely done for the infrastructure. This is the source of many, often production breaking, problems.
“When you ask someone what the production server is, and the instant answer is a server name, you know it is treated as a pet.”
Often this is referred to as “pet versus cattle”. When infrastructure components of your system are created and maintained manually, we tend to treat them as pets. We like to take good care of them, give them a name and treat them with all the regards. Because we know, if it fails our system will go down. So we make sure the patches are done carefully. If we see a problem we log in with elevated privileges and try to solve it.
When you ask someone what the production server is, and the instant answer is a server name, you know it is treated as a pet.
Set up infrastructure in one click
Now imagine you can create all the infrastructure that you need with a click of a button or a call of an API, and that you can create that if you need it, destroy it if you are done with it. Any change on your infrastructure is done by this process as well: destroy, describe the new desired state and rebuild it. The consequence of this being that access to any component by manually logging in is not allowed.
Is that not be possible? Yes, it is, when you describe all your infrastructure as code. If you achieve that, reproducibility is a no-brainer. Just run the same process again and you will get the same result. The same for traceability. Store your code in version control and you’ll know exactly who made what change when. And as a bonus, restoring a previous version is a breeze. There are plenty of tools to do this. Tools like Ansible for example, will not only create the infrastructure for you, it can also monitor it for you to make sure that no change is done without a change to the code. If a manual change is done it will be rolled back automatically. Ansible will ensure that the state that you described, is in fact, the state that your components are in.
Everything as a code – Less workload
So having everything as code helps you in many ways. Managing your application and all the components that are needed for that application will become more transparent. Auditing is very easy. And it will prevent a lot of problems that are introduced by manual changes.