Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Modern Infrastructure Automation

DZone's Guide to

Modern Infrastructure Automation

Automating infrastructure is a big step, but it's often not enough. Read about the questions to ask yourself to make software more reliable and secure.

· DevOps Zone ·
Free Resource

Easily enforce open source policies in real time and reduce MTTRs from six weeks to six seconds with the Sonatype Nexus Platform. See for yourself - Free Vulnerability Scanner. 

"We’re no longer an airline. We’re a software company with wings,” claims Veresh Sita, CIO of Alaska Airlines. The success of today’s businesses rests on software. It is an integral part of infrastructure, so we need to always ask, “How can it be better? More reliable? More secure?”

Nathen Harvey (@nathenharvey) is the VP of Community Development at Chef and the co-host of the Food Fight podcast. He is also an evangelist of automating software operations, which is what he presented on at the 2016 All Day DevOps conference.

Nathen started his talk by stating that “automation at scale is required for high velocity IT,” making the point that in today’s environment, you can’t wait months between deployments. Enterprises are moving to Continuous Integration/Continuous Deployment, and he advocates for Continuous Automation.

harvey pic1.png

To implement automation at scale, you have to start with a dynamic infrastructure by:

  • Provisioning and setting up environments.

  • Implementing dynamic scaling of compute resources.

  • Migrating legacy workloads to the cloud.

  • Deploy in multi-cloud and hybrid-cloud environments.

  • Support heterogeneous environments.

harvey2.png

Several speakers of All Day DevOps talked about automation, and all of them tell you a critical step is to treat infrastructure as code. According to Nathen, this means that to programmatically provision and configure components, such as servers, databases, firewalls, etc., you also have to treat it like any other code base. This includes version control and automated testing, but also:

  • Automated, full-stack application policies.

  • Package and service installation.

  • Versionable, testable, and repeatable workflow.

  • Scalable application policies.

  • Management of interdependencies across nodes.

When you treat your infrastructure as code and deliver at scale, you can scale elegantly from one to tens of thousands of managed nodes across multiple complex environments.

In order for software to be effective, users have to trust that it will do what they expect it to do. This is true from handheld calculators to self-driving cars, and it is also true when we automate our development and operations. Nathen advocates that we have to build a pipeline to production that creates faith in us that our code is ready for production.  This pipeline must:

  1. Test the code/verify locally.
  2. Verify in pipeline with automated testing.
  3. Approve with another engineer (aka code review or Nathen’s “four eye rule”).
  4. Build an artifact.
  5. Deploy into acceptance environment to automatically test the artifact.
  6. Ask someone else - do we want to ship this?
  7. Ship the code with a click of a button.
  8. Union (bring together dependencies and run tests).
  9. Rehearsal.
  10. Delivered (ship to customers).

What Does the Future Hold?

Infrastructure automation is NOT enough. Why? Auditors show up to audit your infrastructure and applications. The problem is they use different tools - excel spreadsheets, notebooks, PDFs, etc. This makes it very difficult to audit. Nathen advocates managing compliance documents as code, too. When we translate compliance into code, it can be executed as part of the pipeline so we can test for compliance throughout the entire lifecycle.

Finally, Nathen stresses the need to have application automation, too. Modern applications look like infrastructure as code.

harvey3.png

Developers can make applications that operations can deliver and run in production. This makes it easier to consume, run, and keep applications healthy. Operable applications need to be:

  • Isolated.

  • Immutable.

  • Configurable.

  • Built on a common interface for monitoring health.

  • Rebuildable from sources.

  • Reside in common packaging.

  • Maintain runtime independence.

As enterprises implement infrastructure, application, and compliance automation, it creates a freedom for people to focus, and people are the key.

Nathen notes that “DevOps is a cultural revolution and professional movement, focused on how we build and operate high-velocity organizations, born from the experiences of its practitioners.” He underscores that people are the future of automation. Automation places the priority on people, which enables great companies and great products.

harvey4.png

You can watch Nathen’s entire talk online here, where you can dig deeper into this subject. If you missed any of the other 30-minute long presentations from All Day DevOps, they are easy to find and available free-of-charge here.  Finally, be sure to register you and the rest of your team for the 2017 All Day DevOps conference here.  This year’s event will offer 96 practitioner-led sessions (no vendor pitches allowed).  It’s all free and online on October 24th.

Automate open source governance at scale across the entire software supply chain with the Nexus Platform. Learn more.

Topics:
automated security ,ci/cd ,continuous delivery ,infrastructure ,automation ,devops

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}