Infrastructure

Infrastructure as Code

Principles

  1. Single source of truth.
  2. Separate configuration from code.
  3. Test backup restoration.
  4. Users need familiarity with the tools used.
  5. Clarity can override other concerns, increases security (KISS).
  6. Complexity vs benefits received.
  7. Less is more, especially regarding code maintenance cost.
  8. Risk = Impact * probability.

Considerations designing a devops toolchain

Example:

Human

  1. User interface clear, simple (including role creation, access).
  2. Humans make mistakes, as many automatic checks as practical, no error / message spam!
  3. While designing: generalize, modularize, template, override defaults on deeper levels.
  4. Small, clear changes.
  5. Responsibility, acknowledgement for human checks in processes.

Technical

  1. Degree of flexibility required. 1 or more different virtual machine (VM) technologies to create templates and base clones for further modification by Ansible etc. If more than 1 tool for VM templates is needed, how to sync changes?
  2. Network and access (SSH for Ansible), flexibility (hosting providers, future migration).
  3. Infrastructure code hosting.
  4. Backup, retention, testing, (automatic) restoration.
  5. Logging, retention, log alerts (repeated messages, high severity etc).
  6. Monitoring (templated), alerts, autorecovery.
  7. Does a tool make a service level (SLA) impossible?