With the advent of DevOps, many organizations have started migrating their infrastructure management to a more secure and reversible format of storage. Thus, we see the advent of the term, “Infrastructure-as-Code”. This term, sometimes misunderstood, is a very fancy way of saying, that just the way we version-controlled our source codes, we are now going to version our infrastructures. The growth of this keyword was provided with the growth of cloud computing and the as-a-service and pay-as-you-go deployment models.
Infrastructure-as-Code - Overview
First, consider an organization with its infrastructure deployed on-premises. This requires that the organization performs a complete study of its requirements and the potential growth they are expecting to accommodate the hardware and infrastructure costs in the coming years. In case they require to upgrade their infrastructure due to some elements that were not foreseen—due to any reason, user increase (or decrease), software patch requirements, etc.—they would need to redeploy almost everything. In classical methods, this would follow up with a waterfall approach to patch everything. This could lead to a huge capital investment requirement and would lead to slow production releases due to compliance delays.
With the cloud, this has changed. Cloud vendors take care of all these elements for us, and with DevOps, they have introduced several tools to manage the infrastructure (mentioned as IaC from now on in the blog). IaC tools allow operations teams to operate at scale while,
- Leaving the infrastructure deployment to these tools.
- Managing configurations for VMs and compute engines.
- Supporting declarative syntax for resource creation and management.
- Being version controllable as any other code, in text format.
These properties for IaC tools enable operations teams to manage their infrastructure, and rollback to an earlier stage in case their infrastructure does not perform well, or the budget does not support the updated infrastructure demands. In this post, I will discuss two industry-leading options for IaC management, one is Microsoft Azure’s ARM Template and another one is Alibaba Cloud’s Resource Orchestration Service or ROS for short.
ARM Template by Microsoft Azure
ARM Template is one of the most used solutions on Microsoft Azure. It is powered by the Azure Resource Manager, which enables resource grouping and location parameters to deploy the solutions on the cloud. Moreover, templates are also used to define the infrastructure and the resources deployed.
ARM Template takes a couple of important details to “manage” an infrastructure,
- The location; where to deploy
- Resources - Their quantity and their types
- Connections between resources
- Think of this as the virtual networks they are being deployed in
- Extra information
Infrastructure is deployed on Azure using the information provided in this template by Azure schedulers and controllers. A template can be downloaded for each resource that is deployed—whether a single resource or a group of resources. In each resource, look for “Export Template” and utilize the JSON document that is provided. You can also use Azure SDKs to generate the template or consume the template.
DevOps tools utilize this template to deploy or re-deploy the infrastructure in case of need. This also leads to the deployment of multiple stages and environments— testing, QA, staging, production—which can help different departments and different teams to utilize the platform as per their necessities.
Security of user data, as well as infrastructure configuration, is taken important care of as most details are requested on-demand during the deployment process. Other Azure services such as Azure Key Vault service can be utilized to provide the credentials and other sensitive details for the deployment of infrastructure and configuration.
Pros of Azure ARM Templates
- Native support for the management of Azure resources.
- It contains conditional scripts to accept input and dropdown selections.
- Automatically configures and hides sensitive input from users.
- It comes free of cost, and templates can be stored for later purposes.
Cons of Azure ARM Templates
- It can only be used with Azure resources.
- No capability to contain automation jobs, only state.
- No possibility to sketch or generate diagrams of the infrastructure.
Alibaba Cloud Resource Orchestration Service
On Alibaba Cloud, we are provided with Resource Orchestration Service (referred to as ROS from here on) that helps us manage the infrastructure, as code, while staying on top of security and operational ease. Alibaba Cloud ROS follows similar patterns as other IaC tools and is provided as a first-class and free service for the customers.
On Alibaba Cloud, ROS follows a stack-deployment model—which on Microsoft Azure is known as a resource group. Stack Deployment is the deployment of a template that has been generated by Alibaba Cloud ROS. Sample templates can be used to quickly deploy and test the Alibaba Cloud infrastructure, or for testing and learning purposes.
The most beautiful feature of Alibaba Cloud is the capability of visually representing the infrastructure. Alibaba Cloud ROS can be utilized to draw architectural diagrams that support business needs. Many consultancy organizations rely on this type of feature for their cloud platforms that they are presenting a marketing pitch for. Thus, the portal can convert your JSON document to a visual (editable) graph, that you can edit and modify as per your needs.
This template can be deployed to Alibaba Cloud or saved for later uses. Saving the template in the local environment can help operational teams version this infrastructure template using a version control system; such as git. Alibaba Cloud SDK can be used to download the templates stored in a subscription for complete automation. In case the infrastructure does not perform well, a complete stack can be deployed again using the same template. Templates are text-based; thus, they can be used to rollback to a specific infrastructure state as per the requirements of customers or resources. Now let’s enlist the pros and cons of Alibaba Cloud Resource Orchestration Service, pros first.
Pros of Alibaba Cloud Resource Orchestration Service
- Native integration with Alibaba Cloud platform and resources.
- Available free of cost for every account.
- Enables resource provisioning through status queries.
- Uses a text-based structure to define the infrastructure states and configurations.
- Out-of-box capabilities to draw a graph of infrastructure for visualization.
Cons of Alibaba Cloud Resource Orchestration Service
- Available only for Alibaba Cloud platform and resources.
- It does not support automation scripts.
Operational Ease
Both solutions support the features necessary for a product to be considered an Infrastructure-as-Code tool. Azure ARM Templates are strictly tied to Resource Groups and they create resource groups upon deployments. Resource groups enable grouping and collective up-gradation of services, in case of downtime. ARM Templates do not have a visual editor—officially supported by Azure, but they are capable of declarative expression of an infrastructure.
Alibaba Cloud ROS, on the other hand, provides all the features as an IaC tool and is a separate orchestrator service—not depending on a first-class product. ROS also has a visual editor that helps in editing the infrastructure configurations as well as in presenting the infrastructure to customers and potential clients for sales or marketing pitch.
Deployment of resources depends entirely on the infrastructure and both these products are alike in this aspect.