This topic introduces the concept of Infrastructure as Code (IaC) and the related IaC tools available on Alibaba Cloud.
IaC is the practice of describing, deploying, and maintaining computing infrastructure through code, rather than using graphical interfaces or command-line scripts. Executable code lets you define and automate the creation, configuration, and management of your infrastructure, which enables a continuous delivery model.
Managing infrastructure typically involves configuring network environments, creating and managing virtual machine instances, connecting to databases, setting up storage, and handling other operational tasks. IaC addresses the challenges of manual infrastructure management, such as human error, deployment inconsistencies, and repetitive tasks. Using IaC reduces configuration errors and operational issues while making infrastructure management more efficient and reliable.
IaC allows you to define your infrastructure in a configuration file, where you specify the desired state of your resources. Infrastructure defined as code can be versioned, reused, and shared. This lets you consistently build, change, and manage your infrastructure safely and repeatably. You can then use the same configuration to create reproducible development, testing, and production environments.
An IaC configuration file is essentially code. This aligns with DevOps principles by connecting application development with automated releases. Describing application deployments and configurations as code allows you to integrate them into a CI/CD pipeline for fast and frequent application delivery.
For more information, see What is Infrastructure as Code (IaC)?.
Benefits of IaC
IaC provides the following benefits:
Reusability
Infrastructure resources required by a business architecture can be defined as IaC configuration files. These files allow consistent creation and management of multiple environments, such as development, testing, and production.
Automation
IaC automates the creation and management of cloud resources, which removes the need to manage the low-level details of resource creation.
Process-oriented
Changes to infrastructure are handled similarly to application code changes. Modifications to configuration files can be reviewed, automatically validated, and managed through automated workflows.
Auditability
A complete history of changes to configuration files can be maintained, enabling auditing and rollback when necessary.
IaC tools and services for Alibaba Cloud
Alibaba Cloud integrates with many IaC tools. You can select a tool based on your use case:
Terraform
To define and manage your Alibaba Cloud infrastructure with configuration code, use the Alibaba Cloud Provider for Terraform.
Terraform is an open-source IaC tool from HashiCorp. You can use human-readable configuration files written in HashiCorp Configuration Language (HCL) to define both Alibaba Cloud and on-premises resources. These resources can be versioned, reused, and shared, allowing you to manage the entire lifecycle of your infrastructure with a consistent, automated workflow.
For more information, see Introduction to Terraform.
Terraform Explorer
Terraform is a client-side tool. To use Terraform through a graphical interface, we recommend Terraform Explorer.
Terraform Explorer is an online tool built on the open-source version of Terraform. It provides a visual interface to quickly generate Terraform configuration files and automate their execution. With Terraform Explorer, you do not need to install and maintain Terraform, write configuration files from scratch, or manage state.
For more information, see Introduction to Explorer.
Resource Orchestration Service (ROS)
Resource Orchestration Service (ROS) is an Alibaba Cloud service that simplifies cloud resource management and provides automated deployment based on IaC principles. Developers and administrators can write templates to define the Alibaba Cloud resources they need, such as an ECS instance or an RDS database instance, and the dependencies between them. The ROS orchestration engine then automatically creates and configures all the resources based on the template, enabling automated deployment and Operations and Maintenance (O&M).
For more information, see What is Resource Orchestration Service?.
Terraform Cloud and Terraform Enterprise
In addition to the open-source version of Terraform, HashiCorp also offers enterprise editions. To use Terraform to manage infrastructure resources across your entire organization, you can use Terraform Cloud or Terraform Enterprise. For more information, see HashiCorp Terraform Editions.
CDKTF
To use a general-purpose programming language instead of HCL to generate your infrastructure configuration, you can use the Cloud Development Kit for Terraform (CDKTF).
CDKTF allows you to use familiar programming languages, such as Java, Go, Python, and TypeScript, to define and automatically generate Terraform templates for your Alibaba Cloud infrastructure. You can then use CDKTF commands (for example, deploy) to call Terraform and automate the configuration and management of your Alibaba Cloud infrastructure.
This approach offers a balance of flexibility and automation by combining the advantages of both declarative and imperative models. For more information, see CDK for Terraform.
Pulumi
Similar to CDKTF, Pulumi is another tool that allows you to use general-purpose programming languages to define and configure your infrastructure. You can use the Pulumi Provider for Alibaba Cloud to write your infrastructure code.
Ansible
To automate provisioning, configuration management, application deployment, orchestration, and other IT processes, you can use the orchestration tool Ansible.