From deep within the Looker traffic reports of The New Stack, we have unearthed the most viewed posts from 2024 about the subject of Infrastructure as Code (IaC). Collectively, what they show is that, despite IaC’s promise in scaling IT systems, it still has many issues that drive DevOps folks crazy.<\/p>\n
“Having used Terraform extensively, I genuinely appreciate the magic of Infrastructure as Code as an accelerant. However, refactoring is a reality of ‘Day 2’ operations and doing this with Terraform is still extremely painful to get right,” Matt Moore<\/a>, founder and CTO of security company Chainguard<\/a>, told TNS.<\/p>\n Cloud services created the need for the practice of “Infrastructure as Code,” <\/em>as organizations set up their operations on Amazon Web Services<\/a> and other providers. Declarative, domain specific languages were created by Puppet<\/a> and Chef<\/a> and as a way to automate configuration and provisioning work in setting up and maintaining these systems.<\/p>\n And Kubernetes<\/a>, with its ability to orchestrate microservices, put this practice into overdrive. And so HashiCorp’s<\/a> Terraform<\/a> surfaced to manage this next level of cloud provisioning.<\/p>\n But despite the great value Terraform and associated IaC tools have brought, DevOps teams<\/a> are feeling more frustrated than ever.<\/p>\n The New Stack’s’ 10 most popular IaC stories from 2024 show the frustrations they are feeling, and some possible paths going forward.<\/p>\n In this contributed post, Asif Awan<\/a>, co-founder and chief product officer at a company then called appCD<\/a> but now known as StackGen<\/a>, noted that managing, maintaining and deploying applications and infrastructure securely and consistently remains an incredibly complicated challenge.<\/p>\n “Just as IaC expanded the ability to deploy to the cloud, it added complexity to that deployment by combining teams with different experiences and expertise and requiring them to find new ways to work together,” Awan noted.<\/p>\n The solution, he suggested was to “generate the infrastructure your application needs based on the version of your application being deployed.”<\/p>\n This approach he called “Infrastructure from Code<\/a>.”<\/p>\n Edan Evantal<\/a>, CTO of Quali<\/a> noted that IaC tools were designed for velocity and automation, not as the source of truth for environments. Great for deploying cloud services, they are pretty terrible as a tool for predicting how code changes can change app performance<\/p>\n Also, IaC tools don’t play nicely together.<\/p>\n He noted that Quali rethinks the IaC process, defining everything a developer needs to launch an environment, in such a way that it is easy for machines and humans to understand. Then, teams can use GitOps<\/a> as a base to launch applications.<\/p>\n Nitric<\/a>‘s Rak Siva<\/a> is also a proponent of Infrastructure from <\/em>Code (IfC).<\/p>\n The problem, Siva wrote, is”when a developer decides to replace a manually managed storage bucket with a third-party service alternative, the corresponding IaC scripts must also be manually updated, which becomes cumbersome and error-prone as projects scale. The desync that occurs between the application and its runtime can lead to serious security implications, where resources are granted far more permissions than they require or are left rogue and forgotten.”<\/p>\n He added, “Infrastructure from Code automates the bits that were previously manual in nature. Whenever an application changes, IfC can help provision resources and configurations that accurately reflect its runtime requirements, eliminating much of the manual work typically involved.”<\/p>\n Siva noted that the the developer doesn’t write the low-level configuration code, for tasks like setting up IAM roles and permissions, but rather, they just need to know its available.<\/p>\n Nitric offers an open source IfC framework for building in your language of choice and deploying to all the major clouds.<\/p>\n <\/p>\n Infrastructure as Code is unidirectional and has an asymmetric experience where changes (writes) and observations (reads) are performed through different tools. What are some consequences of that? Is it really necessary?https:\/\/t.co\/O1WJX6yhic<\/a>#infrastructureascode<\/a><\/p>\n — Brian Grant (@bgrant0607) December 23, 2024<\/a><\/p><\/blockquote>\n1.<\/strong> Infrastructure as Code Is Dead: Long Live Infrastructure from Code<\/a><\/strong><\/h2>\n
2.<\/strong> How We Evolved from IaC to Environments as Code<\/a><\/strong><\/h2>\n
3.<\/strong> Terraform Isn’t Dead<\/a><\/strong><\/h2>\n
\n