🔭IaC Tools: Are They Right for Your Team? Choosing Wisely & A Peek into Pulumi

Is Infrastructure as Code on Your Radar? (It Should Be.)

Hello, and welcome to your Aiden's Lab Notebook.

Once we're done building a service, the next step is usually deployment, and for that, many of us turn to cloud services.

Thanks to public cloud platforms like AWS, GCP, and Azure, getting a service up and running for smaller projects has become pretty straightforward. Often, we just need to configure some compute servers, a load balancer, and a database, and we're good to go.

But as our services or teams start to scale, managing cloud infrastructure can become quite a handful.

The cloud setups we rely on grow more complex, and the potential fallout from any changes or operational hiccups becomes much more significant.

This is where IaC (Infrastructure as Code) steps in, aiming to lighten that load.

As the name suggests, it’s all about managing your infrastructure using code.

IaC has also become a cornerstone in the world of DevOps.

When development and operations teams work to align their deployment environments using a DevOps approach, adopting IaC can help smooth out the process, avoid common errors and inconsistencies, and ultimately aid in automating application deployment.

What's more, with IaC, your infrastructure can be tested and version-controlled through a CI/CD pipeline, which is why its adoption is highly recommended from a DevOps perspective.

Now, IaC isn't just a fancy tool for big corporations.

In fact, for small teams that need to accomplish a lot with limited resources, automating infrastructure management is pretty much essential.

By bringing IaC into the fold, you can cut down on manual errors and automate repetitive tasks, which can significantly boost your team's productivity.

This frees up your team to focus more on creating business value, making IaC a really important consideration even for smaller setups.

Finding Your Fit: How to Choose the Right IaC Tool

You're absolutely right. Because IaC has become such a key part of managing cloud infrastructure, a whole host of tools have emerged.

Just looking at open-source options, we have Terraform, Pulumi, Crossplane, and more.

So, how do you pick the one that’s right for you and your team?

I usually recommend considering these three things:

1. Your Team's Existing Tech Stack

2. Support for Your Target Clouds and Services

3. Community and Ecosystem Maturity

First, your team's existing tech stack refers to the programming languages and technologies your team is already comfortable and proficient with.

For example, Terraform uses its own Domain Specific Language (DSL) to define infrastructure.
If you haven't used Terraform before, learning a new syntax might feel like an extra hurdle.

On the other hand, a tool like Pulumi, which supports general-purpose programming languages like Python, TypeScript, and Go, might feel more approachable and have a lower initial barrier to entry.

Second is support for your target clouds and services. This means checking how well the IaC tool supports the cloud providers (like AWS, GCP, Azure) and specific services (like Kubernetes) you're currently using or plan to use in the future.

If you're aiming for a multi-cloud environment and want to avoid vendor lock-in, a tool that offers consistent support across various clouds will be more beneficial.

Both Pulumi and Terraform, for instance, are cloud-agnostic and support multi-cloud environments.

Lastly, there's community and ecosystem maturity.

Terraform has been around for a while and has a large, active community. This means you'll generally find more examples, tutorials, and community support for it compared to newer tools like Pulumi (though Pulumi's community is growing fast!).

The importance of each of these three points will likely vary a bit for each of you reading this.

However, I'd like to spend a little more time on Pulumi, particularly because of its lower barrier to entry.

Pulumi’s big advantage is that it lets you define infrastructure using familiar programming languages.

This reduces the learning curve of a new DSL and allows you to leverage the rich ecosystems and tools of existing languages for things like testing, reusability, and abstraction.

It's also worth noting that you can use your existing development tools and testing frameworks to improve the quality of your infrastructure code, which is a significant plus.

Under the Hood: How Does Pulumi Actually Work?

So, let's take a quick peek at the core structure of Pulumi and how it operates.

The key components of Pulumi are:

• CLI (Command Line Interface)

• Language SDKs (Software Development Kits)

• Deployment Engine

• State Management System

Remember how I mentioned Pulumi lets you write infrastructure management code in familiar programming languages?

Well, developers use the Language SDK for their chosen language to write this code. Then, they use the Pulumi CLI to send commands to the Deployment Engine.

Once the Deployment Engine receives these commands, it interprets the infrastructure code and actually creates or modifies the cloud resources. The results of these actions are then recorded in the State Management System.

Here’s a little diagram to visualize that workflow:

Pulumi's State Management System is quite important from an IaC standpoint, so let's touch on that a bit more.

The latest state of your deployed infrastructure can be stored in a local file, in Pulumi's cloud service, or in a backend like S3.

This state information is crucial for things like detecting "drift" between your actual infrastructure and your code, and for tracking historical states.

Drift, by the way, is what happens when the actual state of your infrastructure no longer matches what's defined in your infrastructure management code.

Detecting drift is important because it can undermine the efficiency and security of your IaC setup.

Pulumi supports drift detection by leveraging its state management system.

The Pulumi Advantage: What Changes Can You Expect?

So, what kind of benefits might you see if you were to bring Pulumi into your current projects?

Adopting IaC, in general, means automating your infrastructure setup process, which can reduce the time needed for provisioning and managing infrastructure.

It also means your infrastructure is managed via a codebase, which helps reduce human error and ensures you can build consistent environments.

Plus, infrastructure changes are logged in code, making tracking and documentation much easier.

With Pulumi specifically, because it supports general-purpose programming languages, you get to:

• Use code auto-completion

• Catch errors in real-time

• Utilize refactoring tools, and more...

Essentially, you can use the features your IDE already provides directly for your infrastructure code.

This means you can save time on learning new tools or languages and keep your development flow uninterrupted, leading to a noticeable improvement in the speed of building and modifying infrastructure.

Furthermore, when your infrastructure is managed in a programming language familiar to your entire team, it can lower the barriers between development and operations teams.

It becomes natural to conduct code reviews for infrastructure changes and collaborate using Git for version control.

Even in larger teams, this can improve the understanding of infrastructure across both development and operations personnel, ultimately leading to faster and more stable service deployments.

Pulumi also supports writing unit tests for your infrastructure code, just like you would for regular software.

This means developers can use their familiar testing frameworks to verify that the infrastructure management code behaves as expected before deploying.

You get the chance to catch and fix potential errors before they hit your actual cloud environment, which significantly boosts the reliability and stability of your infrastructure changes.

Wrapping Up

In this little exploration, we've touched on why you might want to adopt IaC, some criteria for choosing an IaC tool, and taken a closer look at Pulumi.

If you've read this far, you might naturally be wondering: "Okay, so how do I actually start using Pulumi?"

Well, that's exactly what I'm planning for the next post! I'll be sharing a step-by-step guide on everything from installing Pulumi to writing infrastructure code and deploying AWS resources using Python.

So, I hope you'll join me for that one!

✨Enjoyed this issue?

How about this newsletter? I’d love to hear your thought about this issue in the below form!

👉 Feedback Form

Your input will be help improve Aiden’s Lab Notebook and make it more useful for you.

Thanks again for reading this notebook from Aiden’s Lab :)