Bye, bye IaC. Hello Software Infrastructure.
IaC does not offer sufficient value to developers in its current state. Let me explain.
Infrastructure-as-Code focuses mainly on four primary components: compute, networking, access, and storage. Regardless of whether we're talking about Cloud, on-prem, Serverless setups, traditional networking gear or something in-between, the principle has stayed the same for years: here is a config, here's a binary or a process to apply config. And it worked exceptionally well for years until it became a liability.
We know that applications, development teams, and platforms all require infrastructure, and automation of this infrastructure is best when codified.
What's the problem here?
The problem is application projects complexity. It surged in recent years. Think of a typical software project that incorporates a front-end, a back-end, a data pipeline, mobile app, utilities, shared libraries. It can be mono-repository, or it can be a multi-language set of repositories. How did IaC accommodate this? Not well, to say the least.
Package management sophistication surged in recent years for programming languages (see documentations for tsconfig.json https://www.typescriptlang.org/tsconfig or package.json https://docs.npmjs.com/cli/v10/configuring-npm/package-json ). Legacy IaC tools didn't bother, instead implementing custom packaging and distribution methods that do not work with mainstream software languages.
With disconnected approaches to manage software projects for applications and IaC, management of repositories became a hot mess. Teams went with templating, customizations, manual tweaks, clashing JSON configurations, pipelines for IaC, pipelines for application, jittery configs injections, and of course my favorite: god level permissions with long-lived token because that's the fastest way to make IaC work. YAML often used to configure project pipelines adds especially large layer of unmanaged complexity.
We are in a situation similar to what cloud infrastructure was a decade ago — remember the use of bash and Python scripts to initiate three tier application stack? Those scripts and approaches morphed into scripting app builds and IaC configurators and runners. Furthermore, having multiple programming languages in the development cycle parallels the diversity of cloud providers, each coming with its own set of formats and approaches.
We started to see products that aim to untangle this mess. Tools like Nx.dev , Turborepo, and Lerna are known examples. Then there are whole platforms like Vercel and AWS Amplify, which take a no-nonsense approach and offer opinionated yet streamlined setup and management for application projects that can start simple and accommodate growth.
Projen is another tool that simplifies the full application project lifecycle using software abstractions rather than configs. And of course the famous Kubernetes has a dozen templating engines designed for everything, yet they all fall short on adequately handling application configuration. Try to build and deploy React app with Kubernetes toolchain.
领英推荐
Beyond the advanced templating engines, we see unconventional solutions like kpt.dev , which attempt to address these issues through pseudo-programming paradigms layered on top of static configuration files.
We think the good ol' software is a new trend for software projects management. The requirements for software development are morphing rapidly into integrated solutions. As we see it, there's a wave of new methodologies to manage programmatically all the application infrastructure, including bootstrapping, artifacts packaging, builds, dependencies versions and releases. Traditional Infrastructure-as-Code that concentrates on resources consumed by application is becoming increasingly irrelevant, shifting into the application codebase itself.
This transition represents an authentic shift-left. Unlike empty slogans of shifting-left the responsibilities to developers without providing software abstractions to accommodate it, the software infrastructure is a real deal.
Node is leading the way in this transformation. Most front-end frameworks can bootstrap and boilerplate examples and provide basic project management. You probably noticed these examples are packaged and distributed as applications, too. They are fast, efficient and self-sufficient (e.g. require no dependencies besides programming language development environment confined - which is another large unsolved problem).
npx create-react-app my-app
And as soon as application infrastructure stood up - it will require management and updates. We think the principles of Infrastructure-as-Code should now permeate application codebases to ensure a precise, reproducible state, as well as software-controlled process for making changes and adding new features. And by that we mean very core software development features: adding new component to front-end with unit tests? One command. Updating dependencies? One command. Adding new check for syntax rules? One command. Releasing new version? One command. And all those commands are programmatic implementation, rather than traditional scripting.
Making manual changes in a repository to configure these properties equals click-ops-ing in the cloud console, creating resources manually!
We think the landscape is shifting; these tools and approaches are evolving merging with application software. Teams should break free from outdated IaC models, investigate new approaches, and prepare for a future that balances complexity and utility by using software development methods.
This the age of infrastructure automation is coming to a close. Welcome Software Infrastructure.
AWS Solutions Architect @ Amazon Web Services | Serverless & IaC
1 年I feel this is a bit outdated. AWS provides a lot of tools and services that make it pretty easy to do everything as code and combine and orchestrate “infra” and “app” as one project. Perhaps I am missing something?
Solving complicated problems with simple solutions. Cloud Networks, Security and Automation for organization's big and small | Amateur Fisherman and Professional Grandad.
1 年Something about 'everythign is code', is the idea that anyone can write the code for anything. No longer does the 'network' guy have to create the network, or the indentity people create the roles or users. who write the code is no longer important. All those Subject Matter experts should now be directing their attention to reviewing the code, and contributing to creating the guardrails that keep *everyone* one track.
Solving complicated problems with simple solutions. Cloud Networks, Security and Automation for organization's big and small | Amateur Fisherman and Professional Grandad.
1 年'Everything is code'