Tools that seem interesting
I’ve been advocating better ways of working for delivering infrastructure as code. There are a number of interesting tools around that seem to be addressing different aspects of the problem with different approaches. I have little or no experience with most of these tools, so I’m not necessarily recommending them as things you really should be using. But I do recommend giving them a look to see if they can help you.
Infrastructure composition
Most team I’ve worked with have a set of hand-crafted infrastructure code orchestration scripts. These scripts usually manage the deployment of infrastructure stacks, including sequencing, configuration, and integration of multiple stacks. A number of tools are cropping up to replace the need to build your own set of scripts. Some of the ones I’ve heard about include:
- Atmos from Cloud Posse
- Gruntwork stacks a proposal from the creators of Terragrunt
- Infrablocks from a group of my former Thoughtworks colleagues at Atomic Innovation
- Score from the creators of Crossplane
- Terraform stacks
- Terraspace
Infrastructure deployment tools
Many of us run infrastructure deployment tools, or our orchestration scripts, from a pipeline service like Github Actions. However, another area where vendors and products are popping up is services and tools to manage this process. Some are combined with infrastructure composition languages and tools.
Many infrastructure as code tool vendors offer hosted deployment services, including Pulumi Cloud and Terraform Cloud, usually as part of a suite of services.
Some IaaS cloud vendors also have services to run infrastructure code. The AWS Service Catalog supports both CloudFormation and Terraform. Google Coud Infrastructure Manager and Oracle Cloud Resource Manager both support Terraform.
Some third party vendors provide solutions that work with multiple infrastructure as code tools, such as env0, Garden, and Spacelift.
There are the so-called TACoS Terraform Automation and COlaboration Software, which are specifically for use with Terraform and OpenTofu. TACoS products and services include:
Atlantis Control Monkey Digger Gruntwork DevOps Foundations Harness Scalr Terrakube Terramate Terrateam
Infrastructure as Data
GitOps uses a control loop to continuously synchronize a deployed application with its configuration, usually using Kubernetes. Infrastructure as Data applies the same pattern to infrastructure code. Infrastructure definitions are stored in a central service, again usually a Kubernetes cluster, which uses a control loop to continuously synchronize the definitions with the running infrastructure
Examples of tools and services for Infrastructure as Data include:
ACK Crossplane GCP Config Connector Azure Service Operator
Although most infrastructure as data systems are based on Kubernetes, IaSQL is an intriguing alternative that uses the PostgreSQL database instead. Infrastructure code is written in SQL, and a connector synchronizes the definitions in the database with infrastructure hosted on AWS.footnote:[As of this writing there is not much activity on the IaSQL project. Whether it’s active or not, it’s an interesting example of different ways of approaching infrastructure as code.]
Infrastructure from Code
Another category of tool embeds infrastructure code into application code, moving the boundary between applications and infrastructure. Examples of these include Darklang, Nitric, and Winglang.
This pattern seems particularly popular with serverless developers, leveraging the ability of infrastructure tools like AWS CDK to write infrastructure code in the same language used to write the application code. This serverless Hello World application tutorial is a typical example of infrastructure from code.
See also Gregor Hohpe’s discussions of approaches to application and infrastructure code in his article, IxC: Infrastructure as Code, from Code, with Code.
Infrastructure as Model
System Initiative is introducing a way of managing infrastructure by maintaining a data model that is dynamically synchronized with the running infrastructure. It’s a bit like Terraform state files, but far more dynamic and programmable.
