AWS DevOps Pro Certification Blog Post Series: Configuration Management and Infrastructure as Code introduction

Mark Sta Ana - May 11 '19 - - Dev Community

Photo by Evan Dvorkin on Unsplash

What does the exam guide say?

To pass this domain, you'll need to know the following:

  • Determine deployment services based on deployment needs
  • Determine application and infrastructure deployment models based on business needs
  • Apply security concepts in the automation of resource provisioning
  • Determine how to implement lifecycle hooks on a deployment
  • Apply concepts required to manage systems using AWS configuration management tools and services

This domain is 19% of the overall mark for the exam.

What whitepapers are relevant?

According to the AWS Whitepapers for DevOps we should look at the following documents:

What services and products covered in this domain?

Useful https://aws.amazon.com/devops/#infrastructureascode

  • CloudFormation - This is a templating language that allows you to codify your infrastructure. This is the "Infrastructure as Code" part of this domain.
  • OpsWorks - This service provides managed versions of Chef and Puppet. These are both industry standard configuration management systems.
  • Elastic Beanstalk - is AWS' Platform as a Service (PaaS) offering.
  • AWS Lambda - A service to run microservices / Serverless functions / Buzzword bingo
  • AWS ECS - Managed container services. IaC (codified)
  • AWS Config - Auditing services of your AWS services.
  • AWS Managed Services - Let's AWS manage your AWS!

What about other types of documentation?

If you have the time, by all means, read the User Guides, but they are usually a couple of hundred pages. Alternatively, get familiar with the services using the FAQs:

You're all expected to know the APIs

There's no API for AWS Managed Services because this a professional or technical services offering.

Before you panic, you'll start to spot a pattern with the API verbs.

And the CLI commands

There's no CLI for AWS Managed Services because there's no corresponding API.

As with the API, there are patterns to the commands.

Configu-what? And Infra as Who?

In the previous domain, we learnt that SDLC specifically the continuous delivery pipeline ensures that our code's integrity is being tested repeatedly and in a consistent manner.

Now we'll see how we can achieve something similar to the underlying infrastructure that powers both our build and hosting of our applications.

Configuration Management is a systematic way of handling changes to servers in such as a way that it maintains integrity over time. The key thing to remember is that often we talking about maintaining lots of servers i.e. more than one. To do this manually introduces risks that steps will be missed and inconsistencies in your environments will occur.

By automating this process for server builds and maintenance we reduce this risk. Whilst you could do this yourself through a series of shell scripts and ssh, it's better to use a dedicated tool, some popular choices are Puppet, Chef, and, Salt Stack and Ansible.

If Configuration Management ensures that our servers are patched to the correct version of operating system and contain the correct software to operate, then Infrastructure as Code ensures that provisioning of drum roll Infrastructure is done as reproducible steps. Tools you can expect to find in this space are Terraform, Azure Resource Manager and of course CloudFormation.

Both configuration management and infrastructure as code are often expressed as templates or a programming language. This makes both ideal candidates for using version control systems like Git to track changes.

To go to the next part of the series, click on the grey dot below which is next to the current marker (the black dot).

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .