Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top

2020 | Book

Infra the Beginning Read chapter Read first chapter

The Definitive Guide to AWS Infrastructure Automation

Craft Infrastructure-as-Code Solutions

Author: Bradley Campbell

Publisher: Apress

Part of: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Login to get access
insite
SEARCH

About this book

Discover the pillars of AWS infrastructure automation, starting with API-driven infrastructure concepts and its immediate benefits such as increased agility, automation of the infrastructure life cycle, and flexibility in experimenting with new architectures. With this base established, the book discusses infrastructure-as-code concepts in a general form, establishing principled outcomes such as security and reproducibility. Inescapably, we delve into how these concepts enable and underpin the DevOps movement.

The Definitive Guide to AWS Infrastructure Automation begins by discussing services and tools that enable infrastructure-as-code solutions; first stop: AWS's CloudFormation service. You’ll then cover the ever-expanding ecosystem of tooling emerging in this space, including CloudFormation wrappers such as Troposphere and orchestrators such as Sceptre, to completely independent third-party tools such as Terraform and Pulumi. As a bonus, you’ll also work with AWS' newly-released CDK (Cloud Development Kit). You’ll then look at how to implement modular, robust, and extensible solutions across a few examples -- in the process building out each solution with several different tools to compare and contrast the strengths and weaknesses of each.

By the end of the journey, you will have gained a wide knowledge of both the AWS-provided and third-party ecosystem of infrastructure-as-code/provisioning tools, and the strengths and weaknesses of each. You’ll possess a mental framework for how to craft an infrastructure-as-code solution to solve future problems based on examples discussed throughout the book. You’ll also have a demonstrable understanding of the hands-on operation of each tool, situational appropriateness of each tool, and how to leverage the tool day to day.

What You Will Learn

Discover the technological and organizational benefits to infrastructure-as-code solutions Examine the overall landscape of infrastructure-as-code tooling and solutions available to consumers of AWS services See the strengths and weaknesses of these tools relative to one another as examined through hands-on implementation of several solutions Gain hands-on experience, best practices, and tips and tricks learned through several years’ real-world experience delivering solutions using these very tools in a wide variety of scenarios Engineer solid solutions that leave room for new requirements and changes without requiring needless refactoring

Who This Book Is For

DevOps engineers, cloud engineers and architects focused on the AWS ecosystem, software engineers/developers working within the AWS ecosystem, and engineering leaders looking for best practices.

Table of Contents

Frontmatter
Chapter 1. Infra the Beginning
Abstract
Infrastructure: the word has this weight about it. Bridges, roads, racks, servers…. The word carries this connotation of tangibility – that if something is infrastructure, that there is something substantial, bulky, heavy, and real – not some ephemeral or abstract notion that can be destroyed or recreated at a moment’s notice. IT practitioners these days are thinking of infrastructure in much different terms than they were five years ago. In the mind of the cloud-enlightened IT pro, servers are now abstract units of raw computing power dynamically allocated when needed by a system and disposed of when their task is completed. Users get the resources they want when they need them, forsaking bygone capacity planning exercises that have traditionally led to data centers and server racks overprovisioned for peak loads, only to sit underutilized most of the time. These days, IT infrastructure scaleout is defined by Application Programming Interface (API) calls and the speed of the Internet/cloud provider, no longer by purchase orders and six- to eight-week lead times. While we all realize that this paradigm is the new normal, it's worth taking a moment to reflect on how we got here, evaluating the current landscape, and looking forward to things to come. In many ways, this indeed is a golden era of computing; in this book, we're going to embrace that notion fully by both taking in a broad view of the AWS infrastructure automation landscape and casting a deep lens (pun intended) toward the many different tools and services that comprise this landscape.
Bradley Campbell
Chapter 2. The Current Landscape
Abstract
The current landscape is an interesting mix of proprietary, vendor-locked tooling and cross-cloud compatible open source tooling. Some of these tools are primarily focused on managing the lifecycle of infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) services from providers, while some of them are traditional configuration management tools – capable of automating host/virtual machine configurations – that have been "bolted onto" to work with IaaS and PaaS services (though mostly as an afterthought). As we consider these tools, we’ll consider the following:
Bradley Campbell
Chapter 3. CloudFormation In-Depth
Abstract
Though there are no definitive numbers on the percentage of AWS users that rely on infrastructure-as-code (IaC) tooling, or how those users would decompose into a "CloudFormation vs. everything else" categorization, a general survey of AWS-related jobs on LinkedIn or elsewhere should be a pretty good indicator that CloudFormation has yet to be supplanted by third-party tools. Especially among businesses with AWS Support contracts, one of the most compelling arguments in favor of its adoption is that it is a native offering from AWS, and it falls under the purview of AWS Support.
Bradley Campbell
Chapter 4. Terraform In-Depth
Abstract
Now that we have a solid understanding of CloudFormation, we'll take a look at the third-party ecosystem. When it comes to third-party tools, the tool you will most frequently encounter – for now – will be Terraform. Even if you currently are or plan to manage your AWS deployments solely via CloudFormation, it's worth having a good working knowledge of Terraform. Key points of differentiation with respect to CloudFormation include: a much more robust modularization mechanism than nested stacks; the ability to bring existing resources under active management using an “import” command that interrogates the resource and creates an entry in Terraform’s state management “database” for that resource (though you do have to write matching code for the resource); a powerful DSL with support for flow control with for loops (as of Terraform v0.12) and pseudo for-like functionality with its count parameters that any resource can utilize; first-class support for data-gathering operations (e.g., getting a list of subnet IDs based on a tag to deploy an EC2 instance into) as opposed to the need to author a custom resource; interfaces that support authoring local scripts as opposed to having to deploy custom resource Lambdas for other operations that aren’t specifically supported by a resource or data source; and, lastly, the capability to manage services that form other parts of your toolchain, like GitHub repositories, databases within a database server, database users, and loads of other services.
Bradley Campbell
Chapter 5. CloudFormation-Based Tools
Abstract
In Chapter 2, we looked at a variety of tools that form an ecosystem around CloudFormation. In this chapter, we'll take a look at two of these tools: Troposphere, a DSL wrapper, and Sceptre, an orchestration tool. We will discover how these tools interact with CloudFormation and how they can enhance our use of CloudFormation. Specifically, we will cover the following:
Bradley Campbell
Chapter 6. The AWS CDK and Pulumi
Abstract
The AWS CDK and Pulumi each represent "next-generation" orchestration tools that work by building an abstraction over an existing orchestrator that allows the use of a full programming language. In the case of the CDK, the CloudFormation service provides the underlying functionality that the CDK uses to create and manage infrastructure. Similarly, Pulumi leverages Terraform's providers to provide this sort of functionality. Right away, we see a difference in the extensibility of each tool, as the overall reach of the tool's functionality is constrained by its underlying orchestration technology: the CDK is limited to CloudFormation, while Pulumi has the ability to be supported by whatever Terraform providers are bridged to Pulumi's specifications.
Bradley Campbell
Chapter 7. Let’s Build a VPC
Abstract
As the tools in this book (and many others) have arrived on the scene over the last few years, most have – in a very similar vein that of the programming language counterparts – shown up with the de facto "Hello World" example in tow. Often, these examples are so reductionistic as to hardly be useful, for example, creating an S3 bucket. In this chapter, we'll be creating a core component of networking infrastructure: a fully working three-tier VPC, complete with public, private, and data subnets, gateways, routing tables, and the routes needed to ensure that traffic from each tier is appropriately routed. Our example will also enable flow logs for the VPC, including needed IAM constructs to grant trust to the CloudWatch Logs service on behalf of the VPC service to allow the logs to be written appropriately.
Bradley Campbell
Chapter 8. Conclusion
Abstract
As we started our journey, we lived a few days in the life of a budding cloud engineer who needed a solution to manage their cloud estate's resources in a robust, manageable way. In the hypothetical world in which no tooling exists to deal with the situation, our engineer resorted to creating and attempting to manage a bespoke set of tools to manage a situation of ever-increasing complexity. The stage set, we dove into the current landscape of infrastructure management tools, looking at the major players, the ecosystems that have emerged around them, and next-generation tools that build upon the success, power, and stability of these tools. If you've walked away from this book with anything, it's probably a sense of how vast this ecosystem and the choices you must make to figure out what tool (or tools) are best for you and the needs of your organization. So, instead of providing a recap of everything I've said already in this book, I'm going to leave you with two more thoughts.
Bradley Campbell
Backmatter
Metadata
Title
The Definitive Guide to AWS Infrastructure Automation
Author
Bradley Campbell
Copyright Year
2020
Publisher
Apress
Electronic ISBN
978-1-4842-5398-4
Print ISBN
978-1-4842-5397-7
DOI
https://doi.org/10.1007/978-1-4842-5398-4

Premium Partner

    Image Credits