What is Infrastructure as Code (IaC)
Infrastructure as Code (or IaC — because apparently every concept needs a catchy acronym) is the process of provisioning, deploying and managing infrastructure through code, rather than through manual processes, which helps to prevent errors that could lead to an inconsistent infrastructure. Therefore, infrastructure as code plays a key role in DevOps, as it helps us avoid the well-known “it works on my machine” problem. In addition, it allows us to have version control over our infrastructure, something that's hard to achieve otherwise.
How can we develop our code?
There are many tools we can use to achieve a solid IaC configuration, in fact, these tools can be classified into 4 categories: configuration management tools (Ansible, Saltstack), containerization and server templating tools (Docker), orchestration tools (Kubernetes, Docker Swarm, Kamal), provisioning tools (Terraform, AWS CloudFormation, OpenTofu)
In this blog we will mainly focus on two of these tools: Terraform and Kamal.
Terraform
Terraform is a provisioning tool developed by HashiCorp that allows us to configure our infrastructure using a configuration language also developed by HashiCorp, which is intended to be easy for humans to read and write and it also supports most of the main cloud providers, such as AWS, Azure, GCP, and more.
Here is an example of Terraform’s syntax:
You could think of it as using Docker, but for infrastructure rather than software, as Terraform files resemble dockerfiles in the sense that they are files where you specify the dependencies (in this case, infrastructure components) that you need to fulfill in order to successfully deploy your amazing application.
A remarkable feature of Terraform is that it can manage the state of the infrastructure, this means that if you create a virtual machine, for example, Terraform will store the information related to that VM so that if you decide to change it, it will not create a new one but will simply modify the original one. This state is saved in a .tfstate file that you should store safely somewhere, for example in S3, to avoid deleting the file by mistake.
When should you use Terraform - And when shouldn’t you?
It’s common for popular technologies to be adopted blindly, simply because they're trending. We see this often with innovations like AI, where tools are applied even to simple problems that could be solved more efficiently with traditional approaches. Terraform is no exception, while it's powerful, it’s not always the right fit.
However, it is important to realize whether it is really necessary or not. We have to take into account that although Terraform can make it easy to manage our infrastructure, it can be complex to build a robust file that can fully provide the infrastructure we need. Another thing to consider is that modifying the infrastructure from outside the code can lead to unexpected results, as these changes won’t be registered by Terraform in its state file, this is known as drift.
Terraform is thought to provide a stable infrastructure, so if the resources change all the time, it would not be a good use of it. The same happens with resources with a short lifespan, since it would probably be easier to create an instance through the GUI than through a TF file.
So, when should we opt for Terraform? Well, as I mentioned before, it is great when dealing with a stable infrastructure, one that you are not planning to change in the short term, or at least not too frequently. It is also a great alternative if you are in a multi-cloud environment, since it allows you to manage the resources across multiple providers within the same file.
That being said, it’s time to move on to the next tool.
Kamal
Kamal is a tool that, as its premise says, allows us to easily deploy web applications anywhere. How? By taking care of everything, from installing Docker to building the image and launching the app. It also sets up a proxy that will keep our app working during the deployment, which is great for CI/CD workflows. It was developed by Basecamp and used by themselves to move their cloud-based application to their own servers.
We could think of Kamal as an abstraction of Docker in some way, as we just use a set of Kamal commands that will then execute Docker commands in the background, making everything less complex. However, it's not just executing commands, we have to first specify the app’s settings in the deploy.yml file (generated by the init command), once we’ve done this, we are ready to go!
Here’s an example of a very basic deploy.yml file:
Why use Kamal?
As I've said before, Kamal takes care of everything involved in the deployment process, making it more reliable and providing an easier setup than other tools, such as Kubernetes would do. This contributes to reducing human-introduced mistakes. Also, the deployment process and configuration are centralized, making it more maintainable.
When is it a good idea to use Kamal?
Kamal is an excellent alternative if your application has a monolithic architecture or if it is distributed but not very complex. It is also an excellent choice if you want to deploy your application on your own hardware. A proof of this is that, as I mentioned before, Basecamp used this tool to migrate their application to their own hardware, so what more proof do we need, right?
It is important to mention that Kamal is best used as a Ruby gem, as it has a few less limitations, so if you have a Rails project, this tool may be one to consider.
Wrapping up
IaC has been increasingly adopted over the years, and while we only covered two tools in this blog, there are many out there to help you manage infrastructure through code. The key is to choose the one that best fits your needs. Hopefully, this gave you a clearer picture of a well-established tool like Terraform, and a newer, simpler one like Kamal.
Thanks for reading!