Newstechok.com

Infrastructure as code: Maintains developer productivity while maintaining the security of organizations

Developers have always needed infrastructure. But with the need to quickly update apps or websites to take advantage of changing market conditions, the idea of ​​asking IT to develop an environment and having to wait sometimes days for it no longer works for organizations trying to keep up the pace. In short, the productivity of developers suffered.

Enter the infrastructure as code (IaC), touched by the launch of public cloud services, which allowed developers to easily consume them just when they need them. But if you had to apply for these services and wait for a response, public cloud services would never succeed, according to Navin Chabra, an analyst at Forrester.

So why infrastructure as code? Why not infrastructure as infrastructure? Chabra said: “The main person using these so-called cloud services was the application developers, and the application developers know how to code. So, he said, this has become the main mechanism for obtaining storage, calculating units, a new database or containers, whereby these services can be consumed in a codified way.

But this is not limited to the public cloud. VMware, for example, offers a provider that Chhabra said was an abstract layer of the infrastructure component. “Call the API or call this provider and I will give you the resources,” he explained.

Growing complexity of infrastructure

When cloud services first appeared, developers were able to easily set up test and stage environments before the application was deployed. Today, organizations deal with hybrid and multi-cloud environments, as well as Kubernetes architectures, service networks, and server-free applications, to name a few. According to Aaron Kao, vice president of marketing at universal IaC platform provider Pulumi, a typical application today has about 400 different services. However, many of the current IaC tools are either markup languages ​​or DSL (domain-specific languages).

“What’s happening with these older DSL-based IaC tools is starting to add a lot of features to this DSL, and someone recently told me that DSLs are just like bad facsimiles in real programming languages ​​because there are ongoing abstractions and there are growing complexities that you are trying to deal with, and you still have to put things into it, ”Cao said.

Because of this complexity, organizations are struggling with their competitors to hire full-stack developers who are familiar with application development and what it takes in the back end to deploy those applications. But because the cost to these developers is high, organizations may not want to struggle to build infrastructure or allow them to build IaCs without guardrails. Ronak Rahman, developer liaison manager at Quali infrastructure provider, said: “Who creates these guardrails? And they need things to keep in mind. Is my developer’s problem that the Docker file or the container I’m building … has a security flaw? You see how companies try [add guardrails] with their TerraForm scripts so developers aren’t interested in it; they can just provide their software. “

Keep productivity high

To keep developers productive, Kao said: “It’s really about streamlining. Instead of having multiple toolkits for building infrastructure and developing applications, you can use one. And instead of, say, having a separate IaC system, you know, like, well, there are a lot of tools you need to get built with this . ” So, IaC providers like Pulumi see the need to integrate with the tools and programming languages ​​where developers live.

One thing related to developer productivity is the diversion of infrastructure and applications, according to Roxana Ciobanu, CTO and co-founder of Bunnyshell, a service environment platform. “Development problems are inevitable when engineers work in environments with out-of-sync infrastructures and older versions of applications,” she said. “Drift detection is one half of the solution, and automatic removal is the other half, and we see a lot of challenges there.” for development, stage or production environment.

Is DevOps Marginalizing IT?

There has always been territorial behavior when it comes to IT. Developers write code, operational engineers create policies and management that ensure that the infrastructure is used in a way that does not harm the organization.

According to Forrester’s Chhabra, the involvement of infrastructure owners stems from management needs. “Again, we have seen examples, these are not the only reasons, but we have seen examples of excessive costs in the cloud. So can I put in a management layer that says, “Hey, you get the infrastructure, the type of infrastructure, the size of the infrastructure, the length of the infrastructure, what you actually need, and you don’t leave it unattended overnight, work, you know, without us. So can I bind this time? Time basis for how long? What, where and when can you actually use the resources? So that’s the basis of where these management requirements come from. “

Rahman sees him less as a developer who takes something from IT, and more as an operational engineer who doesn’t keep his skills up to date.

However, this phenomenon is not limited to the technology industry. In journalism, for example, older print editors may resent the shift from newspapers to multimedia presentations and younger reporters who come with video and social media skills. Another good example in technology is mainframe programmers, which were easy with COBOL, but did not cope with the client / server and new languages ​​for more modern software development appeared.

“I think marginalization is a symptom of, you know, all this lack of trust and… I think the solution there is just to update your digitalization skills,” Rahman said. “You know, you don’t arrange and arrange servers anymore, and let’s hope you don’t go to a cold room and you know how to organize your wires. So, you know, we need new skills to make us live our art and live our best lives.

Part of the problem, Rahman noted, is that historically, developers and IT have had different goals. Developers want to innovate for new products and features; IT wants to ensure that the systems work and work, comply with regulations such as HIPAA and Sarbanes-Oxley and keep costs under control.

“I see developers more as creative artists deep in their art,” Rahman said. “Both IT and centralized DevOps represent business interests, you know, they’re in a completely different organizational structure and they’re responsible for making sure there are railings, there’s management. I do not answer to the product team for products that come out of the pipeline faster. So there are two different concerns. There are business concerns with absolutely legitimate management, costs and security. And then there is the interest of the developer, which is minus the interest. “I do not want to be interested in infrastructure. You know, it’s great that you gave me the tools, but I’m just going to learn how good it is to do what I want to do, which is great features.

Management is critical

Traditional IT participation in infrastructure arises from the need for management. One area that is particularly important for business is security. Chabra of Forrester explained: “Due to security concerns, I do not want to deal with all public cloud providers or all infrastructure providers and find that I am now responsible for correcting and managing vulnerabilities. What if I could reduce the area of ​​attack? And this can be done with standardization. Another reason is geolocation. Whether due to data sovereignty requirements or geopolitical reasons, for a specific project, say, a large oil and gas company wants to launch a project in Australia. What is required by Australia, you must use all of these applications and IT resources in Australia. So what do I do? As a business leader, I can’t allow app owners to even mistakenly run it in AWS East. So there are various forces that make this requirement about how resources are where, when and what resources are consumed, whether for cost, geopolitical or educational reasons and, you know, sovereignty requirements.

Developers are creating the code infrastructure they need, but IT still needs to be a gateway for them to access that infrastructure. Chabra said: “Developers cannot be expected to understand all the latest developments in management. So you still have to have such an intermediary in the field of information technology, you know, who gives them the keys, only at a certain time and in a certain place, and only for a long time.

IaC gives you speed; the control gives you the window and the control mechanism. This, Chabra said, “ensures that there are no obstacles to how fast you can go from where you are to where you want to be.”

Infrastructure as Code: Keeping developers productive, keeping organizations safe

Exit mobile version