Kief Morris has been designing, building, and running automated IT server infrastructure for nearly twenty years, having started out with shell scripts and Perl, moving on to CFengine, Puppet, Chef, and Ansible among other technologies as they’ve emerged. He is the head of ThoughtWorks’ European practice for Continuous Delivery and DevOps, helping clients find more effective ways of building and managing infrastructure operations. Kief is the author of Infrastructure as Code, and will be giving a tutorial at Velocity New York in September. I sat down with Kief to discuss his thoughts on infrastructure. Here are some highlights from our conversation.
What is "Infrastructure as Code"?
Infrastructure as Code (IaC) is about applying tools and practices from software development to managing infrastructure. It leverages tools—like Ansible, Chef, Puppet and Terraform—that define elements of infrastructure and its configuration in code, which can then be checked into source control, automatically tested using Test Driven Development and Continuous Integration, and safely rolled out to systems using Continuous Delivery.
What is the relationship between IaC and DevOps?
DevOps is often described with the “CALMS” model, meaning it’s a combination of Culture, Automation, Lean, Measurement, and Sharing. Infrastructure as Code is the “Automation” part of this.
What are some common anti-patterns for automating infrastructure?
When I started out I did many of the things I see other people do today—for instance, treating server configuration tools like Puppet and Chef as a glorified scripting language. I created loads of identical servers but didn’t use the tools very well to keep things up to date and consistently configured, so everything became a bit of a mess.
What do you see on the horizon for infrastructure automation?
Containers and PaaS simplify how applications and services interact with infrastructure. I think configuring and managing servers, even virtual servers, will become more of a utility, the way physical hardware is today. So the attention will go into how to build, test, deploy and integrate containerized services. We have a ways to go before things like monitoring, data management systems, authentication and secret management are configured and deployed in a way that’s consistent and testable. So infrastructure as code needs to move up the stack.
You're speaking at the Velocity Conference in New York this September. What presentations are you looking forward to attending while there?
I’m interested in hearing the latest about how different people are handling container orchestration on cloud platforms. Interest in this area has been exploding but it’s still very immature, so there’s a lot to learn. I’m also looking forward to hearing what people are doing to make their environments secure. Automation and cloud have the potential to create highly secure environments, but most people aren’t doing this very well.