Using Infrastructure as Code on AWS to Help Scale a Start-Up

Infrastructure-as-Code (IaC) on AWS

A shortage of skilled talent, a recent move to the cloud, and looking to mitigate human error, are all valid and common reasons why companies in every industry want to start writing infrastructure as code with AWS.

Nowadays cloud service providers like Amazon Web Services and Microsoft Azure make it possible and increasingly easy to spin up a virtual server in a matter of minutes. The difficult part becomes spinning up a server that is interconnected with the correct managed services and configurations needed to perform in stride with your current infrastructure.

After all, it makes no sense adding horsepower if those horses run in the opposite direction.

Infrastructure as Code Evolution


The Evolution of Code Deployments

  1. First applications were manually deployed to their hosting environments.
  2. Then network engineers began to automate that process through fragile scripts.
  3. People started modifying these scripts to adapt to new requirements, but it was difficult and time-consuming.
  4. These modifications quickly became inconsistent and unreliable due to evolving cloud environments and new technology causing misconfigurations, inoperable dependencies, or a dozen other unaccounted for outcomes.
  5. The popularity of DevOps has since introduced IaC (Infrastructure-as-Code), a single file that serves as the source of truth for spinning up infrastructure requirements perfectly provisioned for code deployments. Creating a technically sound, easily manageable, and repeatable process for modern code deployments.

DevOps, what it is and why you need it.

High-performing DevOps organizations see:

  • 200x more frequent deploys
  • 24x faster recovery times
  • 3x lower change failure rates
DevOps Explained
The definition of IaC:

Infrastructure as Code: A process that describes and provisions all the infrastructure resources in a cloud environment using a simple text file. Used to model and provision all the resources needed for your applications across all regions and accounts.


IaC on AWS Example

It’s one thing to spin up an EC2 instance. It’s another thing to do it correctly and effectively with the complex smorgasbord of services these providers offer. Getting them all interconnected and working properly can require you to navigate an unfamiliar landscape and be quite cumbersome if your not versed in cloud services, offerings, and capabilities.

When we first started working with a client in the employee engagement space on their SaaS product, in traditional start-up fashion, every employee was moving a mile-a-minute and responsible for a portfolio of tasks. Our DevOps-as-a-Service partnership allowed us to set up Continuous Integration and Continuous Delivery (CI/CD) pipelines as well as start writing Infrastructure-as-Code (IaC) to quickly, effortlessly, and accurately deploy code and launch additional infrastructure services.

Allowing their development team to instantly code on properly provisioned VPCs and provide their clients with immediate compute power to handle growing workloads.

Reducing go to market time by 88%

Infrastructure as Code, Continuous Integration and Delivery (CI/CD) open up the option to pursue what we call “single-as-multi-tenant” systems.

A service that is multi-tenant from our client’s perspective but rolled out as isolated single tenant systems for each of their customers in compliance with their security and privacy policies.  

Single Tenant applications can sometimes be known for their cumbersome maintenance, be more costly to host than Multi-Tenant systems, and not always maximize their infrastructure resource allocation. Three key pain points that cloud computing solves natively.

The automated deployment (CI/CD) pipelines and auto-deploying infrastructure (IaC) we created for our SaaS client allow us the ability to spin up, correctly size, and provision new environments without excessive workloads and extended timeframes.

While safeguarding data and privileged employee information, at the same time making the entire environment less vulnerable and highly available.

There are a lot of acronyms thrown around here, and keeping track of these services along with understanding the relationship between DevOps, Infrastructure as Code, Continuous Integration and Continuous Delivery can be confusing.

In simple terms. Infrastructure as Code is a key practice of DevOps teams and integrates as part of the CI/CD pipeline. Or better put, when we run DevOps-as-a-Service for clients, we write Infrastructure as Code as one step in the process of setting up our CI/CD pipelines.

When we started working with this SaaS company in the employee engagement space, their legacy infrastructure was hosted with a cloud service that only provided Virtual Machines, and no additional services to help optimize or right-size configurations.

We knew immediately that by hosting with AWS we would be able to leverage AWS features and services to configure equivalent VPCs and run these same workloads cheaper, faster, and more securely.

Our migration process onto Amazon Web Services adheres to AWS’ security best practices and the famous AWS Well-Architected Framework. Which establishes very high standards for operational excellence, security, reliability, performance efficiency, and cost optimization.

Which would set us on a path to eventually create auto scaling groups and add in horizontal scalability to achieve significant performance gains.

The AWS Services We Used In This IaC Project

Infrastructure as Code & AWS Resource Provisioning

Using AWS CloudFormation we wrote a simple text file to serve as the single source of truth for our clients’ cloud environment. By using code to automate the process of setting up and configuring a Virtual Machine (VM) or container. We now had a fast and repeatable method for replicating the process when our client scales and on-boards new accounts.

This became very beneficial when large clients required customization and additional deployments, which were previously being handled manually. Turning a tedious and expensive on-boarding process into something palatable and risk adverse.

We then developed tools and Proof of Concepts (PoCs) to be used for automated deployments. With features that were carefully thought-out and evaluated. We leveraged Terraform to handle the deployment of multiple single-tenant applications with Infrastructure written as Code (IaC).

This also ensured quick rollouts of additional environments, while establishing a protocol used for Beta and QA for each tenant in a consistent manner.

3rd Party Services We Used In This IaC Project
Jenkins is an open source automation server
20 May

Jenkins

Rollbar Error Tracking
20 May

Rollbar

Bitbucket is a web-based version control repository
20 May

Bitbucket

Terraform is an open-source infrastructure as code software tool
20 May

Terraform

New Relic software monitoring and analytics
20 May

New Relic

  • Jenkins as our automation server for custom deployments.
  • Rollbar for real-time error monitoring and crash reporting.
  • Bitbucket for code versioning and collaboration.
  • Terraform for automation of infrastructure creation and environment rollout on multiple cloud providers.
  • New Relic for Application Performance Monitoring and distributed tracing.

Using Terraform for Configuration Orchestration When Writing Infrastructure as Code

Terraform is an infrastructure provisioning tool. It allows you to describe infrastructure as code and create an “execution plan” to outline exactly what will happen when you run your code or text file.

Using its own domain-specific JSON-compatible langue, Terraform is used to create these IaC configuration files.

Terraform is cloud-agnostic and allows you to automate infrastructure stacks from multiple cloud service providers simultaneously while integrating other third-party services.

It’s no surprise how big of AWS fans we are, I mean we have taken the time to become a certified Advanced Consulting Partner, and we even have our DevOps Competency accreditation from AWS. So why would we not use AWS’ native IaC tool, CloudFormation… Well, we did.

Although Terraform and CloudFormation are both provisioning tools, there are situations where both tools running in parallel make sense. Terraform is able to run CloudFormation templates and can even serve as a very powerful wrapper. Allowing us to use AWS’s Service Catalog, including everything from virtual machine images, servers, software, and databases.

The strength of Amazon’s IaC offering is that it has such tight integration with all the other AWS services, that almost anything that can be done with scripts using CloudFormation. Enabling us to build templates for our customers for them to easily experiment with while inheriting best infrastructure practices.

The Impact IaC Had For Our Client

We migrated our client and their SaaS product into an auto-scalable, multi-server cloud infrastructure that ensured consistent application performance.

While delivering a better user experience for their customers with zero downtime.

Implementing Infrastructure as Code increased the standardization of rollouts, reduced client-side risk, and increased developer productivity to fully reap the benefits of a DevOps culture.

We optimized their wallet along with their infrastructure, to reduce their overall Total Cost of Ownership (TCO) freeing up monetary and human capital.