Why Infrastructure-as-Code is a Last Decade Technology
June 16, 2022

Venkat Thiruvengadam
DuploCloud

When infrastructure-as-code (IaC) burst onto the scene in 2006, it was a game-changer. Not only did it redefine the way software engineers and operations thought about the provisioning and maintenance of infrastructure, but it also allowed teams to treat infrastructure like product code — meaning changes were now easy to track, repeatable, iterative, and recoverable. By combining the same tools as any other software project with IaC, developers were able to rapidly deploy applications. Today, IaC is regularly used by DevOps teams.

However, the increasing complexity of things like data center configurations, security requirements, and rapidly changing guidelines means IaC is poised for an overhaul. New technologies and techniques can help solve many of the challenges IaC presents.

IaC Workflow

Today, most enterprises are moving towards cloud-based infrastructure where deployments are 100% software-driven and underlying resources are standardized. The myriad of today's off-the-shelf components and services allow developers to create complex applications that can work at scale either on-prem or in the cloud. While this provides flexibility and agility in terms of application development, the proliferation of these components and services has created a drastic uptick in fragmentation throughout the infrastructure. In other words, they are deploying IaC.

Infrastructure-as-code is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. To create a successful IaC workflow, first, you must create the base infrastructure, then build out the platform/application services, conduct application provisioning or CI/CD, and run application monitoring.

Fundamentally, IaC requires DevOps engineers to have a lot of subject matter expertise, in-depth knowledge of security configurations and compliance standards, and the ability to code well. Simply put, IaC has created a unicorn skillset. Developers are not operators and operators are not developers.

While IaC shines at creating the base infrastructure and building out the platform/application services, it is strongly lacking in provisioning, application monitoring, and CI/CD. In other words, DevOps teams' needs have outgrown what IaC can provide.

IaC Needs to Operate at a Higher Level of Abstraction

To meet today's DevOps teams' needs, IaC needs to operate at a higher level of abstraction. To do that, you need the following:

1. Application-centric automation: Application-centric infrastructure configures and displays the entire application ecosystem — allowing administrators to manage a single system for application delivery instead of managing individual servers. It encompasses the virtualization of the data center and incorporates automated load-balancing, on-demand provisioning, and the ability to scale network resources as needed.

2. A rules-based engine: Application-centric automation by itself isn't enough. We need a rules-based engine that can take app-centric information and automatically run the rules to make sure that the software is compliant with the relevant security standards.

3. Self-service with guardrails for developers: Developers want to focus on building applications — not infrastructure. With code automation, developers can ask for secured resources without having to know tons of lower-level details to meet operations or accidentally violating the needed compliance and security requirements.

As you can see, IaC will need to evolve dramatically to meet the needs of today. Already, new technologies such as no-code/low code are addressing many of the shortcomings of IaC. It's only a matter of time before more companies adopt them.

Venkat Thiruvengadam is Founder and CEO of DuploCloud
Share this

Industry News

June 27, 2022

Delinea announced the latest release of DevOps Secrets Vault.

June 27, 2022

Jit announced a $38.5 million seed funding round and launched a free beta version which automates product security.

June 27, 2022

Platform.sh raised $140 million in Series D funding.

June 23, 2022

Akana by Perforce now offers BlazeMeter to customers, previously a solution with Broadcom Layer7.

June 23, 2022

Coder announced the release of a new open source project that gives developers and data scientists a consistent, secure, yet flexible way to create cloud workspaces in minutes.

June 23, 2022

GitGuardian is announcing a series of new features to address developer experience in securing the software development lifecycle.

June 22, 2022

OctoML released a major platform expansion to accelerate the development of AI-powered applications by eliminating bottlenecks in machine learning deployment.

June 22, 2022

Snow Software announced new functionality and integrations for Snow Atlas, a purpose-built platform that provides a framework to accelerate data-driven technology decision-making.

June 22, 2022

Traefik Labs launched Traefik Hub, a new cloud service that eliminates the complexity of management and automation of Kubernetes and Docker networking at scale.

June 21, 2022

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the new Open Programmable Infrastructure (OPI) Project.

June 21, 2022

Docker announced the acquisition of Atomist, a company founded to improve developer productivity and keep cloud native applications safe.

June 21, 2022

SmartBear released BitBar, an all-in-one web and native mobile app testing solution.

June 16, 2022

Armory announced general availability of Armory Continuous Deployment-as-a-Service.

June 16, 2022

Infragistics announced the launch of App Builder On-Prem.

June 16, 2022

LambdaTest launched Test-at-Scale (TAS), a test intelligence and observability platform, to help development teams with shift-left testing.