Infrastructure Provisioning

Infrastructure Provisioning is a fundamental aspect of IaC where the defined infrastructure is created, deployed, and managed as code. Rather than relying on manual and error-prone processes, IaC empowers teams to automate infrastructure provisioning through code, ensuring a highly systematic and repeatable approach.

By embracing Infrastructure Provisioning as a core tenet of IaC, organizations can unlock the advantages of agility, cost-efficiency, and reliability in managing their digital infrastructure. This approach transforms infrastructure management from a manual, error-prone process into a streamlined, automated, and agile practice, aligning it with the principles and practices that have revolutionized software development.

Creating Infrastructure Resources

The core of infrastructure provisioning is defining the resources you need for your project, such as VMs, databases, networks, and more. In your IaC code, you describe the desired state of these resources, specifying their attributes, relationships, and configurations.

We leverage Terraform scripts for cloud resource provisioning at IT-Conductor. Specifically, we've crafted a VM-centric Terraform script, which not only provisions virtual machines but also handles the generation and utilization of necessary resources for these VMs. This versatile script has the ability to connect already existing resources like networks, subnets, keys, and security groups or generate them on the fly for provisioning the VM.

The script accepts a JSON configuration file that houses resource information as its input. Below is an example of a simple configuration file designed for provisioning an Azure VM.

{
  "infrastructure": {
    "region": "westus",
    "resource_group": { 
      "is_existing": "false",
      "name": "itc-rg"
    },
    "vnets": {
      "management": {
        "is_existing": "true",
        "arm_id":"/subscriptions/XXXXXXXXXXXX/resourceGroups/XXXXXXXXX/providers/Microsoft.Network/virtualNetworks/XXXXXXX",
        "address_space": "10.200.0.0/16",
        "subnet_mgmt": {
          "is_existing": "false",
          "name": "single-vm-test-subnet",
          "prefix": "10.200.10.0/24",
          "nsg": {
            "is_existing": "false",
            "name": "nsg-mgmt-single-vm-test",
            "allowed_ips": [
              "0.0.0.0/0"
            ]
          }
        }
      }
    }
  },
  "vms": [
    {
      "name": "vm1",
      "os": {
        "publisher": "suse",
        "offer": "sles-sap-12-sp5",
        "sku": "gen1"
      },
      "size": "STANDARD_B1s",
      "disk_type": "StandardSSD_LRS",
      "authentication": {
        "type": "key",
        "username": "itcuser"
      }
    }
  ],
  "sshkey": {
    "path_to_public_key": "~/.ssh/id_rsa.pub",
    "path_to_private_key": "~/.ssh/id_rsa"
  }
}

In the configuration file, all the fields are self-explanatory. The field is_existing signifies that the resource already exists. If this value is true, it is used by the script to connect to the VM being provisioned. Otherwise, this resource also gets created from the script itself. Also, the keys are stored in ITC as data files and downloaded to the IT-Conductor Gateway temporarily during the provisioning of the VM.

Explore the following scenarios illustrating resource provisioning during migrations:

• Oracle to AWS Migration

• Oracle to ASE Migration

• SAP on MSSQL to AWS Migration

• S/4HANA to Cloud Migration

Resource Dependencies and Order

Some IaC tools handle resource dependency management intelligently, deploying resources in a way that adheres to the dependencies and relationships among defined resources. Familiarize yourself with your chosen tool's behavior in this regard.

• In Terraform, you can utilize depends_onand count parameters to control the creation order. This meta-argument handles hidden resource or module dependencies that Terraform cannot automatically infer.

• In Ansible, you can structure your playbooks to execute tasks in the desired sequence. By structuring your playbooks effectively, you can enforce a logical order of operations, execute configurations, and maintain the overall flow of your automation, ensuring that your infrastructure and applications are configured, deployed, and managed in a well-defined and organized manner.