For online information and ordering of these and other Manning books, please visit www.manning.com. The publisher offers discounts on these books when ordered in quantity.
Manning Publications Co.
2022 by Manning Publications Co. All rights reserved.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps.
Recognizing the importance of preserving what has been written, it is Mannings policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without the use of elemental chlorine.
front matter
preface
The first time I toured a data center, I was fascinated by the entrance retinal scanner, flashing lights, cooling systems, and colorful wiring. Coming from an electrical engineering background, I could appreciate the complexity of managing hardware. I came upon the confusing concept of cloud computing when a company hired me to manage a private cloud platform. I no longer plugged in wires and crafted servers. Instead, I stared at progress bars in a user interface for thousands of servers and wrote terrible scripts to provision them.
At that point, I realized I needed to learn more. I wanted to automate more infrastructure and write more sustainable code that other team members could use. My learning journey reflected the growth of cloud computing and the DevOps philosophy. We needed to learn how to change and scale our infrastructure to keep up business innovation and avoid affecting critical systems! With the public cloud making it even easier to get infrastructure resources on demand, we could almost start treating our infrastructure as an extension of our software.
I traveled a rocky learning journey by becoming a generalist. I priced out public cloud migrations, paired with senior Java developers (the challenge that made me cry), applied design patterns and software development theory to code, tried out Agile methodology, and asked quality assurance and security professionals many questions. As I soaked up different perspectives and technical experiences, I tried to help other folks on their learning journeys as a consultant and, eventually, a developer advocate for open source infrastructure tools.
I decided to write this book because enough systems administrators, security professionals, and software developers expressed that they wanted to learn infrastructure as code (IaC) and needed a resource that organized patterns and practices for writing it. This book reflects everything I wished I learned earlier about IaC and the considerations and challenges of applying specific patterns and practices over others, agnostic of the tools and technologies.
I never expected the book to have so much detail. Whenever I released a chapter, I received a note from someone about something I forgot or a recommendation to expand one subject into a chapter. Many chapters cover topics that have entire books (or documentaries, even) dedicated to them but receive a general, high-level treatment in this book. I focus on the most important things you must know to apply the topic to IaC.
You might look at the examples in this book and ask, Why not use this other tool? I struggled to balance high-level theories with practical examples. The code listings generated spirited discussions from my reviewers and editors, many of whom suggested expansions or substitutions in a different language, tool, and platform! I tried my best to find a combination of languages, tools, and platforms to demonstrate the patterns. At the time of writing, youll find the code listings written in Python, deployed by HashiCorp Terraform, and run on Google Cloud Platform (GCP). Each code listing comes with a high-level description of the pattern and practice, which you can apply irrespective of language, tool, or platform.
I hope you read this book and find one or two patterns that help you write cleaner IaC, collaborate on IaC in your team, and scale and secure your IaC across your company. Please dont expect to use every pattern and practice or apply all of them at once. You might feel overwhelmed! As you encounter challenges in your IaC, I hope you return to this book and reference a few more patterns.
acknowledgments
It takes a community to write a book, and the one that came together to help me is exceptional.
Thank you to my partner, Adam, who helped me make the time (and plenty of coffee) to focus and work on this book. Also thank you to my family, who encouraged me to pursue my interest in infrastructure. You provided words of encouragement and a listening ear, even if you didnt understand the technical concepts I was trying to untangle.
I am very grateful to my editors at ManningChris Philips, Mike Shepard, Tricia Louvar, and Frances Lefkowitzfor their patience, encouragement, guidance, and recommendations. Thank you for staying so consistent in your feedback and commitment through some very rough drafts. I want to also thank the team behind the production and promotion of this book.