A DevOps Wiki

View project on GitHub

DevOps Infrastructure

DevOps Infrastructure is the hardware and software used to provide services to end users. It includes everything from the networks connecting the internet together, to datacenters and physical servers, and the virtual servers and software running on them.

Infrastructure is a dynamic element in DevOps. It may need to grow and change to provide for a product’s changing requirements, and should be managed with software tools in version control.

Infrastructure as Code

This term just means managing your infrastructure in version-controlled files. This could be as simple as keeping hostnames and IPs in a text file in Git, but best practice is to use standard tools to interpret configuration files and make changes (without the need to write custom programs).

The first tools used for IaC were [Configuration Management] tools like [Puppet] and [Chef], as well as orchestration tools like [AWS CloudFormation]. Modern Continuous Configuration Automation systems manage both the configuration and deployment of datacenter equipment, and are referred to as “orchestration” tools.


  • Orchestration / Continuous Configuration Automation
    • Terraform, AWS CloudFormation, Ansible Tower, Otter (orchestration)
  • Configuration Management
    • Ansible, Puppet, Chef, SaltStack (configuration management)

Immutable Infrastructure

If infrastructure is ‘mutable’, it may often change in subtle ways, which then become complex changes over time, introducing bugs. By keeping systems from changing over time, we reduce this eventuality.

How to implement immutable infrastructure:

  1. Provision a new resource
  2. Test it
  3. Change a reference to the new resource
  4. Keep the old resource around (for rollback)
  5. Delete the N-oldest resource if no longer needed
  6. To fail back to a specific old resource, re-deploy a resource with the old version

All immutable infrastructure must be created through a standard automated process, be version controlled, and pass a series of tests. This ensures that all changes are known and repeatable, and allows for simple roll-back in the event of problems.

The benefits are immense. No more wrestling with a configuration management tool, connecting to all of your hosts, updating their software patches, taking out time to fix one or two which didn’t update properly, trying to figure out who edited a file on one host one time three years ago, or trying to re-install an old server or package which nobody knows how to do anymore. Simply start a brand new instance from the version-controlled image, and disable/delete the old one when you are finished. To roll back, do the same procedure with a different version of the image.


  • Docker containers
  • Packer-created system images
  • AWS EC2 AMIs


Pets vs Cattle

Prev: Culture | Next: Tools