Organizations turn to infrastructure as code tools to automate infrastructure deployment and streamline application development, particularly as it applies to DevOps. Infrastructure as code reduces many of the manual processes and inefficiencies of traditional approaches to deploy infrastructure. It can also help simplify infrastructure management and reduce operating costs, while eliminating inconsistencies between environments such as testing, staging and production.
To streamline operations even further, some organizations use infrastructure as code (IaC) in conjunction with composable disaggregated infrastructure (CDI), which provides a foundation for automating and orchestrating resource provisioning. A CDI appliance delivers a software-defined environment that abstracts the physical resources and makes them available as services that can be dynamically composed and recomposed. The composable architecture also helps optimize resource utilization and simplify general administration.
When an organization uses CDI and IaC together, they have a platform for easily allocating resources to meet changing workload requirements, without the deployment and maintenance headaches that go with traditional infrastructure. For organizations to use IaC effectively with CDI, they need the right tools. But selecting the best tool can be a difficult process because there are so many products to choose from and it isn't always apparent how they differ. The following IaC tools comparison examines eight popular services that take different approaches to IaC. Although some products might be better suited to CDI, each provides an effective tool for using IaC to automate resource allocation.
How composable disaggregated infrastructure supports IaC
- Provides a software-defined infrastructure that automatically controls the physical resources without human intervention.
- Can perform such operations as provisioning, configuration and management to meet workload requirements, as defined by the coded infrastructure.
- Disaggregates the physical resources and presents them as services, providing an extremely flexible environment for running modern workloads.
- Provides flexible building blocks for composing and recomposing resources on demand, making it possible to implement infrastructure as needed to accommodate changing workloads.
- Can better accommodate fluctuating requirements as infrastructure needs change, while using resources more efficiently.
- Can run workloads in VMs, in containers and on bare metal, making it easier to accommodate varied IaC requirements.
- Doesn't have to be preconfigured for specific workloads because resources are configured on demand.
- Minimizes administrative overhead with built-in automation and orchestration.
- Offers a comprehensive management API that enables third-party tools to interface with the environment, enabling organizations to use their existing IaC tools.
The AWS CloudFormation IaC service enables users to model, provision and manage related AWS and third-party resources throughout their lifecycle. Developers use CloudFormation templates to describe the desired resources and their configurations. CloudFormation then uses the template code to provision and assemble the resource stacks, which administrators can deploy across multiple AWS accounts and regions.
- Developers can build their own resource providers by using the CloudFormation command-line interface, an open source tool that streamlines development.
- CloudFormation automates the processes of provisioning and updating infrastructure and enables admins to roll back stack-related operations.
- Developers can build serverless applications using the AWS Serverless Application Model, an open source framework that provides shorthand syntax for application definitions.
- CloudFormation enables users to preview how changes might affect running infrastructure and then decide whether to implement the changes.
Integrations. CloudFormation integrates with other AWS offerings, such as AWS Service Catalog and AWS Identity and Access Management. Admins can also use the CloudFormation Registry to model and provision third-party application resources along with AWS resources. In addition, AWS CloudFormation on GitHub offers open source projects that extend the platform's capabilities.
Pricing. CloudFormation is free to AWS customers when used with resource providers in the AWS::*, Alexa::* and Custom::* Namespaces, although organizations must still pay for the resources they provision. For third-party resource providers, prices start at $0.0009 per handler operation. However, CloudFormation is one of the services in the AWS Free Tier, so there's no charge for the first 1,000 third-party handler operations, which enables organizations to try the service for free.
Support. Amazon offers three paid support plans: Developer, Business and Enterprise. Organizations should contact AWS sales for plan details and pricing information. Amazon also offers the AWS Knowledge Center for answers to specific questions and provides the AWS Support Center, where customers can view and create support cases and access additional resources.
The Chef Infra automation platform transforms infrastructure into code. It enables organizations to automate how they configure, deploy and manage infrastructure across their networks, whether operating on premises, in the cloud or within hybrid environments. Organizations can use Chef Infra to ensure their systems are configured correctly and consistently, even as workload requirements change.
- Chef Infra makes infrastructure configurations testable, portable and auditable, and it ensures infrastructure changes are consistent and repeatable.
- Chef Infra can continuously configure systems against a desired state, while automating infrastructure validation and configuration.
- Developers and admins can use simple declarative definitions to carry out common administrative tasks.
- Chef Infra can apply updates dynamically and make conditional changes based on the running environment or hardware.
- Chef Infra can automatically correct configuration drift without impacting properly configured systems.
Integrations. Chef Infra Server provides an API that enables admins to access to server objects, including nodes, roles, environments, users, cookbooks and more. In addition, Chef Infra can configure a variety of cloud-based services, as well as integrate cloud provisioning APIs and third-party software. Chef Infra provides integrations for VMware, AWS Marketplace and Google Cloud Platform (GCP).
Pricing. Chef doesn't publish pricing information, so organizations should contact the Chef sales team for specific information. Chef was recently acquired by Progress Software Corp., so pricing information and policies could change.
Support. The general Chef support system offers online support for Chef Infra. Chef offers two levels of support -- Standard and Premium -- with Premium providing faster response times to issues. Customers can submit and manage their support tickets through the Chef Support Ticket System. Support requests are categorized by severity level, as outlined in the service-level agreement.
Google Cloud Deployment Manager
Google Cloud Deployment Manager is an infrastructure deployment service that's part of the GCP. The service uses template and configuration files to automate the creation and management of GCP resources such as Cloud Storage, Cloud SQL and Compute Engine. Deployment Manager treats infrastructure like software, which enables admins to provision, configure and deploy a large number of resources in a single operation.
- Customers can build repeatable environments that not only include infrastructure, but also networking, load-balancing and cloud-based identity and access management.
- Deployment Manager takes a declarative approach to infrastructure that enables users to specify what the configuration should look like and then lets the platform determine what steps to take.
- Developers can use parameterized templates to define resources that are commonly deployed together.
- Deployment Manager provides a preview mode admins can use to view an operation's impact before committing the changes.
- One resource definition can reference other definitions to create dependencies and control the order of resource deployments.
Integrations. Customers can register third-party APIs with the Deployment Manager service and then use Deployment Manager to deploy resources as types in the infrastructure configuration. Deployment Manager also includes its own API for facilitating access to resource types.
Pricing. Deployment Manager is available at no additional charge to GCP customers. As with Azure Resource Manager, charges are based on the provisioned resources. However, Google offers more than 20 free GCP services and provides $300 in credit for users to try out other services.
Support. GCP general support offers four support packages. Basic support is free to all GCP customers. The Development package is $100 per user, per month and provides in-depth investigation and response for developers. The Production package is $250 per user, per month and targets those managing live systems. Google doesn't list the price for the Premium package, which is designed for mission-critical workloads.
Terraform is available as a downloadable open source product, the cloud-based service Terraform Cloud or the self-hosted system Terraform Enterprise. Terraform enables users to build, change and version infrastructure. The platform can manage low-level resources, such as compute instances, to high-level components such as domain name services entries.
- Terraform generates an execution plan that shows the changes that will be applied to the infrastructure before committing those changes.
- The platform uses execution plans and resource graphs to apply complex changesets to infrastructure with minimal human interaction.
- Terraform can determine what has changed in a configuration and create incremental execution plans that users can apply.
- The multi-cloud compliance and management capabilities enable users to provision and maintain public cloud, private infrastructure and cloud services with a single workflow.
- The platform provides self-service capabilities that enable users to provision infrastructure on-demand from a library of approved resources.
Integrations. Like other platform in this IaC tools comparison, Terraform can integrate with a variety of systems, including cloud, DevOps, databases, network, source control, IT tools and infrastructure software. For example, the platform can integrate with GitHub, Brightbox, Skytap, Linode, MongoDB, Kubernetes, Splunk, Densify and Cisco networks.
Pricing. Organizations can download the open source product for free. Terraform Cloud offers three subscription tiers. The Free tier supports up to five users. The Team and Governance tier costs $20 per user, per month. Contact HashiCorp for pricing information for the Business tier, Terraform Enterprise or Terraform Cloud annual subscription rates, or to request a free demonstration.
Support. Organizations can access support via email or the web portal. Support for Terraform Cloud is tied to the subscription tiers, with the Business tier receiving priority support. Contact HashiCorp sales for more details about support options.
Microsoft Azure Resource Manager
Azure Resource Manager is a deployment and management service for Azure resources. The service provides users with a management layer to create, update and delete resources, while offering features such as access control, locks and tags to secure and organize resources after deployment. Users implement infrastructure through the use of templates, which are JSON files that define the resources and configurations necessary to support a project.
- Resource Manager enables users to deploy resources together and easily repeat deployment tasks, while ensuring they implement resources in a consistent state.
- Developers define the infrastructure and its dependencies in a single declarative template that they can use in multiple environments, such as testing, staging or production.
- Resource Manager offers role-based access control that enables organizations to determine who can perform actions on their resources.
- Admins can organize related resources into groups they can deploy or delete with a single action.
- Developers can use the Visual Studio Code extension for Resource Manager to enhance the template development process.
Integrations. Resource Manager provides integration with other Azure services, such as Azure Policy or Azure DevOps for continuous integration/continuous delivery.
Pricing. Resource Manager is a free service, so any charges incurred are based on the provisioned resources. Microsoft also offers more than 25 additional Azure services for free and provides some of its other services free for 12 months. Plus, Microsoft provides new users with a $200 credit to try Azure for 30 days. This enables an organization that's new to Azure to get a good sense of how Resource Manager works with various Azure services.
Support. Support for Resource Manager is part of Azure support, which offers four plans, each one building on the next. The Basic plan is free to all Azure customers. The Developer plan runs $29 per month and is ideal for trial and nonproduction environments. The Standard plan is $100 per month and is suitable for production workload environments. The top-tier support plan, Professional Direct, is $1,000 per month and is appropriate for business-critical workloads.
Puppet Enterprise is an integrated platform that organizations can use to manage and automate infrastructure and complex workflows. The platform enables admins to manage infrastructure at a global scale and combine model‑based and task-based capabilities into a single offering that can support large-scale, multi-cloud environments.
- Puppet Enterprise continuously enforces the desired infrastructure state to ensure security and compliance requirements are being met.
- Organizations can reuse existing code or integrate shared content from Puppet Forge to orchestrate complex tasks and deploy applications.
- The platform includes prebuilt patching task automation for Windows and Linux, which makes it easier to maintain the health and security of each host.
- Puppet Enterprise enables organizations to scale their automations across teams, without having to sacrifice consistency or safety.
- Organizations can authorize federated teams to author, validate and deliver their own infrastructure.
Integrations. Puppet Enterprise can integrate with a variety of core technologies, including AWS, HashiCorp, ServiceNow, Splunk and VMware. In addition, Puppet Server exposes multiple services through its HTTP API. For example, organizations can use the API to manage node configurations. In addition, many development tools provide integrations with Puppet.
Pricing. Puppet doesn't publish pricing information for Puppet Enterprise. Organizations interested in the product should contact Puppet sales. Puppet provides several methods for trying out the product, including the Puppet Learning VM, a Puppet Enterprise instance that will support up to 10 nodes, and AWS OpsWorks for Puppet Enterprise. Users must register with Puppet to try any of these options and to request a demonstration of Puppet Enterprise.
Support. Every Puppet Enterprise license includes Standard support, which is available during local business hours. Customers can upgrade to Premium support for more complete coverage and around-the-clock phone support. Each support request is assigned a priority level, as defined in the service-level agreement.
Red Hat Ansible Automation Platform
The Red Hat Ansible Automation Platform is an enterprise offering admins can use to build and operate automation services at scale. The platform includes Red Hat Ansible Engine for deploying resources, Red Hat Ansible Tower for managing and automating deployment, Ansible Automation Hub for finding precomposed content collections, and Ansible Automation Analytics for analyzing Ansible Tower clusters.
- Users create YAML-based Ansible playbooks to describe automation jobs in a human-readable language that can be understood by different types of users.
- Ansible Engine is based on open source technologies that enable admins to adopt automation at any scale, using easy-to-read Ansible playbooks.
- Ansible Engine provides a centralized interface for managing complex deployments, governing automation, applying role-based access controls and carrying out other tasks.
- Automation Hub offers a centralized portal for discovering content collections that provide customers with precomposed roles and modules, making it easier for them to move forward on their projects.
- Ansible Analytics can analyze Ansible Tower usage, uptime and execution patterns and provide reports about automations running across the managed environments.
Integrations. Ansible includes hundreds of modules that provide extensive integration capabilities, with support for a variety of operating systems, virtualization platforms, storage systems, network components, cloud platforms, DevOps tools and security solutions.
Pricing. Ansible pricing is based on the number of managed nodes, with discounts for multiyear purchases, larger volumes and academic institutions. But Red Hat doesn't publish the actual prices, so organizations must contact the company directly. Organizations can also register for a 60-day free trial.
Support. Ansible is available in two editions, which differ by support and features. The Standard edition offers support only during regular business hours. The Premium edition offers 24/7 support and faster responses to issues. Each support issue is assigned a priority level, as defined by the terms of service.
SaltStack is an IaC platform that's built on the open source Salt automation engine -- also referred to as Salt Open -- which users can download for free. SaltStack also offers SaltStack Enterprise, a paid SaltStack edition that offers advanced features to the Salt engine. In addition to infrastructure automation, the SaltStack platform supports security and network automation.
- SaltStack provides a single, integrated platform that can manage a hybrid cloud environment that comprises more than two dozen public and private cloud providers.
- The platform can proactively secure and maintain the entire network fabric with configuration automation.
- Customers can automate security policy checks and ensure compliance by implementing security policy as code that can be applied to all deployments.
- SaltStack uses automated remediation, integrated vulnerability assessment, and native Common Vulnerabilities and Exposures scanning to find and fix vulnerabilities.
- The platform supports event-driven infrastructure automation, which helps keep systems properly configured, while optimizing resource utilization.
Integrations. The SaltStack platform can integrate with a wide range of cloud platforms and third-party software. For example, it can integrate with AWS, Azure, OpenStack, VMware and Rackspace Hosting, as well as with Docker, Git, Red Hat Linux, Cassandra and RabbitMQ.
Pricing. Users can download the Salt automation engine for free. SaltStack doesn't publish pricing information for SaltStack Enterprise, so organizations should contact SaltStack or one of its partners for information. They can also request a free trial or demonstration, as well as a hosted, self-guided tutorial. SaltStack was recently acquired by VMware, so pricing information and policies may change.
Support. SaltStack Enterprise customers have immediate access to experts and resources through the SaltStack support portal. For specific information about the SaltStack support tiers, contact SaltStack directly.