Skip to main content

Infrastructure as code

Cloud example

Before we discuss GitOps at the edge, we should first discuss how infrastructure as code (IAC) works in the cloud.

Terraform is the most common technology used for IAC in the cloud. The following is an example of a basic terraform configuration to create an EC2 server instance in Amazon Web Services (AWS).

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.16"
    }
  }
  required_version = ">= 1.2.0"
}
provider "aws" {
  region  = "us-west-2"
}
resource "aws_instance" "app_server" {
  ami           = "ami-830c94e3"
  instance_type = "t2.micro"
  tags = {
    Name = "ExampleAppServerInstance"
  }
}

If you have terraform and your proper AWS credentials installed, then you can run the command terraform apply on this configuration and you will have a new EC2 server instance show up in your AWS console. Easy.

You can use the same approach to create Kubernetes clusters in the cloud, although the configuration is a bit more complicated.

When you apply that terraform configuration, AWS software creates a virtual machine on one of its physical servers and assigns it to your account. The reason this works is because the servers are already sitting there unused and ready in an AWS data center. Someone already bought the servers, installed the servers in the racks, installed the operating system, installed the agents and configured the networking. That's a lot of stuff.

We don't have the luxury of all that stuff having already happened at the edge. How do we make all that stuff happen?

Roles

There are three roles in managing infrastructure as code:

  1. Provider: the organization that provides the physical servers
  2. Deployer: the organization that is specifying the configuration of the physical servers
  3. User: the organization that is installing applications on the configured servers

In a small company with a data closet, the same organization could be all three roles. In a large company, the cloud provider such as AWS is the provider, the company's DevOps team is the deployer and the software development teams are the users.

At the edge, we need the same roles. We also need to enable an organization to assume only one role or multiple roles.

Edge example

Let's walk through how IAC works at the edge.

  1. The Deployer organization has determined that it needs to have edge nodes running at five warehouses
  2. The Deployer writes a configuration file of what type of node needs to be deployed
  3. The Deployer also writes a configuration file of where the nodes should be shipped for installation.
  4. The Provider organization receives the configuration files from the Deployer.
  5. The Provider installs the OS, configures the networking and installs the agents on the nodes.
  6. The Provider ships the nodes to the specified locations
  7. Someone onsite plugs the nodes into power and network and turns them on.
  8. The Deployer now sees the nodes in its monitoring system.
  9. The User can now deploy applications to the edge nodes.

Edgecell provides a solution for making this happen. The Tutorial can walk you step by step on how this works.