Provisioning vs Configuration Management with Terraform

Intro to Terraform & Infrastructure as Code

One of the mottos I live by is Albert Einstein says that goes like this: “If you can’t explain something simply, you probably don’t understand it well enough”.

Every now and then there is the introduction of new concepts, methods, or ways of doing this that revolutionized the IT industry and push it a needle forward. These words pretty much sum it up: Version control, Agile, CI/CD, DevOps, Site Reliability Engineering, Cloud Computing, Virtualization, containerization, Orchestration, Infrastructure as Code, etc.

Now, with these new concepts, methods, and ways of doing things — come tools — Lots of them. They are built to provide the medium for IT professionals to implement those new concepts, methods, or processes for their Organizations. Here is an illustration:

source: jamesbowman.me

• Terraform is one of the most popular tools for Infrastructure-as-code.

source: terraform.io

As you might know, there are various other tools available in the market you can use to achieve all of these new concepts, methods, and ways of doing things, and figuring out which one to choose can be such a drag.

When it comes to choosing these tools, it’s important to understand the following details and factor them into the decision making:

- Configuration Management vs Provisioning
- Procedural vs Declarative
- Mutable vs Immutable Infrastructure
- Master vs Masterless
- Agent vs Agentless
* Which tools has a Large Community vs Small Community — Tool documentation, etc

In this article, I’m going to explore Configuration management vs provisioning. How they differ but yet relate to each out and show a small demo.

Configuration Management vs Provisioning

What is Provisioning?

Provisioning is the process of setting up IT infrastructure. It can also refer to the steps required to manage access to data and resources, and make them available to users and systems. Once something has been provisioned, the next step is configuration.

CloudFormation, Terraform, Ansible, Salt, Vagrant, Puppet, Docker, etc are tools that can be used for provisioning.

These tools are designed and set up to provision the infrastructure desired such as servers (VMs), load balancers, databases, networking configuration, etc. Leaving the configuration job to configuration management and its tool.

What is Configuration management ?

Configuration management is a systems engineering process for establishing and maintaining computer systems, servers, and software in a desired, consistent performance — state. Managing IT system configurations involves defining a system’s desired state — like server configuration — then building and maintaining those systems.

Chef, Puppet, Ansible, Octopus Deploy, TeamCity, Bamboo, Terraform, etc. can also be used as configuration management tools.

In this case and context, they are designed or set up to install packages or software, manage software and configurations on existing infrastructure. By now you must have noticed that the same tools that are used for provisioning and also or can also be used for configuration management. That’s because:

Provisioning and Configuration Management are not mutually exclusive. Most configuration management tools can do some degree of provisioning and vis versa.

But keep in mind that some of these tools are going to be a better fit for certain types of tasks. which taking to account your IT organization setup and what you’re trying to achieve. That being said, most of the time, a good alternative is to use a configuration management and provisioning tool together.

For example, using Terraform for provisioning while running Chef to configure your infrastructure — or using Ansible to provision your infrastructure while running Chef for configuration management or whatever that works for you.

Understanding WHAT a tool is doing is important while deciding which tools to use. After you have made your choice on which tools you’re gonna use, then you can do more research or training on HOW to do it.

Most importantly, understanding WHY we are using the tools in the first place or doing things the way we are doing them is key to implement a pretty cool and successful IT infrastructure for your organization.

Ideally, when implementing a new solution or change to your infrastructure. Try to simply define that and communicate to others in the organization as follow:

We have a problem or issue X — that we can fix with concept or technology Y — using tool or platform Z

To learn more, check some very insightful reading on the DPBoK

Terraform Showcase

For this showcase demo, we’re looking into a demo Nodejs project, The entirety of this project was written and designed for SEIS 664 IT Delivery course — grad school level, at the University of St. Thomas (St. Paul, MN) by Professor Charles Betz. Feel free to check out the Gitlab repo, the course content, and the demo project to learn more about it.

• This project is hosted on Google Cloud Platform and set up to use:

Docker for containerization: Containers allow you to create self-contained isolated environments for running your applications. They have some significant advantages over VMs in terms of implementing Immutable Infrastructure model

Kubernetes for Orchestration: running containers at scale is quite different and a special class of tools, known as orchestrators, are used for that task. this is where Kubernetes come in.

Kubernetes deployment manifest

The following kubectl command can then be used to create Deployment objects inside the Kubernetes cluster:

$ kubectl apply -f deployments.yaml

source: kubernetes.io

Running applications at scale means running multiple containers spread across multiple VMs. This can cause issues such as load balance concern between all of those application containers and defining a single entry point for connecting to the application. This is where Kubernetes Service manifests comes in and looks like this:

Kubernetes Service manifests — For my Nodejs demo project

Terraform for provisioning & config managment: Kubernetes cluster can be described using Terraform so that it’s managed through code.

We are using Terraform code to create a Kubernetes cluster; cluster that should be created. Using Terraform input variables to parameterized the creation of the cluster allows you to easily change configuration parameters. This done as follow:

main.tf holds all the information about the cluster that should be created

Parameterized the cluster creation using Terraform input variables which allow you to easily change configuration parameters:

Now, the Terraform cluster can be rebuild by ruing the following script:

Screenshot of provisioning using Terraform

GitLab for source Code Management — CI/CD pipeline: The following is what a Gitlab CI/CD script looks like for this project:

We have created the cluster and provision the resource infrastructure needed for our app to run — Now let’s check what we have so far:

Now you can notice that they are not pods running. That’s because the build and deployment need to be run through the automated Gitlab CI/DC pipeline:

Done! 😎🥳 And with that, I now have every aspect of my application managed through code — which is the base of Infratcure as code. All the resource created can simply be destroyed or “de-provisioned” by running the following terraform script:

Screenshot of de-provisioning using terraform.

If you enjoy this, you might also like: Github Actions: How to deploy Angular App to Firebase Hosting

Cheers!!!