Bringing software development practices to your infrastructure

A presentation at JAWS PANKRATION 2021 in November 2021 in by Jenna Pederson

Slide 1

Slide 1

#JAWSPANKRATION Bringing software development practices to your infrastructure @jennapederson

Slide 2

Slide 2

What is Infrastructure as Code? Code that lets you automate deployments of your infrastructure to facilitate both scaling and quicker, repeatable deployments. @jennapederson

Slide 3

Slide 3

Infrastructure as Code IS Code Version control it Code review it Test it Deploy it to each environment with CI/CD @jennapederson

Slide 4

Slide 4

wo on m e rks my ac hin (or account or region) What happens when infrastructure code breaks? The blast radius is much wider. More resources, regions, accounts, customers, and dollars are impacted. @jennapederson

Slide 5

Slide 5

Why Test Infrastructure? The cloud makes it easier and quicker to provision infrastructure, but there is complexity with that scale. @jennapederson

Slide 6

Slide 6

Slow + Expensive Manual Tests Failing Fast Balance fast and cheap tests with more expensive tests that are closer to the real infrastructure and production environment. System Tests Integration Tests Contract Tests Unit Tests Fast + Cheap

Slide 7

Slide 7

Benefits of TDD Reduced defect rates Improve the overall design Focused on requirements Focused on small chunks Serves as documentation Confidence @jennapederson

Slide 8

Slide 8

The Flow RED REFACTOR 3. Make it better

  1. Write a failing test GREEN GREEN
  2. Write only enough code to make it pass

Slide 9

Slide 9

What is a unit test? Exercises a small part of your application, one unit, and verifies that it’s correct. Get feedback early on to shorten the feedback loop between changes Serves as documentation Can be run in your CI/CD tool Isolated from other resources and external APIs @jennapederson

Slide 10

Slide 10

Unit Testing Infrastructure Code Apply the same process to your infrastructure code. @jennapederson

Slide 11

Slide 11

A unit test checks: If a resource will be created with the correct configuration The correct number of resources will be created Dependencies between resources are correct Interpolated values are correct @jennapederson

Slide 12

Slide 12

Example Unit Test

Slide 13

Slide 13

How do we go from code to infrastructure?

Slide 14

Slide 14

What is an Integration Test? Tests the interactions across different units or modules, or in the case of infrastructure testing, across cloud resources. Verifies your provisioned cloud resources are created and configured as you expect them to be. Gives you confidence in infrastructure at scale and at velocity. @jennapederson

Slide 15

Slide 15

Chef InSpec Open-source framework to test and audit cloud resources IN the cloud Tests are written with a DSL Can be used across teams Test resources that are managed manually or with code Ensures requirements are met at every stage of the SDLC @jennapederson

Slide 16

Slide 16

Example Integration Test

Slide 17

Slide 17

Detecting Drift Use InSpec to compare the desired state with the actual state of your cloud resources. Can be used against any resources, regardless of how they are managed. @jennapederson

Slide 18

Slide 18

Without CI/CD Development Test Staging Production @jennapederson

Slide 19

Slide 19

With CI/CD Development Test Staging Production @jennapederson

Slide 20

Slide 20

Wrapping Up Infrastructure code is like any other code, treat it as such. Testing is never done, even once you reach production. It’s cheaper to detect broken code early. @jennapederson

Slide 21

Slide 21

Thank you! @jennapederson /in/jennapederson jennapederson https://jenna.link/hq7