Infrastructure as code (IaC) is an approach to managing IT system infrastructures that relies on the use of repeatable configuration files to generate consistent deployment environments for CI/CD development.
Infrastructure as code refers to provisioning and managing infrastructure, including hardware, virtual resources, platforms, container systems, services, and topologies, through declarative or scripted definitions—code—rather than through manual configuration or the use of traditional configuration tools. IaC separates configurations, policies, profiles, scripts, and templates from the hardware or software on which they are deployed so they can be stored, shared, revised, and applied like code can.
This approach, which has grown with the popularity of cloud infrastructures, springs from a DevOps mindset and applies the same kind of version control and repeatability to orchestration of the infrastructure as developers use for app source code. An IaC approach supports continuous integration, delivery, and deployment by creating the same infrastructure environment every time it is applied.
The ability to treat infrastructure like code brings the benefits of automation, visibility, efficiency, and scalability to infrastructure management so that applications can be deployed more rapidly and reliably, with less manual effort and risk of human error or security vulnerabilities. Because configuration is decoupled from the system, it can more readily be deployed on a similar system elsewhere. In this way, it reduces the challenges of migrating from a data center to a cloud or from one cloud to another.
IaC also supports agile development and CI/CD strategies by ensuring that sandbox, test, and production environments will be identical and remain consistent over time because they’re all configured with the same declarative code or scripts.
IaC configuration of servers, load balancers, virtual machines, and other data center or cloud resources can be accomplished either by imperative approaches that specify instructions (without detailing the outcome) or declarative approaches that specify the desired configuration outcome (without detailing how to get there, which can be based on pre-existing workflows and templates). The difference can be compared to asking for a sandwich and trusting the sandwich maker to know which steps to take and in what order (declarative)—or specifying every step required to make it without necessarily mentioning that they’ll result in a sandwich (imperative).
Whether a declarative or imperative approach is used, IaC automates provisioning and infrastructure management.
The F5 BIG-IP platform can be treated “as code” with plug-ins or F5 Application Services 3 (AS3) extensions for IaC configuration and versioning tools such as Terraform and Ansible.
The F5 Automation Toolchain incorporates AS3 extensions and F5 Declarative Onboarding (DO) extensions. AS3 is a flexible, low-overhead mechanism, based on JSON declarations, for configuring L4–L7 application services on a BIG-IP system. DO extensions enable declarative L–L3 onboarding for BIG-IP products.