In this article you will read about,

• what benefits companies can gain from Infrastructure as Code (IaC) and automated IT infrastructure provisioning,
• how Kubernetes and Terraform tools simplify and standardize cloud landscape management,
• how GitOps complements classic CI/CD pipelines and improves cloud infrastructure and application management.

Today's IT landscapes are based on automated processes. But in many cases, there is still considerable potential for optimization – both in initial provisioning and in resource management over the entire lifecycle. Modern approaches and tools for the provision of cloud-based software architectures can be of help here. Kubernetes clusters, for example, have become an established means of managing containerized applications and microservices. These take over the provisioning, scaling, and management of software containers on distributed hosts in a largely automated manner. If a container fails or more computing power is needed, a copy starts automatically and takes over the tasks of its predecessor – this standardizes the management of software with Kubernetes and significantly reduces any manual effort. Agile DevOps processes, which combine the development and operation of an application, are thus optimally supported.   

The Open Telekom Cloud’s Kubernetes-based Cloud Container Engine (CCE) not only manages clusters but also adjusts the lifecycle of running containerized applications. Easily configurable functions such as autoscaling and load balancing ensure that a Kubernetes cluster scales automatically as required. New containers, virtual or physical machines thus significantly expand the performance of applications. This scaling can take place regularly during operation and without downtime. This means that immediate cost benefits can be achieved through dynamic resource utilization in the cloud.

To simplify and accelerate the provisioning of resources such as servers, storage, databases, and also Kubernetes clusters, more and more companies are turning to virtualized hardware from the cloud. They mostly use providers of Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) and avail of offerings such as the Open Telekom Cloud. Infrastructure as Code (IaC) is a good way of automating the management of growing IT and cloud infrastructures. This refers to the provision of infrastructure – such as computing power and storage space – using machine-readable code. IaC can also be understood as "programmable infrastructure": Hardware is programmed as executable code that can be adapted at any time. The infrastructure becomes reproducible, and changes can be tracked.

Virtualization and technologies such as software-defined storage enable management without manual access to the machines. Users are provided with interfaces or tools such as Terraform that help them define resources in a simple code language and automate resource management.  In other words, infrastructure is described using configuration files and scripts to speed up the provisioning and management of the environment. Because the configuration files are reusable, users with IaC significantly reduce the time needed to provision new environments and achieve a high degree of standardization – unlike, for example, "snowflake" servers. This effect, also known as configuration drift, occurs when administrators manually change the configurations of servers and don’t document them enough. IaC prevents this through standardized modules that can be automatically rolled out multiple times.

A widely used IaC tool is the open-source tool Terraform. It simplifies the description and provisioning of cloud infrastructure such as servers, load balancers, firewall settings, and almost all other components of an IT infrastructure. As a result, infrastructure constructs can be reused and don’t need to be completely reconfigured. Terraform is cloud provider-independent: IT resources can be described in a standardized way, and with small adjustments rolled out to different cloud environments.

For this purpose, Terraform uses the domain-specific, specially developed HashiCorp Configuration Language (HCL) to describe configuration files for IT infrastructures. It is easy to learn, understandable, and enables users to build, modify, and version infrastructures with reusable modules. Once an infrastructure is described in such a configuration file, Terraform generates an execution plan that lists exactly which components are deployed and which will be modified or deleted. To enable this, Terraform stores its state in a file that is usually encrypted and stored in the cloud, such as in the Object Storage Service.

Terraform unifies the provisioning across disparate providers and enables easy multi-cloud setups without the need for additional tools or learning another language. The individual cloud providers are listed with their plugins in the Terraform Registry as Terraform providers. There, Open Telekom Cloud users have access to Terraform opentelekomcloud, which provides services such as Object Storage Service, Relational Database Service, Auto Scaling, and many more. The Open Telekom Cloud Terraform Provider is being agilely developed by T-Systems on a weekly basis.

• Cross-provider, cloud-independent model
• High standardization and reusability of configuration files and modules
• Automation of processes and elimination of manual intervention
• Rapid bug fixing and consistent code quality
• Version control and easy documentation
• Easy-to-read, domain-specific language
• Widely used, with prior experience and best practices.

Terraform and Kubernetes are powerful basic tools for creating and managing entire IT landscapes automatically. Both were originally developed from the DevOps concept, which aims to effectively dovetail development and operations in a project team and achieve the highest possible level of automation.

This creates numerous new opportunities. The goal of the GitOps concept, which takes its name from Git, the version control system familiar from software development, is to use these in an even more structured way. GitOps is a further development and concretization of DevOps. The basic idea: declarative config files, such as in Terraform and Kubernetes, define the target configuration of the respective system and are stored in a Git repository. In this version management, users can track configuration changes with their effects, test them reproducibly, and check them according to the four-eyes principle. If changes are accepted for a specific environment (such as "development," "test," or "production"), this leads to an automatic system adaptation. Unlike the established concept of continuous delivery, here it’s not a pipeline that takes care of system adaptation, but rather a system-specific software agent. In this way, the rule that all changes must be versioned by Git is observed. The software agents act like digital administrators: They monitor both the real system state and the target configuration in the version management and restore the target state in the system when the configuration changes. If the agent is faced with unsolvable conflicts, the development team is notified.

Tools such as Kubernetes and Terraform provide the users of the Open Telekom Cloud with every opportunity to significantly simplify and accelerate provisioning processes using declarative configuration files. The IaC approach harmonizes perfectly with DevOps, forms the basis for GitOps, and ensures that development and operations continue to move closer together. In this way, the distributed provisioning of software and the provisioning of cloud infrastructure can be largely automated in an integrated process – at lower costs and with significantly less effort.