From Infrastructure as Code to Environment as Code Challenges scaling IaC and how to resolve them Adarsh Shah Engineering Leader, Coach, Public Speaker Founder & CEO at zLifecycle @shahadarsh 
 https://zLifecycle.com @shahadarsh https://bit.ly/eac-dod-tampa

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Terminologies Components: A logical grouping of 1 or more Infrastructure Resources or Applications that get provisioned together. For example, Networking is an Infrastructure Component with various Infrastructure resources like Virtual Private Cloud(VPC), Subnets, Internet Gateways, Route Tables, etc. Environment: A logical grouping of all the Components that are needed to run business applications. The grouping includes components like networking, eks, database, k8s apps, etc.

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Infrastructure as Code Infrastructure as Code (IaC) is an approach that takes proven coding techniques used by software systems and extends it to infrastructure. It is one of the key DevOps practices that enable teams to deliver infrastructure, and thereby software running on it, rapidly and reliably.

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Evolution of IaC Setup networking + eks + …. Monolith IaC networking eks website postgres networking networking + eks + …. ec2 website eks postgres ec2 Breaking into Separate & Smaller components + +

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Evolution of IaC Execution From Engineers machine IaC Pipeline/GitOps execution from a Shared Environment

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa • Option 1 • Create a Monolith IaC • Option 2 • Hand-roll Pipelines - Imperative • Manage Complex Dependencies Options for Entire Environment Provisioning

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Other Challenges scaling IaC Replicating Environments is a pain Not easy to visualize/understand Environments Drift Detection Not straightforward to 
 promote changes Dev QA Prod

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa What is Environment as Code?

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Environment as Code networking eks website postgres networking website eks postgres Declarative Environment as Code +

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Environment as Code

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa IaC vs EaC Infrastructure as Code Automates various Lego Pieces 
 (i.e. Infrastructure Resources) Environment as Code Automates how those Lego Pieces 
 are connected to make up a Lego Toy 
 (i.e. Entire Environment)

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Environment as Code Environment as Code (EaC) is an abstraction over Cloud native tools that provides a declarative way of de fi ning an entire Environment. It has a Control Plane that manages the state of the environment, including relationships between various resources, Detects Drift as well enables Reconciliation.

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Imperative to Declarative HOW Pipelines EaC WHAT

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Provision Environment Environment as Code Environment State (Manages dependencies, status etc. ) State networking eks State website postgres State networking website eks postgres Provision Reconcile Declarative Detect Drift Control Plane +

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa networking website eks postgres Teardown Environment Environment as Code Environment State (Manages dependencies, status etc. ) State networking State website eks postgres State Teardown Reconcile Declarative Detect Drift Control Plane +

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Attributes of Environment as Code

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Ability to de fi ne Entire Environment

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Environment as Code networking platform-k8s k8s-addons postgres networking eks website postgres Declarative Loosely Coupled

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Manage State for the entire Environment Example Environment State File

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Idempotent and Immutable for entire Environment

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Non-Idempotent Provision VM VM VM { } IaC 3 VMs End State
 Expected = 3 Actual = 6 Idempotent End State
 Expected = 3 Actual = 3 Reapply VM VM VM Provision VM VM VM Reapply No change { } IaC 3 VMs

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Provision v1 v1 v1 User Mutable Infrastructure { } IaC Apply changes v2 v2 v2 Change { } IaC v1 v1 v1 Provision User Provision v2 v2 v2 User Immutable Infrastructure { } IaC Change { } IaC Deploys v2 to same Infrastructure Provisions new Infrastructure with v2

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Visualize and Understand Environments

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Drift Detection and Reconciliation Reconcile (Preferably with Approval step that shows the plan) Desired State Current State Control Loop Observe/Detect Drift

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Compare and Promote Changes between Environments Compare & promote changes across environments GitOps for Entire Environment

@shahadarsh https://zLifecycle.com https://bit.ly/eac-dod-tampa Create Pull Request, EaC Validate Validate Approve & 
 Merge PR Control Plane Reconcile GitOps for Environment EaC Trunk networking platform-k8s k8s-addons postgres Observe Branch networking eks website postgres

Adarsh Shah Engineering Leader, Coach, Public Speaker Founder & CEO at zLifecycle @shahadarsh 
 https://zLifecycle.com Thank You @shahadarsh https://bit.ly/eac-dod-tampa