How to Scale Your AWS Infrastructure as Code with Torque from Quali
By Edan Evantal, Chief Technology Officer – Quali
Deploying infrastructure as code (IaC) on Amazon Web Services (AWS) implies using the methodologies of a code developer for AWS infrastructure provisioning. But how do you reconcile the diverging needs of Dev and Ops?
On one hand, IT often defines and controls cloud allocation, expertise, security policy, and budget. On the other hand, development teams often must wait a long time (hours, days, weeks) to get the environments they need to test, stage, and release their applications.
Yet, these teams are under pressure to release faster and more frequently.
The promise of the DevOps culture was to solve these problems simultaneously, by removing silos and using an automation-first approach.
However, the roll out of DevOps initiatives at scale hit some limitations. In particular, it resulted in some teams seeing transformative benefits, but the majority were “stuck” in their efforts with middling results, and too many saw next to no real benefit.
This point was highlighted in Puppet’s recent 2021 State of the DevOps report (signup required): “Even though DevOps is everywhere, it’s rarely done well at scale, particularly at the enterprise level.”
In this post, I describe why implementing DevOps at scale is a challenge, and how an environment-as-a-service (EaaS) approach using Quali Torque can overcome these challenges. Torque enables developers to access their application environments on demand while ensuring governance for the ITOps team.
Using IaC to Implement DevOps: Benefits and Limitations
The foundational approach for most companies adopting DevOps is to embrace an automation-first approach using a range of tools.
At the core of this approach is an operating principle to manage all resources—including increasingly ephemeral infrastructure—in a programmatic way. Thus, infrastructure as code was born.
IaC formulas can be injected into higher-level workflows that ultimately provide a continuous integration and continuous delivery (CI/CD) pipeline for any application that requires updates.
IaC does not specify the requirements of the application that will eventually be deployed. Although it allows for great flexibility, it doesn’t fully answer the needs of the developer.
Put another way, let’s use the analogy of building a greenhouse because we want to grow a variety of plants. In our scenario, IaC tools will build a “greenhouse structure” from the ground up, and then try to fit in the plants (the application).
It all works fine initially, but as you grow your plants, the same greenhouse structure becomes too small and inflexible to meet the needs of a variety of plants. In other words, IaC addresses the need to automate initial deployment but falls short when it comes to ensuring you always have the right combination of resources (or environment) at each stage to run a variety of applications.
This gap comes to light as different application teams—with different budgets, security, and cloud resource requirements—look to build and deliver more and more applications.
Further exacerbating these challenges is the fact the expert knowledge required to develop cloud infrastructure requirements is different for each cloud provider. Even some of the more flexible tools still require a significant understanding of infrastructure components and configuration complexity behind the scenes, such as advanced DNS and networking configuration.
This results in developers having to take time away from building new apps and features, or it creates a bottleneck dependency on an often too-small pool of cloud infrastructure experts who are spread too thin. Organizations frequently struggle to build and maintain these skills in-house, and at great cost.
The Application as a Way to Empower Developers
DevOps empowers application developers and everyone involved in building and delivering software. To support this mission, Quali recently introduced its SaaS-based environment-as-a-service (EaaS) platform called Torque, which takes an entirely different approach to traditional IaC solutions.
Instead of starting from the infrastructure and working our way up to application requirements, what if we started from application requirements and went from there? Returning to our greenhouse analogy, let’s worry about the plant first, and then build a modular greenhouse around it that changes based on the specific requirements the plant needs to thrive as it matures.
Based on the principles of self-service, Torque offers a simple experience for the developer, quality assurance (QA) engineer, or frankly anyone by providing the ability to define and deliver full, ready-to-run application environments on demand.
With Torque, IT managers gain the ability to fully control allocation of environment resources through policies that can scale across the organization, without adding friction to the development process. Torque also offers a comprehensive dashboard that provides insight on cloud consumption and future needs for each application initiative.
Application architects get to focus more time on the applications themselves and the productivity of development teams, as opposed to being required to understand the intricacies of cloud constructs.
Developers, site reliability engineers (SREs), and other DevOps product team members get to quickly connect Torque to their CI/CD solution of choice and start delivering environments as a service throughout the application lifecycle.
Fast Time to Value: Powering Up Your DevOps Initiatives
The onboarding process with Torque is quick and straightforward. Just configure an AWS Identity and Access Management (IAM) role in the SaaS portal and in a few steps your AWS account is configured in Torque. Then, the administrator adds users and groups to map to your organization, set up roles and permissions, define a Git repository for the blueprints, and add continuous integration tools as needed.
You’re now ready to let developers, SREs, and other DevOps product team members start designing blueprints. The Torque platform has built-in sample blueprints that allow you to quickly model the application template to meet your organization’s needs.
Figure 1 – Example of a Torque application blueprint.
Torque’s recently launched Community has been tasked with accelerating the contribution of new blueprints, making it even faster to start realizing value.
After the blueprints are defined, they’re published to a self-service catalog so developers, testers, and whoever else can start deploying environments as needed. Automation takes care of both the deployment and termination of these environments according to the usage policies defined, which means cloud consumption (and cost) is contained within the period the environment is needed.
Figure 2 – Application sandbox deployment: accelerating time to value with automation.
The administrator now has access to an out-of-the-box dashboard that provides an aggregated summary of cloud spend by application deployment effort and predictive analysis of future cloud spend.
Torque in Action
One of Quali’s customers, a leader in public sector technology created from the acquisition of four software companies, found it difficult to move their legacy systems to the cloud and support their growing products without uncontrolled cloud spend and a decrease in product quality.
Their development teams were spending cycles setting up the environments they needed instead of focusing on building and testing their applications, which impacted productivity, product quality, and time to market.
After two failed attempts to move their applications to AWS through automation, the CTO began searching for a solution that would speed time to market, increase productivity, automate complex processes, and improve product quality.
Already using Ansible and Terraform open source, the customer briefly considered building a solution in-house but didn’t see that as a viable option. They realized these powerful tools required specific skill sets from dedicated infrastructure experts that would take resources away from building and innovating on the product.
To resolve their challenges, the company needed a platform that met the following requirements:
Offers easy self-service access to Proof of Concept (PoC), Dev, and Testing environments.
Automates the environment lifecycle on AWS from set-up to tear-down.
Manages updates, deployments, and rollbacks of the Production environment.
Easily automates using existing scripts.
Creates dynamic sandboxes with parameterized blueprints for each use case.
The customer’s application environments consume a variety of native AWS services, and the CTO ultimately decided to adopt the Torque platform considering Quali’s long-standing commitment to automation and our existing relationship with AWS.
By adopting the Torque platform, this company can now expect to achieve their goals:
Speed time to market.
Increase the productivity of the Dev teams.
Automate business processes.
Improve product quality.
In summary, infrastructure as code (IaC) alone can’t fully resolve the conflicting needs of developers and ITOps team.
An environment-as-a-service, application-first approach helps remove the bottleneck of IaC expertise, while keeping security and compliance control in the hands of the ITOps team.
Quali Torque provides a powerful SaaS platform for AWS customers looking to scale their IaC investment and truly adopt DevOps practices across their organization.
Learn more about the Torque platform on AWS Marketplace.