Introduction
Welcome to the magical realm of Infrastructure as Code (IaC), where the enchantment of automation transforms the way we manage and deploy infrastructure. As the holiday season approaches, consider IaC as your own wizardry toolkit to gift yourself streamlined deployments and festive cheer. In this guide, we’ll unwrap the concept of IaC and take you on a journey to discover how you can build your Azure infrastructure with automation magic that’s merrier than a holiday feast.
Understanding IaC
Infrastructure as Code is more than just a buzzword; it’s a paradigm shift in the world of DevOps. It involves treating your infrastructure in the same way you treat your application code, enabling you to define and manage your infrastructure using scripts.
According to Microsoft, Infrastructure as code (IaC) uses DevOps methodology and versioning with a descriptive model to define and deploy infrastructure, such as networks, virtual machines, load balancers, and connection topologies. Just as the same source code always generates the same binary, an IaC model generates the same environment every time it deploys.
What are the benefits of IaC?
- Repeatability: IaC allows you to replicate your infrastructure with precision. Once you’ve defined your infrastructure as code, you can recreate it effortlessly, eliminating the risk of manual errors and ensuring consistency.
- Consistency: Achieve uniformity across your environments. With IaC, you can ensure that development, testing, and production environments mirror each other, reducing unexpected issues when moving between stages.
- Scalability: Seamlessly scale your infrastructure to meet changing demands. IaC provides the flexibility to adjust resources dynamically, responding to increased workloads or scaling down during quieter periods.
- Collaboration: Foster collaboration between development and operations teams. IaC promotes a shared understanding of infrastructure requirements, enhancing communication and enabling teams to work together effectively.
- Efficiency: Streamline your deployment processes and reduce deployment times. IaC automates repetitive tasks, allowing you to focus on refining your code and delivering features faster.
- Reliability: Increase the reliability of your deployments. With IaC, you can confidently deploy and update infrastructure, knowing that the process is standardized, repeatable, and less prone to human error.
Overview of IaC Tools for Azure
There are several ways to provision and create new Azure resources. We can split those into two categories: imperative and declarative code.
- Imperative code: You can use a scripting language such as Azure PowerShell of Bash to create, modify, or remove your resources. This approach may be good to create a simple resource, but as the architecture matures, those scripts may become more and more complex to manage. In the imperative approach, the scripts state how for the final state of the machine by executing the steps to get to the finished state.
- Declarative code: When you use the declarative approach, you state what the final state should be. In Azure you can use code templates to provision resources, and some of them are:
- JSON (ARM Templates)
- Bicep
- Terraform
- Ansible
- Which are the best practices? In general, the declarative code Is easier to write, read and define, and some third-party tools (such as Terraform) can also be used to provision cloud resources from other cloud providers. On the other hand, an imperative approach may have some advantages in complex scenarios where changes in the environment happen frequently. So, there is not a better approach between those two, and you will need to depend on both according to your needs.
Hands-On Exercise: Creating Your First Azure Resource with Bicep
Let’s dive into a hands-on exercise to create a simple Azure resource using Bicep, a domain-specific language for defining Azure Resource Manager (ARM) templates.
Prerequisites (You will also need those for our future exercises 😉):
- An Azure subscription. If you don’t have one, you can create a free account here.
- Azure CLI: Install the Azure CLI following the instructions here
- Bicep: Install the Bicep CLI by following the instructions here. My recommendation is to install Visual Studio Code (or VS Code Insiders) and then install the Bicep extension for it.
Verify that all the tools are installed correctly by running the following commands in your terminal:
az version
az bicep version
If you get an error, make sure that you have the correct version of the tools installed.
- Connect to your Azure subscription by running the following command in your terminal:
#Replace <subscription_id> with the id of the subscription you want to use
az login
# Select the subscription id that you want to use
az account list --refresh --output table
# Replace <subscription_id> with the id of the subscription you want to use
az account set --subscription <subscription_id>
Creating your first Bicep file
- Open Visual Studio Code and create a new file called
main.bicep
- Start typing storage. When a menu appears, select the first option res-storage by pressing Tab.
Your code should look like this:
resource storageaccount 'Microsoft.Storage/storageAccounts@2021-02-01' = {
name: storageName
location: location
kind: 'StorageV2'
sku: {
name: 'Premium_LRS'
}
}
- Now, we need to define the parameters that we will use in our Bicep file. Add the following code to the top of your file:
param storageName string = 'stg${uniqueString(resourceGroup().id)}'
param location string = resourceGroup().location
- Replace ’name’ with storageName
- Now, your code should look like this:
param storageName string = 'stg${uniqueString(resourceGroup().id)}'
param location string = resourceGroup().location
resource storageaccount 'Microsoft.Storage/storageAccounts@2021-02-01' = {
name: storageName
location: location
kind: 'StorageV2'
sku: {
name: 'Premium_LRS'
}
}
Visualize your resource
You can click on the visualizer button at the top-right corner (or press Ctrl+K and then V) to visualize the resources defined in the Bicep file.
Deploy your resource
Now you are ready to deploy the Bicep file that you have created. There is no need to compile it, so just run the following commands in the terminal.
az group create --name Bicep --location westeurope
az deployment group create --resource-group Bicep --template-file main.bicep # You can replace Bicep with your own name for your resource group
If the operation is successful, you should receive output similar to this:
Verify your deployment
Using the Azure Visual Studio Code extension
If you have installed the Azure Visual Studio Code extension, you can see the resources that you have created by clicking on the Azure icon on the left side of the screen and then selecting the subscription that you are using. You should see the resource group that you have created and the storage account that you have deployed.
Using the Azure Portal
You can head to the Azure Portal to verify the deployment of your storage account.
Search for “Bicep” or the name that you have given to your resource Group in the search bar on the top and click on the Resource Group.
In this page you can see the deployed Storage account that you created using Bicep
Delete your resources
You should always delete the resources that you are not using to avoid unnecessary costs. You can delete the resources that you have created by running the following command in your terminal:
az group delete --name Bicep --yes
Conclusion
Congratulations! You’ve just created your first Azure resource using Bicep, an Azure Storage Account. In the next articles, we are going to see how to add flexibility by using parameters and variables, to make sure you get the best out of Bicep and other IaC tools.