Shifting left infrastructure
Infrastructure CI/CD (aka Infrastructure Shift Left or GitOps) is the process of automating the testing, provisioning, and management of infrastructure through a software delivery pipeline. This starts with Infrastructure as Code (IaC), which is provisioning and managing infrastructure through definition files (e.g. templates or code) and stored in version control systems. IaC provides automation to provision infrastructure and increases delivery velocity by removing the risk of human errors. Infrastructure CI/CD further automates infrastructure provisioning and management by building the entire IaC process into a CI/CD pipeline. All infrastructure updates run through a standard set of unit and integration tests, allowing reduced errors, greater security, and increased delivery velocity.
Why Infrastructure CI/CD?
Benefits
Increase release velocity
Application changes with their corresponding infrastructure changes can all share one automated pipeline, reducing complexity and increasing release velocity.
Increase reliability
Every infrastructure update is run through a standard set of unit and integration tests, identifying and addressing bugs earlier and increasing reliability.
Reduce mean time to resolution
Small code changes are encouraged which reduces the scale of infrastructure changes and isolates faults, which reduces the mean time to resolution.
How Pulumi helps
Unified delivery pipeline
Pulumi allows the same programming languages used for application code to be used for infrastructure. This allows teams to leverage the same testing frameworks and same delivery process for both.
Shareable infrastructure components
Pulumi provides a shared way for teams to collaborate with each other on infrastructure through modular and reusable components that can easily be built and shared across the entire organization.
Higher order automation
You can increase automation across the entire lifecycle of your cloud infrastructure. You can program logic that orchestrates complex workflows during infrastructure provisioning instead of needing to use Bash scripts or glue code. In addition to its CLI, Pulumi provides the Automation API, a programmatic interface for IaC, so you can build applications that dynamically manage infrastructure.
GitOps Workflow Reference Architecture
1. Pick an execution platform
There are many methods by which you can execute a Pulumi program. You need to pick a platform from which Pulumi programs will execute.
2. Define the environment/branching strategy
Define whether you want one git repo to represent your entire infrastructure or whether you want a stack per branch. The advantage of the former is simplicity while the advantage of the latter is more granularity in control over stack deployments.
3. Build the pipelines
Based on the branching strategy you chose, you can configure a pipeline per stack or a single pipeline that chooses stacks based on deployment flags.
4. Incorporate software development best practices
Legacy IaC tools can run in CI/CD, however with Pulumi, you can incorporate in all the best practice software development practices such as testing. You can design what you want to test in terms of quality issues, deployment issues, and/or code quality checks.
5. Define higher-level workflows
With Automation API, you can build higher-order orchestration type workflows across all your infrastructure deployments. You can build in serial or branching dependencies that are connected together via StackReferences.
Organizations practicing infrastructure CI/CD with Pulumi
Organizations practicing infrastructure CI/CD with Pulumi
Getting started
Talk with solution engineering
Schedule some time with our solution engineering team, and we will help you automate your entire infrastructure provisioning and management through a CI/CD pipeline.
Schedule now