Tech has no shortage of buzzy new technologies – and cutting through the hype to see what will actually impact the enterprise can be challenging. We're here to help. Starting in 2021, our contributors will give a rundown on an emerging tech and whether or not it'll pay off to pay attention to it. For DevOps in 2021, here’s our look at "everything as code."
What is Everything As Code?
Everything as code (EaC) refers to the idea of managing all aspects of software development, delivery and management by defining and codifying the infrastructure, schema and pipelines used to create, maintain, iterate or expand app development. In other words, when you take an everything-as-code approach to development and IT, you use policy files to govern the way software is built, deployed, monitored and so on. It’s a bit of a metaphor extension – applying the application development approach to other components of IT (including DevOps) to ensure that best practices get defined and followed with a minimum of effort.
If you're a developer or IT engineer, it's easy to appreciate the value of EaC. EaC enables a highly repeatable and scalable approach to tasks (like provisioning infrastructure or managing application deployments) that would otherwise have to be performed tediously and manually.
The everything as code approach also offers the benefit of reducing the risk of human error: When all of your workflows are defined as code, you no longer have to worry about an engineer forgetting to do something or clicking the wrong button by mistake. EaC makes auditing easier, too, because you can use your EaC configurations to determine what was done to your systems.
How Long Has It Been Around?
At its core, EaC is not at all a new idea. It has been around in certain isolated forms for a number of years, and has become widely popular as a solution for certain types of DevOps workflows.
Infrastructure as code, or IaC, is the most prominent example. IaC lets developers and IT Ops engineers write files that define how servers should be set up. Then, IaC tools (like Terraform or AWS CloudFormation) apply those configurations automatically.
GitOps, which has come into vogue in the past couple of years, is another manifestation of EaC-type thinking. GitOps centers around using Git to manage IT operations.
More generally, I'd argue that Kubernetes basically boils down to an everything-as-code platform because it lets teams use YAML or JSON files to control almost all aspects of software deployment and management. Indeed, although the appeal of Kubernetes is rarely explained in these terms, I sometimes think that the main reason Kubernetes has become so popular is because of the way it unifies all operations around code.
Why Are People Paying Attention to It Now?
Although, again, EaC is not a new practice, it has picked up steam in the past year or two due to the convergence of a few interrelated factors.
One is that more tool vendors are actively embracing everything as code. They are taking what you might call an EaC-first approach to tool configuration and deployment by assuming that developers and IT engineers want to manage everything with code files.
Take Kubernetes, for example. You can manage Kubernetes through a Web UI if you wish. But it’s designed first and foremost to be managed via code files. The same could be said (as other examples) of most public cloud services or CI servers: They have optional graphical frontends, but they work best at scale when they are managed via code.
The fact that many dev and admin tools have settled on common configuration formats has also helped drive the EaC trend. Virtually all EaC-compatible tools use YAML or JSON as their configuration language. The standardization of configuration file formats makes it easier for practitioners to use the same language and the same methodology to manage all of their tools.
Finally, the ability to build and manage entire application delivery pipelines using EaC is helping to drive EaC’s popularity. It was one thing when you could use EaC to manage one or two tools within your CI/CD workflow. But when you can manage all of your tools through code, EaC becomes exponentially more valuable. It allows you to ditch other tools and processes and standardize all operations around a single approach.
Who Benefits From It?
EaC benefits developers and IT engineers in equal measure by helping them to work more efficiently. It also helps them scale their operations by reusing the same configuration files and tools across large-scale environments.
Other stakeholders benefit indirectly from everything as code. Compliance officers will appreciate the consistency and lower risk of human error that EaC brings to IT environments and processes. Security teams like EaC for similar reasons. Even HR may see value in EaC to the extent that it allows different employees to apply the same tools and processes across the IT estate, thereby reducing dependency on key employees and the specialized knowledge they offer. When you manage everything through code, it’s less of a big deal if an employee who managed a critical system decides to leave.
Where Can You Get It?
As noted above, a variety of tools now support an EaC approach.
Tools like Amazon Macie, Google Cloud Data Loss Prevention and Open Raven apply EaC to data protection in the cloud by letting admins write policy files that help find sensitive data and restrict access to it.
Security vendors like Palo Alto are embracing "Security as code," which is EaC applied to security.
APM and monitoring tools like Datadog play up “monitoring as code,” which is a form of EaC. You could also interpret incident response tools that use AI and predefined playbooks to automatically remediate problems as an example of EaC because they use policy files to automate incident response.
In short, everything-as-code concepts seem to be entering realms that extend far beyond EaC's original strong suits, like infrastructure provisioning. That trend is likely to continue, and help define the directions that DevOps takes in 2021.