Infrastructure As Code

Highlighted
Occasional Contributor

Hi, 

 

I've been working with ARM for a good few years now, and need to make a decision if I stick with ARM or move to Terraform, I am very much Azure focused and don't work with other cloud providers.

 

I've worked with both Terraform and ARM and find ARM easier to use probably because I have been using it for a long time. but I was told that Microsoft actually uses Terraform to build-out resources in Azure and not ARM - is this correct?  I mean I'm not really sure what Microsoft would be building in Azure other than services for other customers, but just wondering if that was accurate? 

 

Anyway - With the new features of ARM becoming available, like dry run, etc i can't see why a purely Azure-based service would not use ARM?

2 Replies
Highlighted

@JacksWastedLife In my view, automated deployment on Azure and Infrastructure as Code (IaC) are two different things. You can automate all your deployments without achieving IaC. However, by creating IaC you will achieve both. In case of automated deployment you are just provisioning the resources but IaC is actually a replica of your infrastructure meaning if your infrastructure is broken you can just run the code to rebuild it including all the configurations and applications installed within you VMs.

Personally I find ARM templates are very useful and easy for programmatic or automated provisioning of Azure resources. I do not think you can achieve IaC by only using ARM templates. However, you can use PowerShell DSC with ARM templates to achieve IaC. 

On the other hand, Terrafom or Ansible are also good choice if you want to achieve IaC. They have various modules that you can use to automate pretty much everything starting from Azure resource deployment to installing and configuring your application within a VM. Still sometimes you may need to use PowerShell/Shell commands to achieve some automation for which modules are not yet available.

Please keep in mind when you are targeting IaC, your objective should be automate as much as possible. So, it really depends on you or your organisation want to achieve. Do not proceed with anything without a proper road-map and architecture. Please let me know if you have any further query.

 

Thanks,

Rohan Islam | Azure Architect

 

Highlighted

@rohanislam this reply was really helpful IMO.

I'm looking to move to IaC for a whole bunch of lift-and-shift migrations...I've worked with DSC in the past but found the MOF steps a bit obtuse. With new DSC moves to support JSON, I think this will make DSC more appealing for practical use.