November 9, 2018 By Steve Strutt 3 min read

Infrastructure as Code speeds deployment and reduces risk

Who doesn’t value rapidly deploying applications and environments, repeatable and consistent environment builds, and dev and test environments that mirror production?

Treating Infrastructure as Code (IAC) brings practices that have transformed application development in the last 10 years to infrastructure and services.

Manually building cloud environments quickly becomes time-consuming and error-prone. It also defeats the value that many see in cloud—the ability to build, deploy, and update applications on demand. IAC is an approach to managing infrastructure that reduces costs, speeds delivery, and reduces risk. With IAC, resources and services are created and managed programmatically through APIs rather than via a portal or command line.

Infrastructure as code patterns as reusable building blocks

Importantly, infrastructure as code (IAC) dispenses with the traditional manual processes used by IT ops teams. This is not simply writing ad-hoc scripts; you write code to provision and manage the lifecycle of your cloud from creation to tearing down. IAC describes the full infrastructure and its topology to host an application. It encompasses every step required to take a blank sheet to the full stack needed to run applications. It also defines how to tear it down again. These IAC patterns become reusable building blocks for complex infrastructures.

IAC pattern for resilient and scalable website

This code example illustrates the simplicity of IAC. It defines a reusable code block of three web-servers with security groups, a load balancer, and TLS certificate

resource “ibm_compute_vm_instance” “web-system-test” {

count = 2
os_reference_code = “CENTOS_7_64″
count = 3
datacenter = LON05”
flavor = B1_1X2X25
private_security_group_ids = [“${}”]
public_security_group_ids = [“${}”]

resource “ibm_lbaas” “lb-web-system-test” {

name = “${var.lb_name}
protocols = [{
frontend_protocol = “HTTPS”
frontend_port = 443
backend_protocol = “HTTP”
backend_port = 80
tls_certificate_id = “${}”


Resources and services are described in a friendly, easy-to-use, human-readable Domain Specific Language (DSL). This applies whether they are virtual machines, storage volumes, object storage, networks of VPCs, security groups, or load balancers.

The benefits of infrastructure as code

Treating infrastructure as code has many benefits. Handling it the same way that developers treat code and applying DevOps techniques brings mature practices that improve quality and reduce risk. Existing best practices of version control, testing, small deployments, and design patterns apply equally to cloud infrastructure. IAC is also a key enabler of DevOps as dev and test environments can be created and torn down as needed.

The benefits that adopters have found include the following:

  • The same config can be used for dev, test, and production, ensuring consistency and a known working config

  • Apps and environments can be provisioned on demand, reducing costs for dev and test environments which can be spun up as needed

  • It reduces the potential for human error while deploying apps and infrastructure

Terraform on IBM Cloud

The popular open source Terraform provisioning engine is IBM Cloud‘s infrastructure as code (IAC) tool of choice. Launched in 2014, Terraform has changed the way that infrastructure can be deployed and managed. It brings an industry standard approach to building infrastructure without the need for specialist skills.

Start by following the examples in Automating cloud resource provisioning with Terraform. Create your own Terraform configurations on IBM Cloud from the examples and how-to’s, or follow one of the tutorials to build and manage the lifecycle of complex application environments.

Was this article helpful?

More from Cloud

Announcing Dizzion Desktop as a Service for IBM Virtual Private Cloud (VPC)

2 min read - For more than four years, Dizzion and IBM Cloud® have strategically partnered to deliver incredible digital workspace experiences to our clients. We are excited to announce that Dizzion has expanded their Desktop as a Service (DaaS) offering to now support IBM Cloud Virtual Private Cloud (VPC). Powered by Frame, Dizzion’s cloud-native DaaS platform, clients can now deploy their Windows and Linux® virtual desktops and applications on IBM Cloud VPC and enjoy fast, dynamic, infrastructure provisioning and a true consumption-based model.…

Microcontrollers vs. microprocessors: What’s the difference?

6 min read - Microcontroller units (MCUs) and microprocessor units (MPUs) are two kinds of integrated circuits that, while similar in certain ways, are very different in many others. Replacing antiquated multi-component central processing units (CPUs) with separate logic units, these single-chip processors are both extremely valuable in the continued development of computing technology. However, microcontrollers and microprocessors differ significantly in component structure, chip architecture, performance capabilities and application. The key difference between these two units is that microcontrollers combine all the necessary elements…

Seven top central processing unit (CPU) use cases

7 min read - The central processing unit (CPU) is the computer’s brain, assigning and processing tasks and managing essential operational functions. Computers have been so seamlessly integrated with modern life that sometimes we’re not even aware of how many CPUs are in use around the world. It’s a staggering amount—so many CPUs that a conclusive figure can only be approximated. How many CPUs are now in use? It’s been estimated that there may be as many as 200 billion CPU cores (or more)…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters