Infrastructure as Code? Don’t forget the testing!

October 20, 2020 Claranet Limited

James MacDonald
Cloud Consultant
CLARANET

My colleague Sandy Simcox recently wrote about how Everything as Code should be the real destination. Adding automated testing to your Infrastructure as Code (IaC) is one of the next steps in that journey.  

One of the main benefits to using IaC is being able to have pre-approved, repeatable sets of infrastructure that can be deployed over and over again with minimal deviation between deployments.  

Now that you are repeatedly deploying your infrastructure as code or want to get started in doing so, it’s time to start talking about testing to gain the confidence that your infrastructure is deployed and functioning as it should be. Considering in a typical software development cycle, if testing of the code and end-product plays such an incredibly important part, why should your infrastructure development cycle be any different?  

As with automated testing of your software development, the end goal with your infrastructure development is to verify your code so that the end-result works as expected after every single commit and update. 

There are many players in this space that can be used to test your infrastructure. All follow the workflow of: 

  1. Declare the desired state  
  2. Get the current state  
  3. Validate the desired state  
  4. Output the test results  

When adding in a CI\CD pipeline to deploy your infrastructure the testing of the infrastructure can be run at the end with the results output to that deployment run. Nightly runs of your tests can also run to confirm if there has been any drift in your desired infrastructure state, with the results either emailed to the teams responsible or added to your Microsoft Teams channel as part of a morning check. 

The testing can be as advanced as: confirming the state of your entire cloud or on-premise infrastructure; confirming low level details of an Azure App Service not allowing FTP deployments; confirming your virtual machines CIS compliance; or as simple as just validating that your critical application virtual machines are up and running and are servicing requests.  

Moving to an infrastructure as code way of working eliminates a lot of manual work and repetition. Adding automated testing can also help to remove a lot of manual work and repetition post infrastructure deployments, while also gaining the confidence and confirmation that what you have deployed is both what you wanted to deploy and how you expected it to be deployed.  

Previous Video
Claranet | Microsoft Azure
Claranet | Microsoft Azure

Claranet migrates global enterprise to Azure

Next Article
Point of View: Landscape for Cloud Security Services
Point of View: Landscape for Cloud Security Services

With COVID-19 driving up adoption of cloud and remote working, organisations are having to focus significan...