.. _infrastructure_as_code_card:

Infrastructure as a Code
========================

The term Infrastructure as Code (IaC) refers to a methodology for the provisioning 
and management of cloud resources. In particular, it consists on treating 
infrastructure somewhat as software instead of relying on manual operations. The key 
advantages of IaC can be summarize as follows: 

- Automation.
- Idempotency.
- Version control. 
- CI/CD.
- Documentation.

Visit the section :ref:`cloud/tutorials/index_tutorials_and_repos:terraform/opentofu/ansible repositories` to get 
further insight on the usage of IaC to manage resources on CINECA HPC cloud infrastructures.

Declarative and procedural approaches to IaC 
--------------------------------------------

There are two primary approaches to Infrastructure as Code (IaC): declarative and 
procedural (or imperative).

The **declarative approach** relies on the description of the desired final end 
state of the infrastructure, which is gathered in configuration files. 
Then, the tools used (e.g., Terraform, OpenTofu) are in charge of interpreting the 
configuration and apply all the actions needed to put it in place.  This methodology 
is especially useful for tasks like provisioning cloud resources (e.g., servers, 
networks, load balancers). Terraform is an open-source infrastructure as code 
software tool created by HashiCorp. It enables users to define and provision 
datacenter infrastructure using a declarative configuration language known as 
HashiCorp Configuration Language (HCL), or optionally JSON. Terraform manages 
external resources such as public cloud infrastructure, private cloud infrastructure, 
network appliances, software as a service, and platform as a service with a code. 
For more information, visit the official `Terraform <https://www.terraform.io/>`_ 
website.

The **procedural approach** involves outlining the sequence of steps required to 
achieve the final end state of the infrastructure, rather of a description of the 
state itself. It is frequently used in configuration management tasks, such as 
installing software packages on newly provisioned servers. The most popular tools 
in this category include Ansible, Puppet, and Chef.  In particular, Ansible is an 
open-source automation tool that simplifies IT tasks such as configuration 
management, application deployment, and cloud provisioning. Its agentless 
architecture makes it highly efficient for managing infrastructure. For more 
information about ansible, visit the official 
`Ansible <https://www.redhat.com/en/ansible-collaborative>`_ website.

Each method entails distinct advantages, making the choice among them dependent 
on project needs and team preferences. It is worth noting that, while presented 
as alternatives, these approaches are not mutually exclusive and can complement 
each other within different aspects of a single project.