Change Control For Infrastructure
Implementing change control for infrastructure is useful for many reasons. Aside from being a best-practice, nearly every regulatory framework requires some level of change management for compliance, including NIST, FedRAMP, ISO, HIPAA, GDPR, and the upcoming CCPA. Mostly, this is a requirement for documentation of changes. We discussed how to use GIT to simplify IT documentation in an earlier blog, but in this Tech Talk, resident automation ninja Alex Egana takes it one step farther and takes us on a tour of Agile IT’s AutoLib project, which allows us to provide not just documentation, but to use Azure DevOps to deliver change control in the deployment and management of cloud infrastructure as well.
How DevOps Delivers Change Control for IT Infrastructure
We have recently discussed Infrastructure as Code, and how ARM Templates, Desired State Configuration, and Enterprise Scaffolding can provide automatic deployment of resources with both consistency and the ability to stop configuration drift. As Agile IT increasingly moved to deployment with code instead of manual configurations, our script and resource libraries grew exponentially. As we added more standardization, we needed a better way to manage them than our Git repository could provide on its own. The AutoLib initiative was started to provide a DevOps lite experience that allowed our engineers to always be working with the latest version of every script and our developers to easily push changes to the entire company.
The benefits of DevOps for infrastructure
- Repeatability in projects removes the need to explore baseline configurations when working on existing projects, as the underlying deployments are standardized.
- Continuous integration of scripts means that our engineers are all working with an identical set of the latest scripts at all times.
- Continuous deployment of infrastructure The scripts contain all of our ARM Templates and DSC files, meaning that our deployments can now be instantly deployed with the most recent versions.
How Does Azure DevOps power AutoLib for Constant Delivery?
- Scripts are built and edited in Visual Studio Code in the branch “DevToModules” which provides a safe development environment. When the team is satisfied with the scripts and they are tested, a pull request merges changes to the Master Branch.
- The Azure Pipeline detects the change in the Master branch which kicks off the build process.
- The scripts are collected and zipped by Azure Pipeline, moved to blob storage, and renamed with an incremental build number.
- Microsoft Flow detects the new file and moves it to SharePoint.
- Flow moves the old version in SharePoint to an archive folder.
- Finally, flow removes the new file from blob storage and simply waits for a new version to come from the pipeline.
Watch the Demonstration of Azure DevOps for Infrastructure
Do you want to get your cloud or hybrid infrastructure under control with the stability, security, and cost savings Agile IT provides? Our fixed price model and over 1.5 million cloud migrations will help you stay on schedule and in budget! Get a free quote today!
Agile IT Tech Talks are a resource for our MSP and CSP clients and feature engineers and solution architects providing introductions to new functions and walkthroughs of best practices combined with a private Q&A to allow our clients to explore how they can be applied in their own environments and organizations. To find out more, schedule a call with a cloud service advisor today.