This is Part 1 of a 3-article series that demonstrates how two infrastructure-as-code tools – ARM Templates and Terraform – can work in unison to manage multi-cloud infrastructure provisioning. This article discusses Azure Arc and multicloud, the benefits and challenges of adopting multicloud, and how Terraform can help you add support for multicloud to an existing infrastructure deployed on Azure using ARM templates.
One cloud doesn’t fit all anymore.
Today, businesses are moving towards multicloud infrastructure to accomplish bigger challenges such as high availability and reliable regional data security and governance, but adopting it also greatly increases the infrastructure complexity for DevOps teams. As modern enterprises have become increasingly interested and invested in multicloud infrastructure, Azure has embraced the multicloud future with Azure Arc.
Azure Arc is Microsoft’s circle of technologies enabling businesses to secure and manage hybrid and multicloud environments easily. It includes tools for data and server security, monitoring, and deployment beyond just Azure’s data centers to on-premise setups. And when it comes to infrastructure deployment and management, the critical tool for many DevOps teams is infrastructure as code (IaC), which allows them to scale an application to hundreds or even thousands of servers worldwide.
What Exactly is Multicloud?
Simply put, multicloud describes using multiple cloud environments, public and/or private, single vendor or multi-vendor, to operate a web application or service. Similarly, a hybrid cloud combines on-premise servers with cloud servers and tools.
There are many reasons an application might want to use a multicloud infrastructure. Let’s talk about some common ones.
Avoid Single Vendor or Solution Lock-In
Businesses can stay cloud-agnostic so they aren’t stuck relying on just one cloud platform. For an enterprise, being able to switch between vendors means better negotiation on service contracts with providers because the enterprise can compare prices and the limitations of the platform, roadmap, and maintenance schedule. It can also reduce the risk of critical downtime and enable better disaster recovery plans.
Improve Scalability, Availability, and Risk Mitigation
Being on multiple cloud environments can open the application to hosting in new global regions and reduce latency, increasing availability. Multiple providers can also make it more difficult for a hacker to take down the application or gain full access because the servers are more distributed across different datacenters with different security tools and monitoring.
Regional Requirements and Compliance
Some industries and businesses may also want to host data only on-premises or in certified environments and regions due to government regulations or customer needs. Meeting these requirements and ensuring their security might only be possible via a hybrid-cloud or by hosting the application and the data in separate, multicloud environments.
While this isn’t a comprehensive list of use cases for multicloud, it should give you an idea of why a business might want or need it.
What is Infrastructure as Code?
Infrastructure as Code (IaC) refers to syntactical definition files that act as a blueprint for an application’s configuration across cloud services. They simplify the backend architecture of systems into readable code and allow small teams to automate and orchestrate large and complex server infrastructure easily.
These files can specify items such as the virtual machines to deploy, their configurations such as operating system and installed tools, databases, and cloud services to connect to, the global regions and network topology linking them, and even commands to run applications. On cloud services like Azure, IaC enables teams to run their code on a network of hundreds or even thousands of servers in a matter of minutes and automate the entire process to keep the systems and the deployed code up-to-date. From small web apps consisting of a frontend site and a SQL database to large social networks or streaming services, IaC can define all scenarios and make backend systems much more manageable.
By maintaining infrastructure code, the code itself documents the cloud resources and makes it possible to change, validate, and update them incrementally. However, there isn’t one standard across cloud providers, and different IaC languages support different cloud platforms, which introduces another layer of complexity in multicloud.
Challenges of Infrastructure as Code for Multicloud
Unfortunately, making multicloud possible for an application isn’t as simple as just adding more clouds. There are several challenges to operating multiple cloud environments, such as cost accounting across platforms. But for now, we’ll focus on the challenges related to IaC tools that DevOps teams often use to manage them.
Different Tools and Architectures
Each cloud platform generally has its own set of tools, IaC language, different user and resource permission controls, and architectures. Migrating an application from one platform to another might require team knowledge of multiple IaC languages and system configurations and maintaining multiple IaC codebases. Maintaining consistency across the cloud environments can be a big effort.
Credentials and Account Access
Using multiple clouds results in needing multiple accounts to access each. You must have the right credentials to deploy or manage them, and keeping the application components configured with appropriate permission roles can be complicated.
Managing and Provisioning
With servers deployed in multiple cloud environments, you must manage each cloud if you don’t have additional tooling. To properly provision the infrastructure, you could need different tools specific to each environment.
From Azure to Multicloud with Terraform
What if you have an application already deployed to Azure? How can a development team take it and support multicloud?
For Azure, Azure Resource Manager (ARM) templates are often the Infrastructure as Code of choice to use for many DevOps teams because they’re quick and convenient — especially when used with Bicep. However, as the name implies, ARM templates only work for Azure. And for a team already familiar with Bicep and ARM templates, with all the application infrastructure carefully configured to deploy and run-on Azure, it may seem that the only options are to maintain multiple sets of infrastructure code or even move away from ARM templates altogether.
Fortunately, there is a popular open-source IaC solution by HashiCorp called Terraform that can help. Terraform supports numerous cloud providers that DevOps teams can use to automate infrastructure tasks even in multicloud settings. And it can deploy ARM templates alongside its own infrastructure code.
What’s Next?
In this article, you learned about Azure Arc and multicloud, the benefits and challenges of adopting multicloud, and how Terraform can help you add support for multicloud to an existing infrastructure deployed on Azure using ARM templates. Next, let’s put theory to practice with a hands-on guide to deploying a simple multicloud infrastructure using Terraform. We’ll do that in the next article.
Check out this article if you would like to read more about Infrastructure as Code. And you can get an overview of Multicloud and Hybrid-cloud and learn more here.
To learn more about how to secure, develop, and operate infrastructure, apps, and Azure services anywhere, check out our resource Azure Arc.