Infrastructure as Code Patterns
What are the key principles and patterns of Infrastructure as Code? How do you structure IaC for multiple environments?
Key IaC principles: declarative over imperative, idempotent operations, version control everything, and immutable infrastructure. For multiple environments, use modules for reusable components, separate state files per environment, use workspaces or directory structures (dev/staging/prod), parameterize with variables and tfvars files, and implement DRY (Don't Repeat Yourself) through modules. Always test changes in lower environments first.
IaC is the foundation of modern DevOps practices. Well-structured IaC enables reproducible infrastructure, reduces configuration drift, facilitates disaster recovery, and allows infrastructure changes to go through the same code review process as application code.
Terraform module structure
- Hardcoding environment-specific values
- Not using remote state with locking
- Creating overly complex module hierarchies
- How do you handle secrets in Infrastructure as Code?
- What is the difference between Terraform workspaces and directory-based separation?
- How do you test infrastructure code before applying?