Faster, safer, better: Why Protenus embraces Infrastructure-as-Code
by Aaron Stahl on January 24, 2018
At Protenus, we value moving quickly -- continually iterating to improve our state of the art healthcare compliance analytics platform. Combine this rapid development cycle with a steadily growing customer base, and we find ourselves needing new infrastructure resources at a dizzying pace.
This pace creates an interesting technological challenge for the DevOps team here at Protenus. How do you support rapid growth without spending all your engineering resources’ time building, maintaining, and provisioning this infrastructure? The answer -- embrace Infrastructure-as-Code, the practice of codifying and automating both the configuration and provisioning of your infrastructure.
Here are five ways in which adopting Infrastructure-as-Code (IaC) practices at Protenus have helped us to become faster, safer, and better:
We get to spend less time firefighting.
When you provision infrastructure in an automated process, controlled through auditable and peer-reviewed configuration files, it increases uniformity, consistency, and overall reliability. We make updates to our infrastructure and deployment processes directly in git repositories -- versioning our infrastructure so we can see exactly what changed and when. This audit trail is extremely helpful during troubleshooting, enabling us to find changes applied to our systems which may be causing or contributing to a production impact.
Keeping everything in code, down to how VPCs are subdivided, for example, ensures we can replicate resources throughout all stages of our development lifecycle. These uniform environments greatly reduce the possibility of infrastructure-related challenges, since we’re now testing in a lower environment that mimics our production infrastructure.
Here at Protenus, we also have attempted to utilize immutable infrastructure wherever possible. Replacing systems as part of our automated rollouts reduces the dreaded “configuration drift,” which often contributes to discrepancies that require engineering time to resolve. Keep in mind, there could be situations where replacing systems for each change doesn’t make sense for your use case. Just make sure you have an automated audit mechanism for those static resources to ensure they stay in sync.
The sum of these benefits means our engineers, both within DevOps and the engineering team as a whole, have more time to spend on value-add coding, instead of fighting production fires.
Cutting-edge tooling enables us to do more.
Terraform, Packer, Vault, and Jenkins -- these are just a few of the DevOps and Infrastructure-as-Code tools that we use on a daily basis at Protenus. This toolset allows us to manage, deploy, and maintain our infrastructure in a scalable fashion. Gone are the days of artisanally creating hosts one at a time in our AWS environments. We now utilize Terraform to deploy a client configuration in a single click. Our customers love that we have the ability to quickly turn around updates using these tools.
Adopting a cutting-edge toolset also allows us to stay up-to-date with industry trends, reducing the time DevOps spends maintaining legacy applications and processes. We rely heavily on open-source projects and are always looking for tools that increase our efficiency and make our infrastructure more reliable.
Security comes first.
Nothing at Protenus is more important than security – to us, or to our customers. By embracing Infrastructure-as-Code, we can ensure the security of our environment through codifying security policies and controls. The uniformity in our infrastructure configuration allows us to easily detect any anomalies compared to checked-in configuration, as we have a “known good” baseline. Gone are they days of manual security group updates; these are preserved in code and can be analyzed to ensure we’re only allowing necessary access.
Using our DevOps and IaC toolset, we can also automate security upgrades and processes. One such example we practice is continually upgrading our baseline server AMIs. This keeps our servers patched and up to date around the clock, ensuring we get ahead of the latest vulnerabilities.
We spend more time on improvements.
Let’s face it, most people don’t really enjoy patching servers or adding resource capacity to your infrastructure. Neither do we. Instead of doing these repetitive tasks, the DevOps team at Protenus spends its time automating infrastructure and then moving on to more valuable tasks. Since we’re not firefighting, we can work to improve rollout speeds, cutting down implementation time from weeks to single clicks. This also means we get to work on new efforts such as centralized logging initiatives, improving our development processes, and shifting application workloads into containers -- just to name a few.
We collaborate better.
At Protenus, collaboration is a valuable and important skill. With a rapidly changing environment, we have to be able to work together with our peers inside the engineering teams to ensure they stay up to date with infrastructure enhancements. Utilizing Infrastructure-as-Code helps us with collaboration by providing a central location whereby anyone in development can view how infrastructure is provisioned. Creating a new feature which requires more CPU for the container? Just submit a pull request against the infrastructure component that controls the container.
The end result is projects move faster, developers better understand how resources are allocated, and can provision resources on demand. Teams control more of their own destiny, setting them -- and the company -- up for success.
Health data analytics is a growing and changing field, and we are proud to be leaders and innovators in this space. Embracing Infrastructure-as-Code has made this possible.
And the best thing? The DevOps team is growing, and we’re looking for teammates who are just as excited about Infrastructure-as-Code as we are. Think Protenus might be a fit for you? Get in touch.