📘Cisco DevNet Associate (200-901 DEVASC)

1. Introduction to Infrastructure as Code (IaC)

Infrastructure as Code (IaC) is a method of managing and provisioning IT infrastructure using code instead of manual configuration.

Infrastructure includes components such as:

Servers
Virtual machines
Networks
Storage
Firewalls
Load balancers
Containers
Cloud resources

Traditionally, administrators configured infrastructure manually using command-line tools or graphical interfaces. This approach can lead to:

Configuration mistakes
Inconsistent environments
Difficult troubleshooting
Slow deployment processes

With Infrastructure as Code, infrastructure is defined using configuration files or scripts, and automation tools deploy and manage it.

Example IaC tools commonly used in IT environments include:

Terraform
Ansible
Puppet
Chef

These tools allow engineers to automatically create, modify, and manage infrastructure.

Why Infrastructure as Code Is Important

IaC is important in modern IT operations because it:

Automates infrastructure deployment
Improves consistency across environments
Reduces human configuration errors
Enables faster application delivery
Supports DevOps and CI/CD pipelines
Makes infrastructure easier to maintain and scale

For example, a network engineer can define a network topology, firewall rules, and load balancer configuration in code, and deploy the entire environment automatically.

Core Principles of Infrastructure as Code

For the DEVASC exam, you must understand the key principles that make IaC effective.

1. Automation

Automation means infrastructure tasks are performed automatically by scripts or tools instead of manual configuration.

Without automation:

Engineers must log into each device or server
Configure settings manually
Repeat the same tasks multiple times

With IaC:

Infrastructure configurations are written in code.
Automation tools apply those configurations automatically.

Example in an IT Environment

A system administrator writes a configuration file that defines:

A virtual machine
A network interface
Security policies

Using Terraform, the entire environment can be created automatically with a single command.

Benefits:

Faster deployment
Reduced human errors
Repeatable infrastructure setup

2. Consistency

Consistency means every environment is configured the same way.

In many organizations there are multiple environments:

Development
Testing
Staging
Production

Manual configuration often causes configuration drift, where environments become slightly different.

IaC solves this problem because:

All environments use the same configuration code
Infrastructure is deployed using the same automation process

Example

A network engineer defines firewall rules in an IaC file.

That same file is used to configure:

Test network
Staging network
Production network

This ensures identical configurations across environments.

3. Version Control

IaC configurations are stored in version control systems such as:

Git
GitHub
GitLab

Version control allows teams to:

Track infrastructure changes
Maintain configuration history
Revert to previous configurations if necessary
Collaborate safely

Example

A DevOps engineer modifies a load balancer configuration.

Version control records:

Who changed the configuration
When it was changed
What was modified

If a problem occurs, the team can rollback to a previous version.

4. Idempotency

Idempotency means running the same configuration multiple times produces the same result.

In IaC, automation tools check the current state of infrastructure and only apply necessary changes.

Example

Suppose a configuration requires:

A web server installed
Port 443 enabled
A firewall rule applied

If the configuration is applied again:

The server will not reinstall the software
The firewall rule will not duplicate
Only missing changes will be applied

Tools like Ansible are designed to support idempotent operations.

Benefits:

Safe repeated execution
Reduced configuration errors
Stable environments

5. Declarative vs Imperative Approach

IaC tools use two main approaches for defining infrastructure.

Declarative Approach

A declarative model describes the desired final state of the infrastructure.

The automation tool determines how to reach that state.

Example tools:

Terraform
Ansible

Example concept:

Ensure a virtual machine exists with:
- 4 CPU cores
- 8 GB RAM
- Ubuntu OS

The tool decides how to create or modify the system.

Imperative Approach

An imperative model describes step-by-step instructions to configure infrastructure.

Example:

Create VM
Install OS
Configure network
Apply firewall rules

Example tools include:

Chef
Puppet

Declarative models are generally preferred in modern DevOps environments because they are simpler and easier to maintain.

6. Reusability

IaC code should be modular and reusable.

Instead of writing new configurations for each environment, engineers create reusable modules.

Example reusable components:

Network module
Firewall module
Database module
Virtual machine template

Using reusable modules improves:

Development speed
Code quality
Standardization

7. Self-Documentation

IaC files serve as documentation for infrastructure configuration.

Instead of reading manuals or configuration notes, engineers can simply examine the code.

The code shows:

Infrastructure architecture
Network configurations
Security policies
System dependencies

This improves:

System transparency
Team collaboration
Troubleshooting

8. Testing Infrastructure Code

Just like application code, infrastructure code can be tested.

Testing ensures configurations work correctly before deployment.

Testing methods include:

Syntax validation
Configuration testing
Infrastructure simulation

For example, network engineers can use testing tools like:

pyATS
Cisco Modeling Labs

These tools help validate configurations before applying them to production environments.

9. Continuous Integration and Continuous Deployment (CI/CD)

IaC is commonly integrated into CI/CD pipelines.

CI/CD pipelines automate:

Infrastructure code updates
Testing
Deployment

Example CI/CD platforms include:

Jenkins
GitHub Actions
GitLab CI/CD

Typical process:

Engineer updates infrastructure code.
Code is pushed to a repository.
CI/CD pipeline validates the configuration.
Automation tool deploys the infrastructure.

This creates fully automated infrastructure management.

Benefits of Infrastructure as Code

Infrastructure as Code provides several benefits in modern IT environments.

Faster Deployment

Infrastructure can be deployed in minutes instead of hours.

Reduced Errors

Automation reduces human configuration mistakes.

Better Scalability

Infrastructure can easily scale to support increased workloads.

Improved Collaboration

Teams collaborate using shared infrastructure code.

Faster Disaster Recovery

Infrastructure can be rebuilt quickly using stored configuration files.

Example IaC Workflow in an IT Environment

A typical Infrastructure as Code workflow may include:

Engineer writes infrastructure configuration.
Code is stored in Git repository.
Code changes are reviewed by the team.
CI/CD pipeline validates the configuration.
Automation tool deploys infrastructure.
Infrastructure is tested and monitored.

This workflow ensures reliable and automated infrastructure management.

Key Exam Points for DEVASC

For the **Cisco DevNet Associate (200-901 DEVASC) exam, remember these important points:

Infrastructure as Code manages infrastructure using code and automation tools.
IaC improves automation, consistency, and scalability.
IaC configurations should be stored in version control systems.
Key IaC principles include:
- Automation
- Consistency
- Version control
- Idempotency
- Reusability
- Declarative vs Imperative models
- Self-documentation
- Testing
IaC integrates with CI/CD pipelines to automate infrastructure deployment.

✅ In simple terms:
Infrastructure as Code allows engineers to treat infrastructure like software, meaning they can write code to create, configure, manage, and update servers, networks, and other infrastructure automatically.