DevOpsCon Munich 2024 - Infrastructure as Code and AI -does it fit?

Transcript

1. Infrastructure as Code and AI - does it fit? PATRICK

   KOCH

2. Patrick Koch Email: [email protected] Blog: patrickkoch.dev LinkedIn: patkoch87 GitHub: patkoch

   BlueSky: @patkoch.bsky.social Mastodon: @[email protected] Cloud Adoption Engineer, AVL List GmbH Source icons: Microsoft, HashiCorp

3. Source: kleinezeitung.at – 01.04.2024

4. Content What is Infrastructure as Code? How does GenAI work?

   Why focusing on Infrastructure as Code? Usages of AI tools for Infrastructure as Code Conclusion

5. What is Infrastructure as Code?

6. What is Infrastructure as Code?  Infrastructure as Code (IaC)

   is a method of managing and provisioning computing infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. It's a key practice in DevOps and is used in conjunction with continuous delivery.  IaC allows developers to automate the process of setting up and managing infrastructure, which can lead to faster deployment times, more efficient use of resources, and more reliable and repeatable processes. It can be used to manage a wide range of services, including networks, virtual machines, load balancers, and connection topology. Source: GitHub Copilot

7. Example: Azure Kubernetes Cluster resource "azurerm_resource_group" "example" { name =

   "my-demo-rg" location = "West Europe" } resource "azurerm_kubernetes_cluster" "example" { name = "my-demo-aks" location = azurerm_resource_group.example.location resource_group_name = azurerm_resource_group.example.name dns_prefix = "exampleaks1" default_node_pool { name = "default" node_count = 1 vm_size = "Standard_D2_v2" } identity { type = "SystemAssigned" } tags = { Environment = "Production" } } Azure AKS Azure Icons: Azure Public Service Icons V14, Terraform Icon: HashiCorp Brand Kit

8. What is GenAI and how does it work?

9. https://terrateam.io/blog/using-llms-to-generate-terraform-code#what-is-a-large-language-model-llm “A Large Language Model (LLM) is an artificial intelligence

   model or program that generates text by “predicting” the next token in a sequence. These models are trained on massive datasets, requiring substantial parallel computing resources, such as GPUs, to process and learn from the vast amounts of text data..” “Developers can interact with the LLM by providing prompts or instructions, such as ‘ChatGPT, you are a developer…’ followed by a specific code generation request. The LLM then generates code snippets or functions based on the given prompt.”

10. Why focusing on IaC?

11. “LLMs are only as good as the data they're trained

    on. Terraform and IaC tools are relatively new …..That means the dataset the model was trained on (mostly from GitHub) is sparse. But most of all, most companies don't put their infra code on GitHub for security reasons. So the encoding space for this kind of code is sparse….” https://www.anyshift.io/blog/navigating-ai-in-your-infrastructure-dos-don-ts-and-why-it-matters

12. https://www.hashicorp.com/resources/the-story-of-hashicorp-terraform-with-mitchell-hashimoto

13. “The exact number of GitHub repositories used to train GPT-4

    isn't publicly disclosed. However, GPT-4 was trained on a diverse dataset that includes a significant amount of code from various sources, including public repositories on GitHub. This extensive dataset helps the model understand and generate code effectively.” https://github.blog/news-insights/octoverse/octoverse-2024/

14. https://medium.com/@dlaytonj2/chatgpt-show-me-the-data-sources-11e9433d57e8

15. AI and IaC Example usages of AI tools for Infrastructure

    as Code

16. Answering questions

17. None
18. None

19. Code Generation

20. None
21. None

22. Security

23. resource "azurerm_network_security_group" "sg-rdp- connection" { name = "demonsg" location =

    azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name security_rule { name = "tcptraffic" priority = 100 direction = "Inbound" access = "Allow" protocol = "Tcp" source_port_range = "*" destination_port_range = "*" source_address_prefix = "*" destination_address_prefix = "*" } tags = { environment = "Testing" } }
24. None

25. Code Interpretation

26. param registryName string param location string = resourceGroup().location param sku

    string = 'Basic' resource acr 'Microsoft.ContainerRegistry/registries@2021-06-01-preview' = { name: registryName location: location sku: { name: sku } properties: { adminUserEnabled: true } }
27. None

28. Are my prompts retained?

29. Source: GitHub Copilot Trust Center - GitHub Resources

30. Source: https://learn.microsoft.com/en-us/purview/retention-policies-copilot#how-retention-works-with-microsoft-copilot-for-microsoft-365

31. Source: Gemini

32. • Don‘t blindly trust your suggested IaC code • Speeds

    up the development • In future: game changer and crucial for cloud deployments

33. THANK YOU! ☺