From Host Config to Infrastructure‑from‑Code: The Evolution of IaC

What is IaC?

Infrastructure as Code (IaC) is a set of practices and tools that apply software‑development rigor to provisioning and managing infrastructure such as servers, networks, databases, and storage. It treats infrastructure definitions as version‑controlled code, enabling automation, testing, CI/CD pipelines, and rapid feedback.

Benefits of IaC

Performance – automated provisioning is faster than manual operations.

Repeatability – eliminates human error in repetitive tasks.

Documentation – the code itself serves as up‑to‑date system documentation.

Audit history – version control provides a full change log and easy rollback.

Testability – infrastructure can be unit‑, integration‑, and end‑to‑end‑tested.

First Generation: Declarative, Host Configuration

Typical tools: Chef, Puppet, Ansible. They focus on configuring individual machines (files, packages, users, services) using a declarative style.

- hosts: app
  tasks:
  - name: Update apt-get
    apt: update_cache=yes

  - name: Install Apache
    apt: name=apache2 state=present

  - name: Install Libapache-mod-jk
    apt: name=libapache2-mod-jk state=present

  - name: Install Java
    apt: name=default-jdk state=present

  - name: Create Tomcat node directories
    file: path=/etc/tomcat state=directory mode=0777
  - file: path=/etc/tomcat/server state=directory mode=0775

  - name: Download Tomcat 7 package
    get_url: url=http://apache.mirror.digionline.de/tomcat/tomcat-7/v7.0.92/bin/apache-tomcat-7.0.92.tar.gz dest="/etc/tomcat"
  - unarchive: src=/etc/tomcat/apache-tomcat-7.0.92.tar.gz dest=/etc/tomcat/server copy=no

  - name: Configuring Mod-Jk & Apache
    replace: dest=/etc/apache2/sites-enabled/000-default.conf regexp='^</VirtualHost>' replace="JkMount /status status 
 JkMount /* loadbalancer 
 JkMountCopy On 
 </VirtualHost>"

  - name: Download sample Tomcat application
    get_url: url=https://tomcat.apache.org/tomcat-7.0-doc/appdev/sample/sample.war dest="/etc/tomcat/server/apache-tomcat-7.0.92/webapps" validate_certs=no

  - name: Restart Apache
    service: name=apache2 state=restarted

  - name: Start Tomcat nodes
    command: nohup /etc/tomcat/server/apache-tomcat-7.0.92/bin/catalina.sh start

Second Generation: Declarative, Cloud Computing

Typical tools: AWS CloudFormation, Terraform, Azure Resource Manager. They declare cloud resources (Lambda, SQS, IAM, etc.) at a higher abstraction level than individual hosts.

AWSTemplateFormatVersion: 2010-09-09
Resources:
  LambdaFunction:
    Type: AWS::Lambda::Function
    Properties:
      Code:
        S3Bucket: my-source-bucket
        S3Key: lambda/my-java-app.zip
      Handler: example.Handler
      Role: !GetAtt LambdaExecutionRole.Arn
      Runtime: java17
      Timeout: 60
      MemorySize: 512
  MyQueue:
    Type: AWS::SQS::Queue
    Properties:
      VisibilityTimeout: 120
  LambdaFunctionEventSourceMapping:
    Type: AWS::Lambda::EventSourceMapping
    Properties:
      BatchSize: 10
      Enabled: true
      EventSourceArn: !GetAtt MyQueue.Arn
      FunctionName: !GetAtt LambdaFunction.Arn
  LambdaExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - lambda.amazonaws.com
            Action:
              - sts:AssumeRole
      Policies:
        - PolicyName: allowLambdaLogs
          PolicyDocument:
            Version: '2012-10-17'
            Statement:
              - Effect: Allow
                Action:
                  - logs:*
                Resource: arn:aws:logs:*:*:*
        - PolicyName: allowSqs
          PolicyDocument:
            Version: '2012-10-17'
            Statement:
              - Effect: Allow
                Action:
                  - sqs:ReceiveMessage
                  - sqs:DeleteMessage
                  - sqs:GetQueueAttributes
                  - sqs:ChangeMessageVisibility
                Resource: !GetAtt MyQueue.Arn

Third Generation: Imperative, Cloud Computing

Typical tools: AWS CDK, Pulumi, SST. They let developers use general‑purpose programming languages (TypeScript, Python, etc.) to define cloud resources, providing richer abstractions and type safety.

class LambdaStack extends cdk.Stack {
  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    const func = new lambda.Function(this, 'Function', {
      code: lambda.Code.fromBucket(s3.Bucket.fromBucketName(this, 'CodeBucket', 'my-source-bucket'), 'lambda/my-java-app.zip'),
      handler: 'example.Handler',
      runtime: lambda.Runtime.JAVA_17,
    });

    const queue = new sqs.Queue(this, 'Queue', {
      visibilityTimeout: cdk.Duration.minutes(2),
    });

    func.addEventSource(new lambda_events.SqsEventSource(queue));
  }
}

const app = new cdk.App();
new LambdaStack(app, 'LambdaStack');

Fourth Generation: Infrastructure from Code

Emerging tools aim to merge application code and infrastructure definition, removing the artificial split. Examples: Wing, Dark, Eventual, Ampt, Klotho.

Eventual – a TypeScript library that provides high‑level constructs (Service, API, Workflow, Task, Event) which are compiled into cloud resources.

import { event, subscription, task, workflow, command } from "@eventual/core";

export interface HelloEvent { message: string; }
export const helloEvent = event<HelloEvent>("HelloEvent");

export const onHelloEvent = subscription("onHelloEvent", { events: [helloEvent] }, async (event) => {
  console.log("received event:", event);
});

export const helloTask = task("helloTask", async (name: string) => {
  return `hello ${name}`;
});

export const helloWorkflow = workflow("helloWorkflow", async (name: string) => {
  const message = await helloTask(name);
  await helloEvent.emit({ message });
  return message;
});

export const hello = command("hello", async (name: string) => {
  const { executionId } = await helloWorkflow.startExecution({ input: name });
  return { executionId };
});

Wing – a language that treats infrastructure as part of the program, separating Preflight (build‑time) and Inflight (runtime) phases.

bring cloud;

let queue = new cloud.Queue(timeout: 2m);
let bucket = new cloud.Bucket();

queue.addConsumer(inflight (item: str): str => {
  let object = bucket.get(item);
  // do something with 'object'...
});

Conclusion

The IaC landscape has progressed from host‑level configuration scripts to cloud‑native declarative templates, then to programmable SDKs, and now to unified Infrastructure‑from‑Code approaches that tightly couple application logic with resource provisioning. This evolution improves performance, repeatability, documentation, testing, and developer productivity, and it continues to shape the future of software engineering.