The problem of "configuring by hand"
Creating servers, networks and databases by clicking buttons in a web console is fast the first time... and a disaster the tenth: nobody remembers what was touched, there's no way to reproduce it and recreating the environment after a failure is an odyssey.
Infrastructure as code (IaC)
IaC describes the infrastructure in text files that are versioned in Git, just like the code. Tools like Terraform or Pulumi read that description and create (or update) the real resources.
# Terraform: you declare WHAT you want, not HOW to create it
resource "google_cloud_run_service" "api" {
name = "my-api"
location = "europe-west1"
}
Advantages:
- Reproducible: the same file recreates the identical environment whenever you want.
- Versioned: you see in the history who changed what and why; you can revert.
- Declarative: you describe the desired state; the tool calculates the steps to get there.
DNS, domains and HTTPS
For people to type myapp.com and reach your server you need:
- DNS: the "internet address book" that translates the domain to the IP of your
server (an
AorCNAMErecord). - HTTPS/TLS: encrypts the traffic between the browser and the server. Today it's obtained free and automatic (Let's Encrypt, and most PaaS/CDNs manage and renew it for you).
# Check which IP a domain resolves to
dig +short myapp.com
All of this —domains, DNS, certificates— can also be declared with IaC, so that your complete infrastructure fits, reproducible, in a repository.