Co-founder of www.env0.com
You might have read our beta launch blog post, which describes how Infrastructure as Code (IaC) is driving the third datacenter revolution (the first two being virtualization and the move to public clouds). In this post, I want to go deeper into looking at how IaC is driving a new need and approach to cost visibility and management.
IaC is a powerful technology that enables you to provision and manage any cloud resource in an automated, declarative way. This allows you to create a consistent, repeatable workflow, enabling much wider scale deployments across a range of resources. Unfortunately, IaC also makes it far too easy to create massive cloud cost damage. With a simple code modification, configuration change, or API call, a developer can initiate a very expensive orchestration of unneeded cloud resources. Sometimes those resources were a mistake and never needed — sometimes they just should have been destroyed after a few minutes or hours. In either case, they sit around running and costing companies millions in excess cost each year.
And it’s not easy to understand what you’re actually spending on! Cloud providers don’t actually know what you’re using your infrastructure for, so their bills just contain one giant list of resources used and how much they cost. Given the size of this problem, dozens of vendors have popped up trying to simplify those lists and help companies manage their cloud costs, but these offerings have largely taken a very reactive approach, and because they’re separate from the actual orchestration and management platforms, they don’t actually natively understand anything about your infrastructure either.
Instead, teams have to manually organize and group every resource they’re using to appropriately report on their usage — a very slow and error prone process. Some reporting setups even want you to change your infrastructure setup by segregating your resources into dozens of sub-accounts, just to make their job easier.
Ultimately, today’s options leave companies with two unenviable choices: expensive, error prone, manual work — or just lose any connection of their cloud spend to their larger business priorities and initiatives. Not a great set of choices and the opposite of what the Cloud and IaC was supposed to do for us.
At env0 we’re taking a different approach — by combining both the orchestration and management platform into a single system with your cost management — enabling us to give you both proactive control and deeper business insight without any additional manual work.
Our self service engine platform naturally learns a lot about each environment as it’s being set up: who deployed it, what team they’re on, what project it’s being used for, what code is running on it, what template it’s based on, when it was deployed, and more.
And we know that all of the underlying data is 100% accurate because env0 is actually setting up those resources based on that configuration. And because your team is using env0 to set up their environments, you can factor in budgets and costs as part of that permissioning process alongside your other governance and controls.
Ultimately, our philosophy isn’t just about making your existing process easier, it’s about delivering more ownership and flexibility to your team. Currently, there’s no good way to give developers insight into how much their cloud deployments are costing (and they’re probably not even the ones actually provisioning their own environments anyway).
But by giving them self service paired with immediate and easy visibility into their spend, along with enforced budgets and other controls, your team can have a greater and shared responsibility for helping deliver more efficient infrastructure.
So, how does env0’s approach actually work? By combining Cost Visibility with Proactive Cost Management:
When you use env0 to provision infrastructure, we automatically tag each resource deployed with the environment that it was deployed as a part of. This level of automation and simplicity means no human errors, no need for testing or validation, no maintenance, and the flexibility to use any module or extension (even open source) regardless of its native tagging support.
We then use your cloud provider’s cost API to pull the actual spend data into env0 and associate it back to all the other data that env0 already knows about your environments based on being your orchestration platform — giving you completely accurate reporting of exactly what you’re actually spending on over time.
This gives you much more actionable and relevant insights to easily answer questions like:
This granular level of reporting is possible even if all those environments are running on the same cloud account with no separation or if you have infrastructure running across separate providers! It’s all aggregated and reported on automatically by env0.
Best of all, soon we’ll be able to offer you even deeper insights and direct actionability by integrating this data with your existing business intelligence, SIEM, and alerting tools.
Reporting and visibility are great, but you also want to control costs proactively — and env0 helps you do that with our variety of policies, controls, and budgets that are part of our self service orchestration engine.
First, all of the infrastructure that your end users provision is based on the templates configured by your infrastructure team. No more worrying that someone is going to mistakenly spin up a $100,000 database server, if it’s not part of one of your templates, it’s not getting provisioned.
Next, we provide customizable policies like Time To Live (TTL) to ensure that dev and other non-production environments are only kept around as long as they need to be. We’re also adding environment scheduling, so you’ll be able to have non-production environments automatically shut down during nights and weekends when nobody uses them, then automatically reprovisioned and ready to be used first thing Monday morning.
And soon, we’ll be introducing budget limits for projects and users in env0. You’ll be able to define preset limits for a given time period for a project, a user, or group of users — once they’ve hit those budgets you can choose to be alerted, block further infrastructure, or even automatically destroy infrastructure that’s going over budget (in case of non-production environments).
Plus, you can add your own custom policies to env0, allowing you to put in whatever controls and boundaries you want as part of the setup and deployment process.
Interested in learning more? env0 makes it easy to get started using your existing infrastructure as code templates — you can get started yourself or grab some time with our team for a demo if you’d like to learn more.
Previously published at https://www.env0.com/blog/infrastructure-as-codes-cost-management-revolution