Getty Images
Fresh crop of startups takes on infrastructure-as-code toil
Emerging vendors, including a new venture from the founder of Chef, set out to put a fresh face on IT infrastructure automation for the platform engineering era.
The transition from DevOps to platform engineering calls for higher-level, more efficient and visual approaches to IT automation than infrastructure as code, according to multiple emerging vendors.
Some, such as the Resourcely configuration platform, offer broad abstractions called Blueprints and Guardrails that platform engineers can use to create golden paths to production for developers. Others, such as Firefly, use generative AI to create infrastructure as code from natural language prompts, while WSO2's Choreo website pledges: "No more YAML." Another company just out of stealth this week, Bluebricks Ltd., proposes to "transform massive [Terraform] states into small, reusable, and manageable blueprints."
Another pair of newer companies, Massdriver and System Initiative, seek to free platform engineers from having to update code in Git repositories, waiting for reviews and pull requests before they can deploy to production, and give them a more intuitive visual interface. Even Pulumi, which arose as a replacement for HashiCorp's Terraform, has diversified beyond infrastructure as code and shipped a new product, ESC, to address configuration and secrets management headaches stemming from managing IaC at scale.
All are converging on the same basic problem statement: Current IT automation techniques, including IaC, can't keep up with the pace of cloud-native app development and are too hard to use, especially at high scale.
Larry CarvalhoAnalyst, Robust Cloud
"Infrastructure code is often fragmented within the enterprise and difficult to maintain," said Torsten Volk, an analyst at TechTarget's Enterprise Strategy Group. "It's often not parameterized, [and] this makes it hard to keep infrastructure code consistent and to preserve dependencies. It's also hard to test, as you can't just create complete environments due to time and cost constraints. It's a real problem."
IaC is now a mature technology that's hitting a scalability ceiling as cloud-native applications grow and become more complex, said Larry Carvalho, an analyst at RobustCloud, a cloud advisory firm.
"The big issue is complexity," he said. "It's great to get started with infrastructure as code, but when you start scaling up and start using it more, then you start finding the real problems. … Velocity is what everybody wants, but [the codebase] becomes too big."
System Initiative proposes complete IaC replacement
Most of the companies with fresh takes on platform engineering incorporate infrastructure-as-code tools such as Terraform and OpenTofu. But System Initiative, founded by the former CTO of infrastructure-as-code vendor Chef a year ago, proposed a more radical departure away from such tools entirely as it shipped its first product this week.
"DevOps has failed to deliver on its own aspirations," said Adam Jacob, co-founder and CEO of System Initiative. "We're 15 years in … and our goal the whole time was that people should be able to get work into production tens, hundreds or thousands of times a day. [But] the latest DORA report has 18% of the total respondents actually able to deploy every day, and they call those 'the elite' -- you can be a high performer now in DevOps … if you can deploy between once a day and once a week."
The error-prone process of creating and updating infrastructure and the wait for code reviews and CI/CD pipelines to apply those changes to production before DevOps pros know if they'll work has been a big part of the problem, according to Jacob.
System Initiative's SaaS service still uses TypeScript code to describe IT infrastructure assets but puts the code snippets into a collaborative drag-and-drop interface where users can make changes. When users change assets and their relationships to each other, an underlying knowledge graph automatically reflects the change, while the UI gives the user visual feedback about whether the change will be viable in production. Rather than create an architecture diagram and then translate it into code, in other words, System Initiative users can use an architecture diagram to effect changes directly in production.
"Terraform and OpenTofu have their own rough edges in terms of being tied to version control -- System Initiative would give us the freedom to work faster, to iterate on things faster," said Matthew Sanabria, staff site reliability engineer at database vendor Cockroach Labs, who has experimented with System Initiative's early releases in a home lab. "In the end, you're left with an architecture diagram that [can be] the true source of truth [on] what you just built. Right now, we don't have that -- we have someone else manually go edit Figma … to update the architecture diagram, [and] it's always out of date."
The Rocky Linux project has begun porting its mirror manager for software distribution to System Initiative, said Neil Hanlon, founder of the Rocky Enterprise Software Foundation and senior open source systems engineer at consulting and services firm CIQ.
"We'd like to manage the service with System Initiative rather than the current situation, which is more or less kind of manual plus a little bit of Ansible, and it's not super scalable," Hanlon said. "That was one of the key projects that my colleagues and I identified as very impactful for the organization, to have a great story around the stability, reliability and transparency of that service."
A noisy market
Not every IT organization is necessarily ready for a clean break from IaC as they know it, wrote Kelsey Hightower, formerly a distinguished engineer at Google Cloud and a developer advocate, in a post on X, formerly Twitter, in March.
"I'm so used to configuration management based on artifacts that get checked in and passed around between systems, that doing everything inside a platform using TypeScript would take some getting [used] to," wrote Hightower, who is a technical advisor to competitor Massdriver, in the post. "But it's nice to see System Initiative try something new in this space."
It's also still early in the development of System Initiative's product, according to Jacob, and it isn't targeting large enterprises just yet. It needs to still add key features for that market such as role-based access control and support for a self-managed version. In addition to those features, both Hanlon and Sanabria said they'd like the ability to organize assets into separate subgraphs rather than grouping all assets into one interface.
"I don't want to always put everything on one canvas," Sanabria said. "I want the ability to share some data across different workspaces a little bit better, and separate concerns across different canvases."
Industry analysts said System Initiative must clarify its messaging and differentiation in a market teeming with new platform engineering tools.
"Ultimately, the proof is in production, and I'm very curious to see how it'll be received," Volk said. "The biggest challenge for [System Initiative] is to properly communicate the fundamentally different approach toward DevOps that does away with GitOps and IaC."
Ultimately, all of these startup vendors will also face down a time-honored competitor, Hightower noted in another post on X.
"All these new platforms are great, but they are competing with the most popular platform of all time: the homegrown platform stitched together by the glue of reality," he wrote.
Beth Pariseau, senior news writer for TechTarget Editorial, is an award-winning veteran of IT journalism covering DevOps. Have a tip? Email her or reach out @PariseauTT.