freshidea - Fotolia


AWS CloudFormation and OpsWorks -- Better together?

CloudFormation and OpsWorks seem similar but have different advantages and use cases. Which tool to choose depends on development skills and needs.

If you're considering CloudFormation or OpsWorks for your AWS environment, you may not be alone. The tools work...

hand-in-hand but offer very different benefits. By gaining a better understanding of both tools, developers can determine if AWS CloudFormation or OpsWorks is a better fit, or if you need both.

Amazon Web Services (AWS) CloudFormation is a tool for reliable and repeatable stack development and delivery. The service turns virtual private clouds (VPCs), network infrastructures and security group configurations into code.

"The benefits of CloudFormation are clear," said Ernest Mueller, a blogger for The Agile Admin. Developers can learn it in an afternoon, and it allows visibility into stacks, so mistakes become immediately obvious.

"Don't just launch a server, launch a CloudFormation stack," Mueller said. "Even if you're not ready to utilize all the features, it's the right way to begin."

AWS consulting partner NorCloud uses CloudFormation regularly, often for self-service. CloudFormation enables the company to enforce compliance on features such as tagging, server placement and OS versions, said Ilja Summala, CTO at the Helsinki, Finland-based company. The tool also enables developers to build directly from inside a continuous integration tool.

Foghorn Consulting, a consulting company and AWS partner based in Mountain View, Calif., uses CloudFormation to deliver an entire VPC infrastructure.

"This infrastructure-as-code can always be reproduced by simply rebuilding the stack, and can be versioned just like source code," said Peter Roosakas, Foghorn co-founder.

Companies can also use CloudFormation to create different stacks that are then combined into subgroups to create an environment that interacts together, said Goran Kimovski, chief solution architect at TriNimbus, a cloud management provider based in Vancouver, B.C. 

AWS CloudFormation tricks and shortcuts

If you're just getting started with AWS but want to get a feel for CloudFormation, set autoscaling to a minimum and maximum of one server, Agile Admin blogger Mueller suggested. If there's a crash, you have autorecovery for that one server.

Some AWS developers find it difficult to write for CloudFormation. NorCloud's Summala suggests using troposphere, a Python library that creates valid Javascript Object Notation (JSON) for CloudFormation and supports commenting. While troposphere is easier to wrap and reuse than CloudFormation, it's best for large projects and companies with programmers on staff.

Foghorn's Roosakos echoed the challenges of working in JSON. Debugging can be frustrating, but once the templates are tested and debugged, "they can be used by virtually anyone who can use a mouse," he added.

CloudFormation allows developers to find existing templates and 'steal' them, without having to reinvent the wheel, blogger Mueller added. The tool also makes it easy to arrange firewalls because it's easy to see what has access to what, which can get confusing with VPC.

For do-it-yourself options, developers can create what they need via CloudFormation's User Data feature, Roosakos said.

But CloudFormation isn't always the right choice; it isn't as valuable for maintaining an environment. While you can use it to update packages or operating systems, that's not recommended. CloudFormation isn't an application deployment or operations tool. That's where OpsWorks comes into play.

Managing app layers with OpsWorks

AWS OpsWorks deploys and manages applications in layers. "It's useful to think of OpsWorks as a managed Chef server," said TriNimbus' Kimovski. OpsWorks and its preconfigured templates manage server configurations and application deployments; this gives developers the ability to go into environments.

Consulting firm Foghorn uses OpsWorks to build continuous deployment pipelines and manage scalable server farms. The AWS partner creates and automates server configurations, updates and application deployments complete with code.

"Our customers can avoid depending on tribal knowledge and individuals who 'know everything,' and instead build these capabilities that are reliable, scalable and self-documenting," Roosakos said.

OpsWorks tricks and shortcuts

OpsWorks, especially when used in tandem with CloudFormation, provides a model that everyone understands, Mueller said. It's a great foundation tool for a DevOps environment.

"You can share documentation and -- more than just communicating -- you can automate to keep on top of things," he said. "This is a way you can write code that's 100% correct and not just document it, but be able to make changes in a careful, reasonable and testable manner."

Relying on the community and using default Chef recipes to jumpstart your configuration management capabilities is also helpful, Foghorn's Roosakos advises. He recommends using a master server to keep track of OpsWorks templates.

But even with default templates, almost all stacks require some amount of modification. So, developers should be able to understand and write Chef recipes -- or seek help from a third party.

Next Steps

How OpsWorks automates AWS security

Pros and cons of developing with OpsWorks

AWS CloudFormation can alleviate deployment woes

AWS OpsWorks: Should you buy it today?

Dig Deeper on AWS tools for development