The Rise of ClickOps
I periodically say there are four stages of managing cloud infrastructure. The first stage is “clicking around in the web console.” We’ve all done this, and it requires no explanation. The second stage is using either CloudFormation or Terraform. These are relatively established mechanisms of configuring your environment. The third stage is using existing programming languages to control your infrastructure via the CDK. And the fourth and final stage is “clicking around in the web console, then lying about it.”
I call it “ClickOps.”
This is a joke, right?
I assure you that I’m being quite sincere here, and there’s a lot of prior art to reference. The interface for standing up a web server was once a bunch of compiler flags to gcc; over time it evolved a bunch of times and today it’s “clicking a checkbox in the S3 console.” (Yes, and then dismissing 40 screaming warnings that pop up because there’s no reaction quite like an AWS overreaction.) If you’re reading this post via email or on the Last Week in AWS website, I’m going to bet you’re not doing it via mutt or w3m respectively; you clicked something in a GUI, or tapped your mobile device’s screen to read these words. If I’m wrong on that and you are in fact reading this on a command line reader, it’s imperative that you not email me about it, Captain EdgeCase.
The thing that I can’t abide is when something is managed via code or configuration in some form, and then a change in a GUI either breaks things or otherwise leads to a divergence in how the system is managed. Nagios (an ancient monitoring system) originally would let you disable, acknowledge, or trigger alerts from the GUI — but as soon as the service was restarted on the system, any GUI changes would be discarded like the last remnants of a dream evaporating upon awakening.
Only slightly better were systems like Puppet or SaltStack; if something was managed via them and a human altered it, these systems would upon next run revert whatever the human had changed. “Fighting with computers” never felt more real than it did in those moments.
Okay, what about cloud?
It was depressingly recently that CloudFormation launched drift detection. Prior to this, if a human changed a CloudFormation provisioned resource, any attempt to update or adjust the resource via CloudFormation would fail with an error. This did indeed mean that if you clicked a button in the console, you could break your team’s ability to manage the environment programmatically. Somehow, this was okay with some people!
I’m sorry, but no. Computers inherently simplify over time and I refuse to believe that YAML is somehow the final form of configuration elegance. Think about this for a second; would you rather have fourteen to thirty lines of whitespace sensitive text to launch another EC2 instance, or would you prefer to click a button marked “launch more like this?”
“Well hang on,” you might reasonably object. “There is value to having that EC2 instance represented as YAML/JSON/code. I can work with it in ways I can’t with imperative commands like button clicks.” You would be correct! That’s why the right answer here is to let the user click the button, but then represent the results of that button click in code. We’re largely not there yet as a culture.
What is the ClickOps future?
I envision a world in which I can set things up in the AWS console (or really, any cloud vendor’s) via the magic of clicking things. The provider captures what I set up and renders it into code or configuration somewhere, similar to the way that the Console Recorder browser extension does. The provider becomes aware of what has been provisioned previously (and how!), then automatically generates diffs in the correct repository, or updates its CloudFormation/Terraform/CDK expression of the environment as it exists at the current moment.
Suddenly, “using the console” stops being a shameful thing, and instead is simply a really good IDE strictly for the cloud provider’s infrastructure. It makes using the cloud far more accessible, makes it way harder for users to inadvertently break things, and perhaps most notably of all, reduces the obnoxious amount of gatekeeping in our industry.
Welcome to the future. Welcome to ClickOps.