Project Bicep: Microsoft muscles in on Terraform's territory to manage Azure resources with code
'We are using the word experimental right now'
Microsoft's Project Bicep, first demoed at the Ignite event last year and still described as "experimental", lets users define a set of Azure resources in code by using a domain-specific language.
On Microsoft's cloud, a Resource Group is a collection of Azure services and the Azure Resource Manager is a management service with an API for creating or deleting resources.
While the Azure portal dashboard is fine for setting up small deployments, deploying to Azure at scale is best done by defining resources in code and handing them to the Resource Manager to create.
The way resources are defined is in ARM (Azure Resource Manager) templates, JSON files that specify the required resources and their configuration. Defining resources as code means that infrastructure configuration can be under version control, copied and redeployed to different regions, and automated as part of a DevOps workflow.
ARM templates are effective but verbose, and authoring them is fiddly and error-prone – though it is possible to export an existing Resource Group as an ARM template. There are also tools to help, such as Visual Studio Code with the ARM Tools extension.
Authoring templates is set to get much easier, thanks to Project Bicep, a new strongly typed language for this purpose. This is accompanied by IntelliSense code completion, which has knowledge not only of language syntax but also of data, like what types of virtual machine are on offer, so when the user types vmSize it pops up a list.
This is great, though knowing valid names is only part of the challenge, and admins will still have to cross-reference the Azure documentation to discover the features and cost of the huge range of options for each type of resource.
Project Bicep is a transpiler. Microsoft has not changed the specification of ARM templates, but instead, the bicep executable will generate the JSON for an ARM template from a Bicep file.
There is also a decompiler, which aims to convert an existing ARM template to Bicep, though when we tried this on a relatively simple resource group exported from the Azure portal, we got errors; a .bicep file was created but with red type and warnings that "the expression is involved in a cycle."
Such errors are understandable since the project is in its early stages. "We are using the word experimental right now," said program manager Alex Frankel, from the Azure Deployment team, in a video about the project. The latest release is 0.2.x (alpha), with the hope that version 0.3, expected soon, will have 1-1 parity with ARM JSON templates. "By this point, we plan to start encouraging more production usage," says the GitHub milestone.
The question of whether it is safe to use in production is nuanced, since the ARM templates Bicep generates are standard, and there is nothing to stop developers from checking and deploying them.
The Bicep language may change so code written now may not work in future. Bicep "is not currently covered by Azure support plans," the documentation noted.
Fancy a flex?
Getting started is a matter of first installing the Bicep compiler – which exists for Linux, Mac, and Windows – and then adding the extension to VS Code, presuming this will be used for authoring. The workflow would then include opening a connection to Azure using the Azure CLI or Azure PowerShell module, and then deploying a compiled ARM template from the command line. There is a handy
-Whatif parameter that can be used with the deployment command, which previews the changes that will be made in Azure if the template is deployed. There are plans to integrate Bicep templates with GitHub Actions and Azure Pipelines, as well as to add Bicep commands to Azure PowerShell.
A brief play with Bicep is convincing: it is easier than typing ARM JSON. But there are other ways to do infrastructure as code for Azure, not least HashiCorp's Terraform. Why bother with Bicep? "There is a huge customer base using ARM templates today because it provides a unique set of capabilities and benefits," said Microsoft in the GitHub documentation. "We wanted to make the experience for those customers first-class as well, in addition to making it easier to start for Azure focused customers who have not yet transitioned to infra-as-code."
One of the issues is what happens when users need to define more advanced infrastructure, perhaps including Kubernetes deployments or other setups that require resources not defined by ARM templates. Microsoft plans to add extensibility points for this.
There are no plans to discontinue ARM templates in JSON format. "ARM Template JSON remains the wire format that will be sent to Azure to carry out a deployment," the docs explained.
The high level of activity on the GitHub project, even at this early stage, is an indication that developers think it will be useful. ®