this post was submitted on 26 Mar 2025
67 points (95.9% liked)

Programming

19770 readers
65 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]

founded 2 years ago
MODERATORS
snowe
Ategon
[email protected]
67
OpenTofu becomes the real deal (www.infoworld.com)
submitted 1 month ago by ruffsl to c/programming
35 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 39 points 1 month ago* (last edited 1 month ago) (3 children)

Terraform is part of a movement called "Infrastructure as Code" (IaC) which allows engineers to define their cloud infrastructure using code.

This is extremely useful as it allows you to:

  • version infrastructure changes

  • automate resource and configuration creation and management

  • have reproducible environments (think production and staging envs, or deploying a new production env to another datacenter)

Terraform (and OpenTofu) is different to most IaC project as it is agnostic of cloud providers: you can use it to deploy infrastructure to multiple providers, where their competitors are limited to their own platform (I think of AWS's Cloud Development Kit)

[–] Feyd 4 points 1 month ago* (last edited 1 month ago) (1 children)

In my experience with AWS, you run into issues using terraform that CDK just doesn't have. I'd rather have a different reliable system for each cloud environment than one system that is suboptimal for each environment. Since the providers are different, you don't really have anything in common besides using HCL as the language anyway.

[–] ScoreDivision 1 points 1 month ago (1 children)

Out of curiosity, what kind of issues have you faced? I work with aws in gov and terraform is used for everything, I've not encountered any issues as of yet.

[–] Feyd 1 points 1 month ago

The one that comes to mind is changing the security group for lambdas from an auto generated one (unspecified in terraform) to a specified one. It had some kind of chicken/egg situation so I ended up having to run two change sets - one to have both security groups set then another to remove the extra. Had to do the same thing in cdk and it just worked. There have been other similar things where everything is fine until you hit some edge case and then you're just wasting time and money doing acrobatics to work around the quirks (that don't exist in cdk).

I'm not in the devops group and they're attached to TF for some reason so I don't get a say in what we use, but I am the "everything is busted call in anyone that can help" guy so I end up dealing with the problems lol

[–] Mniot 3 points 1 month ago

it is agnostic of cloud providers: you can use it to deploy infrastructure to multiple providers

Nicely put. I frequently see the first part of this sentence and not the second. (Maybe I only pay attention to the first part and then disappoint myself...)

Terraform/Tofu allow me to use the same basic syntax and to have one project that controls AWS/GCP/K8s/my home servers, but I cannot use it to describe "a running server process" and just deploy that on any of those places. Instead I'd need to have like aws_beanstalk_service { ... } and gcp_application { ... } and kubernetes_manifest { ... } and systemd_service { ... } and the contents of those blocks would be totally different (and I'd need a bunch of different ancillary blocks for each of those).

[–] [email protected] 2 points 1 month ago

Thanks for the detailed comment!