Programming

19285 readers

89 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Follow the programming.dev instance rules
Keep content related to programming in some way
If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]

founded 2 years ago

MODERATORS

snowe

Ategon

[email protected]

OpenTofu becomes the real deal (www.infoworld.com)

submitted 6 days ago by ruffsl to c/programming

34 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 38 points 6 days ago* (last edited 6 days ago) (3 children)

Terraform is part of a movement called "Infrastructure as Code" (IaC) which allows engineers to define their cloud infrastructure using code.

This is extremely useful as it allows you to:

version infrastructure changes
automate resource and configuration creation and management
have reproducible environments (think production and staging envs, or deploying a new production env to another datacenter)

Terraform (and OpenTofu) is different to most IaC project as it is agnostic of cloud providers: you can use it to deploy infrastructure to multiple providers, where their competitors are limited to their own platform (I think of AWS's Cloud Development Kit)

[–] Feyd 4 points 6 days ago* (last edited 6 days ago) (1 children)

In my experience with AWS, you run into issues using terraform that CDK just doesn't have. I'd rather have a different reliable system for each cloud environment than one system that is suboptimal for each environment. Since the providers are different, you don't really have anything in common besides using HCL as the language anyway.

[–] ScoreDivision 1 points 6 days ago (1 children)

Out of curiosity, what kind of issues have you faced? I work with aws in gov and terraform is used for everything, I've not encountered any issues as of yet.

[–] Feyd 1 points 5 days ago

The one that comes to mind is changing the security group for lambdas from an auto generated one (unspecified in terraform) to a specified one. It had some kind of chicken/egg situation so I ended up having to run two change sets - one to have both security groups set then another to remove the extra. Had to do the same thing in cdk and it just worked. There have been other similar things where everything is fine until you hit some edge case and then you're just wasting time and money doing acrobatics to work around the quirks (that don't exist in cdk).

I'm not in the devops group and they're attached to TF for some reason so I don't get a say in what we use, but I am the "everything is busted call in anyone that can help" guy so I end up dealing with the problems lol

[–] Mniot 3 points 6 days ago

it is agnostic of cloud providers: you can use it to deploy infrastructure to multiple providers

Nicely put. I frequently see the first part of this sentence and not the second. (Maybe I only pay attention to the first part and then disappoint myself...)

Terraform/Tofu allow me to use the same basic syntax and to have one project that controls AWS/GCP/K8s/my home servers, but I cannot use it to describe "a running server process" and just deploy that on any of those places. Instead I'd need to have like aws_beanstalk_service { ... } and gcp_application { ... } and kubernetes_manifest { ... } and systemd_service { ... } and the contents of those blocks would be totally different (and I'd need a bunch of different ancillary blocks for each of those).

[–] [email protected] 2 points 6 days ago

Thanks for the detailed comment!