DevOps revolutionized how we managed servers, and HashiCorp’s Terraform promises to do the same for multicloud installations.
Remember how you used to run servers? Tweaking settings by hand, writing shell scripts and making a home in the server room? Then along came DevOps programs such as Ansible, Chef and Puppet, and sysadmin life became much easier. More recently we’ve started using not just a single public cloud, but multiple clouds (multicloud). And, whoops, while managing a single cloud is work, it’s not that much trouble, but managing multicloud… that’s another story. But, now years in the making HashiCorp’s open-source Terraform 1.0, is finally out, and it’s brought DevOps’ infrastructure-as-code approach to clouds.
Indeed, even before this, while it hasn’t become the de facto standard in provisioning automation and providing workflows for multiclouds that Kubernetes has become for orchestrating containers, it’s not that far from it either.
It wasn’t always that way. As HashiCorp co-founder Mitchell Hashimoto put it, “The initial versions of Terraform were actually really bad. But the idea was solid in our opinion.”
Hashimoto was right. Today, Terraform is downloaded tens of millions of times every year. Since its birth, it’s been downloaded over 100 million times. Behind it stands not just HashiCorp, but a growing ecosystem of 100 technology partners. More than 1,000 providers have created 5,000 modules in the Terraform Registry. These modules can be used to more easily manage diverse pieces of cloud and on-premises infrastructure.
The idea behind it is the familiar DevOps one of using configuration files to describe the components needed to run applications on servers. The difference between it and the conventional DevOps tools is that Terraform was designed from the get-go to coordinate across different platforms. It works at a higher level of abstraction than DevOps programs such as Saltstack. These configuration management tools install and manage software on servers. Terraform is not a server configuration management tool. Instead, it focuses on the data center and cloud and their associated services.
To do this, Terraform uses HashiCorp Configuration Language. This is a declarative language. It describes an intended goal rather than the steps to reach that goal.
What does this mean in practice? Say you’re building a two-tier architecture application, that uses a pool of web servers as its front end with a database tier back end. To do this, you’ll add tiers for API servers, caching servers, routing meshes and so on. In Terraform you can describe each of these tiers as a collection of resources. Terraform makes sure the dependencies between each tier are handled automatically. For example, Terraform ensures the database tier is available before the web servers are started and that the load balancers are aware of the web nodes. Each tier can then be scaled easily using Terraform by modifying a single count configuration value. With resource configuration codified and automated, scaling with load becomes literally a no-brainer. Terraform runs it, you sleep in instead of logging in at 2 a.m. because of an unexpected spike in traffic.
SEE: AWS Lambda, a serverless computing framework: A cheat sheet (free PDF) (TechRepublic)
Once the Terraform program is in place, Terraform generates an execution plan. This describes what needs to be done to reach the desired state and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans that can be applied.
Even though this is a “1.0” release, Terraform has been used in production for five years now. You can use it with confidence.
In this new release, HashiCorp has improved Terraform’s scalability, ecosystem interoperability and stability. In addition, Terraform Cloud adds enhancements to the Terraform Cloud workflow. These include the ability to publish curated modules to a private registry, enhancements to workspace management and a preview of the ability to check with third-party tools related to a Terraform run.
Its new features include:
- Public Registry to Private Registry Publisher Workflow—Terraform Cloud and Enterprise offer capabilities to compose, collaborate and reuse infrastructure as code using modules and the public and private registry options. The public registry has over 5,000 community modules, and Terraform Cloud now offers a native workflow to publish modules from the public registry directly into an organization’s private registry.
- Workspace Management, Overview and Insights—Standardization and inspection is a primary goal for IT operations teams as they oversee a self-service provisioning model in their organizations. With Terraform Cloud, users can more easily visualize workspaces, resources managed, outputs and details of Runs with the new Workspace Overview and enhanced run details.
- Terraform Run Checks for third-party Integrations —Terraform Cloud now has the ability for partners to integrate into the Terraform workflow during a run and provide additional context to check against the Terraform plan. Today, Terraform Cloud has executed 1.6 million Sentinel, HashiCorp’s policy-as-code framework, policy checks. This capability will deliver many more options for Terraform Cloud Orgs to enforce security, compliance and cost management best practices. This will be available in public beta during summer 2021.
You can use Terraform for over 125 integrations from more than 100 technology partners. These include Cisco, Splunk, Datadog, PagerDuty, ServiceNow, CircleCI, GitHub, Cloudflare, NewRelic, Grafana Labs, GitLab, Okta, Racher and MongoDB. Terraform is also available from most of the major public clouds: AWS, Azure, GCP, Oracle, Alibaba Cloud and VMware. In other words, it will work hand-in-glove with many of the programs you already use and on the clouds, you’re already running on.
Armon Dadgar, HashiCorp’s co-founder and CTO, claims “Terraform has emerged as the lingua franca for infrastructure automation, delivering a best-in-class experience for users. This milestone release includes major enhancements focused on many fronts, which will deliver stability, scalability and interoperability guarantees to Terraform users. With the Terraform 1.0 release, they can feel confident about standardizing on this release for years to come, while also knowing we will continue to add exciting new innovations.”
With the commercial version Terraform Enterprise in use by over 1,200 enterprises, and more than 120,000 people using Terraform Cloud per day, Dadgar isn’t just blowing smoke. The Terraform family of users includes top companies across the business world such as Comcast, GitHub, H&R Block, Humana, KPMG, PayPal, Pinterest and Samsung. In short, Terraform has shown itself to be enterprise-ready and capable. It may be just what your business needs as well.
Give Terraform a try. I think many of you will like it.