If you were talking to someone whose organization is considering HashiCorp Terraform, what would you say?
How would you rate it and why? Any other tips or advice?
1. Be ready for the steep learning curve.
2. Use best practices in Terraform - try to keep Terraform and provider versions always updated, use modules, use remote state, use state locking.
3. Use only one method of managing infrastructure - don't mix manual and automated way (Terraform) at least for the same piece of the infrastructure.
4. Use CI/CD pipelines for Terraform.
5. Keep Terraform code in VCS.
I would advise others to understand the state backend and how Terraform works. They should also go through functions as well as expressions in the Terraform official documentation. I would rate HashiCorp Terraform an eight out of ten.
HashiCorp Terraform is a great product and I think anyone working with infrastructure should have it. On a scale of one to ten I guess I would give HashiCorp Terraform a nine.
Rather than doing a monolithic Terraform for the whole infrastructure, it would be good for the script to be reusable. Use the base level script that every infrastructure would need. Generating a local IP network and then creating two instances or creating some databases and other basic scripts that all the infrastructure would need should be a base level script. Then add on your base level script with the add-on scripts on top of the base script to create infrastructure that is specific to clients. You can reuse the script, the same base group for many other purposes as well. Before using Terraform, for auditing, creating machines, etc, we would either rely on AWS infrastructure itself or documents that had infrastructure-related data. Using Terraform, a lot of this data was captured automatically since it's a YAML script. It could be easily exported as a document or Excel file as well. Documentation and infrastructure was much easier to maintain than doing it otherwise. I would rate Terraform an eight out of ten.
Provided your environment requires Terraform and/or you have skilled engineers who can perform the required maintenance, I would definitely recommend this solution. Terraform is not justified for use just anywhere; you need to have an experienced team to limit any issues. You need to have a certain level of training to consume the services in their DevOps Toolbox and then use them properly. I definitely support and recommend Terraform, but what you get out of it depends on the business environment as well as the team members' knowledge in Terraform. On a scale from one to ten, I would give this solution a rating of seven; strictly because I was uncomfortable using the ARM template earlier. After another six months, I am sure I will give it a rating of 10, but at this point in time in my experience, I say seven, but not because of the tool itself.
My advice to someone considering this solution would be to work with the HashiCorp Best Practices of Terraform, work with Terraform modules, and write templates for everything. I would rate Terraform a nine out of ten.
What do you like most about HashiCorp Terraform?
Thanks for sharing your thoughts with the community!