Reviews (1-16 of 16)
March 31, 2020
Terraform is my team's primary Infrastructure as Code (IaC) application. And while it's not a mandated requirement, it's almost expected that all teams in my organization use Terraform as they build out cloud resources. Using Terraform, we can produce code that can be shared across teams, build common knowledge on best practices for cloud architectures, and build cloud resources quickly.
- Terraform does a great job of making cloud resources available as code. Essentially, it provides building blocks for the resources available in the cloud.
- I use the open source version of Terraform and I appreciate the user experience at the command line. Using the switches available, the CLI lends itself to a flow of formatting and validating code before a plan is developed, reviewed, and applied.
- Managing the state of the resources created with code is tough but Terraform does a good job of this by providing several ways to manage state. My team uses the bucket approach but I have seen teams use object databases and shared files as well. Each approach comes with its pros and cons but at least there are options.
- During the plan phase, I appreciate that Terraform shows the changes that are about to be applied to resources that already exist. This gives engineers insight into the changes they're about to make, particularly if the changes are not what they expected.
- I like Terraforms "desired state" approach to IaC, but sometimes I wish the code was a bit more programmatic. Adding counts and "for_each" statements is nice for creating multiple instances of the same resources. But this approach can be difficult to understand for engineers that come from a programming background. A more expressive approach to looping and other coding styles would be nice.
- A rollback feature would be a welcome addition to Terraform. At the time I'm writing this, when Terraform encounters an error, it stops on the step where the error is encountered and any resources previously created are left in place. While this is desired in most cases, and option for rolling back those resources would provide functionality similar to other IaC tools.
- Regarding plan output, a minimized report would be appreciated. Currently I have wrappers around the "terraform plan" command that limit the output to key changes. It would be great if there were switches that built this into the tool.
Read Michael Jenkins's full review
I think Terraform is well suited for many use cases for Infrastructure as Code:
- For long running resources, having a single source of truth for their desired configuration is handy, since that configuration can drift over time.
- For short running or experimental cases, Terraform code can be used to quickly spin up environments before spinning them down just as quickly.
- If a reference architecture is needed, Terraform code can be used to describe all the resources that make up a stack.
Our AWS environment is defined through Terraform configuration scripts for the entire engineering organization. We manage our AWS environment using Terraform configuration files stored in our GitHub. We format the configuration files, run the plan command to review changes (additions, drops, and changes) when compared to production and then apply the changes if everything looks good!
Read Ronak Shah's full review
I would say Terraform should be used within even a single-user environment as it prevents costly mistakes if you review plan outputs. I would strongly recommend everyone managing their cloud environment to lock up the ability to make changes through the console and only allow changes to be deployed through configuration stored in the files.
January 13, 2020
We in the software engineering department use Terraform management of AWS and Datadog. Terraform allows us to store and set up host configuration, load balancers, Datadog monitors all as code that can be checked into version control. Terraform neatly abstracts away the details of AWS and Datadog and exposes a simple API, so it makes it possible for every single team, even those without much infrastructure experience, to help maintain the infrastructure. It is also a key component in our deployment process.
- Support/integration with many infrastructure providers including AWS, Google Cloud, Datadog, Gitlab, Heroku, SignalFX.
- A neat thing about infrastructure as code is that it solves an age-old problem of infrastructure: knowing the configuration of everything about the network and services is as easy as reading a formatted config file.
- Terraform's integration with different providers hasn't matured yet, so the API keeps changing or is buggy.
- Also, because Terraform is relatively new, documentation/books/blogs are hard to come by, and it's hard to hire DevOps engineers who are familiar with it.
Read this authenticated review
Pretty much anytime your DevOps engineers are managing more than ten machines or when you want multiple teams not focused on DevOps to help own the infrastructure hosting their code. Popular opinion is that Terraform is not very secure, battle-tested, and leaking secrets happen easily on accident. So, Terraform is less ideal when you have to store lots of sensitive secrets that your company is legally required to guard lest it is the end of you. Think Fintech, health-tech.
September 18, 2019
We use Terraform for the creation and management of infrastructure in AWS and VMware. This tool allows users from our application teams to self manage infrastructure as code in their projects. Terraform also does not require our users to learn the of each specific provider. It provide us one uniform way to accomplish infrastructure changes This uniformity allows us to train our technical staff on one common platform. It improves consistency and repeatability because it is an automation engine.
- Deploy infrastructure as code quickly. It is easy to get the environment installed and develop quickly.
- The modular approach of terraform encourages collaboration and consistency. We can share and reuse functionality across our deployments.
- Terraform provides modelling of the relationships between constructs in it. This is accomplished using the terraform graph command.
- The errors generated by the tool in some cases are not detailed enough when debugging.
- Terraform state is key and if corrupted it can't be restored.
- Everything must be converted to a string before it can be compared in version 11.
Read Jeffrey Severance's full review
It works well for provisioning infrastructure. It works well when complimented by a version control system. It is also free and community driven. This leads to a constantly improving environment which fosters innovation within the product. The community makes it easier to find solutions to problems. This is widely used across the market place and by big companies such as Google, and Capital One.
August 19, 2019
Score 7 out of 10
We are using Terraform to manage our entire environment as a code. We're controlling it with VCS (in our case, Github) and performing a good automation process with Puppet and Jenkins. Terraform helps us to achieve that in a quite organized way, structured and reliable. Furthermore, we now have versioning of our environment allowing us to have more control about how things change, how that was performed, and in the case of a mistake, it is quite easy to rollback.
- The Terraform files would be considered as documentation since our entire environment is described there.
- Terraform will manage the state of your environment, that means, if something is not in conformity, it will try to fix keeping as close as possible of the desired state.
- With Terraform, you can manage different cloud environments at the same configuration files. That is really useful when you need to handle with different cloud providers.
- The way Terraform manages variables is a bit annoying. Sometimes we need to declare the same variable in more the one file. So far, this doesn't make sense for me.
- Due to the speed, as new AWS products are released, if we want to work with something new, we need to wait for a new version with this new feature be released.
- As with most DevOps tools, Terraform has its own DSL language and will require time to learn the product for you feel confident in its usage.
Read Erlon Sousa Pinheiro's full review
Two scenarios I can describe Terraform as an amazing option are when you have a complex (or not) cloud environment which needs to be deployed and destroyed frequently in different regions. Using Terraform you can do that using just one command line. You'll spend some time designing the config files, but you'll save a huge amount of time every time you need to deploy this same environment. Furthermore, you can create those scripts parametrized, in a way that you can give a few parameters allowing some flexibility. The second case is when you have the same environment in different cloud providers. You can manage them using just one resource.
Terraform is being used as infrastructure as code solution. We deploy it to all of our environments as part of the code that is deployed. This allows the developers to own the infrastructure, and changes can be made to our servers quickly and reproducibly. Since Terraform is an open source tool, we also get community support and don't need to maintain it ourselves.
- Repeatable deployments between environments.
- Changes to environments can be seen before making real changes.
- It integrates well with each of our providers.
- Terraform could be expanded to provide common programming functionality.
- Sometimes the documentation isn't completely clear on what fields mean or do.
- It would be nice to have rollback capability.
Read David Tanner's full review
Terraform is well suited to setting up infrastructure in different cloud providers. I have used it for AWS resources for several years, and really only run into minor snags. It is not an appropriate place to store sensitive values, but it can easily call out to system resources, like Node.JS or a Linux shell.
August 08, 2019
Terraform is currently being used to provision our resources in the cloud. This is by far the best way to achieve full automation when migrating to the cloud and is great a working with AWS.
- AWS Resource Provisioning: Terraform is great at provisioning resources within AWS. Sometimes, there are some tricky bits when it interacts with the AWS API, but those are typically API limitations with AWS and not reflective of Terraform's abilities.
- State: Since using Terraform, I have not had any issue managing resource state using Terraform. It's a little tricky to set up remote state, but once implemented it's smooth sailing from then on in my experience.
- Extensibility: Terraform has really been written as a gateway to bigger and better things. It's so easy to extend terraform with your own modules, to submit PRs with new functionality, and it integrates well with other tooling.
- Upgrades: It's really hard to do major upgrades of terraform without breaking something. The upgrade from 11 to 12 has been pretty brutal.
- Setting up remote state: Despite pretty good documentation, setting up remote state initially is pretty tricky and in my experience required a little of the "you have to run it this way once, then create this thing, then run it again" kind of workflows which are always a little painful
Read this authenticated review
Terraform is well suited for provisioning any kind of system in my opinion. You can use it for cloud resources, but you can also use it for on-prem stuff as well (though the latter may be a little more difficult).
January 30, 2019
Terraform is used to automate resource deployment in AWS using scripts. It is used by entire IT to deploy systems in AWS. The automation has saved hundreds of thousands of dollars in time and money. Since there is no manual deployment, there are no errors during deployments and developers can deploy in production since everything is defined in scripts.
- Terraform is a premier IAAS tool.
- It provides modularization and planning features.
- It is platform and language agnostic.
- It is open source and thus has strong community support.
- Terraform is vulnerable when it comes to error handling.
- Often when a terraform job is terminated midway, it leads to an inconsistent state of the deployed resources which needs manual cleanup.
- Terraform is an open source tool and has a related learning curve.
Read Dhruba Jyoti Nag's full review
Terraform is more versatile when compared to cloud formation. It is cloud-agnostic, so unlike cloud formation, it is able to deploy resources in cloud ecosystems other than AWS. The code can be modularized, hence there is ample scope of reuse. It can also be used to deploy apps written in various languages. In short, it makes deployment to cloud a breeze.
December 18, 2018
Terraform is the cloud configuration management tool that is used to bring SaaS product configurations into text (and version control). By bringing the configurations into text and version control, stricter change management and review procedures can be used. Terraform has a large number of providers (services that Terraform can connect with), including AWS, GCP, Microsoft Azure, etc.
- Multiple providers that allow for configuration of multiple services in the same codeset
- Great community support
- Excellent open source support
- Extremely expensive enterprise services that can be essential for less technical companies
- Large overhead and learning curve for initial deployment
- Maintenance overhead can be high, product is constantly changing and requires significant management
Read Stephen Groat's full review
Terraform is best in cloud environments where configuration management is critical and providers (services) have Terraform support. When different services interact with each other, the consolidation of configurations in a single repository can help version control and debug potential issues due to the interaction of these distinct services. The overhead and management of Terraform doesn't always pay off when only a single provider is used. In those cases, sometimes the speed and ease of use for web GUIs is better.
It's a great IaC to develop your private/public cloud environment. It almost covers major devops tools and other provisioners which help to plan the complete pipeline in one framework. It's lightweight and easy to start the basic blocks and integrate. Features like backend and iterations are great options to maximize the scale of infrastructure.
Read Murugan Mani's full review
- Terraform is a well contributed open source project but support is average
- Coverage of various tools is great where only important functionalities were covered like in Chef
- It provides the automation from various pieces but running the same from scripts/other external inputs would be great
- Interpolations are supported but not well enough
- Secret management is poor and needs support on special characters
January 16, 2017
We are currently using Terraform in some early development projects and looking at it as a possible replacement for Amazon Cloud Formation. So far, this is experimental and not production. We are provisioning virtual infrastructure in AWS - i.e., we are not using any of the cross-provider facilities. That said, avoiding vendor lock-in is an appealing benefit of Terraform.
- I find the HashiCorp Configuration Language (HCL) superior to raw JSON used by Cloud Formation.
- Being open-source is a plus not just for "philosophical" reasons, but it also provide rapid support when new products are announced from vendors like Amazon.
- The fact that it's free and open-source means that it's easy to start evaluating Terraform (and most of the other tools from HashiCorp) without being pressured by sales people.
- Until recently, there haven't been any books about Terraform. Although the online documentation for Terraform is pretty good, it's often nice to have a traditional book, especially when learning. Now, there are two books on the subject.
- Terraform is rapidly evolving. Part of that is the nature of the space - vendors are always coming up with new offerings and API. But, some days I wish the targets would stop moving for a bit.
Read Charles Anderson's full review
Terraform is a great tool for building virtual infrastructures in clouds like Amazon and Google. If you are building a heterogenous infrastructure spanning multiple vendors, I don't know of any other single tool that can do that. Even in the case where you're just building AWS infrastructure, I prefer the HCL syntax of Terraform, and I dislike getting roped into using some of the Amazon tools.
April 26, 2017
We use Terraform for our clients to implement Infrastructure as Code. Our clients are typically seeking our services to get up to speed on DevOps strategies and culture. We almost always recommend Terraform for cloud infrastructure orchestration especially since Terraform supports various cloud providers and has rich constructs for modularity and reusability.
- Great implementation of Infrastructure as Code concept.
- Supports various cloud providers, including AWS, Azure and OpenStack
- Encourages good design practices
- Collaboration is made possible by using remote backend to store state files (such as S3)
- Product is still maturing and there are some design limitation
- Refactoring infrastructure code can sometimes become troublesome and unnecessarily require re-creating resources (such as when renaming resources)
- Collaboration requires proper training or could result in dangerous outcome, engineers may easily overwrite remote state file or step on each other's toes. Collaboration process needs some improvement.
Read Aiman Najjar's full review
Infrastructure as Code: Best suited for cloud infrastructure but could work for data center infrastructure. Terraform is good for orchestrating infrastructure, not "configuring" it, e.g. even though you can use cloud-init to provision and install packages. For advanced configuration management, you will probably need a tool like Chef or Puppet
The entire Under Armour Connected Fitness business unit leverages terraform to treat our infrastructure as code - with a UI wrapped on top of it to give federated access to all our developers.
- Configuration as Code in a modular reusable manner.
- The plan apply life cycle is the best, it gives structure to what can sometimes be a scary process of modifying your infrastructure - even after it has aged or hasn't been touched in years.
- Integrating with many outside services and providers keeps us from having to hack things together.
- Integration with Hashicorp's Vault for secret management and temporary credentials makes giving out access a breeze.
- It's a command-line tool and as such, some users in our organization are not comfortable with that. We ended up wrapping the tool with a UI to give the less skilled users access as well as layering on top a templating system to abstract away best practices and make things far simpler to configure.
Read Kyle Rockman's full review
Our experience switching from Salt Stack to Terraform has been so beneficial and the uptake has been far stronger by our users than it ever was with Salt Stack. I still think Terraform could do with a usability pass to reduce the learning curve and a UX pass to facilitate use by those who do not like command-line tools.
Terraform is being used by our DevOps team to manage mainly our AWS infrastructure as code. It enables us to collaborate, automate and share pieces of our cloud infrastructure amongst and across teams. Terraform enables us to maintain reproducible, shareable and version-controlled infrastructure and deployments as compared to the older methodology of owning and configuring machines by hand.
- Ability to "plan" and "apply" configs. Plans show us what changes will take place - so it's like a no-op safe mode dry-run. Apply actually executes the changes.
- Terraform has providers for most major infrastructure providers like AWS, VMWare, OpenStack
- Ability to use the same code/configs to provision different environments - QA, staging and production
- Ability to create modules and share them between services
- Terraform uses it's own DSL called the Hashicorp Configuration Language which takes some getting used to.
- Terraform state files store secrets in plain text which is a bad idea when you push it to version-control.
- Multiple teammates working simultaneously on a single state file is a problem. It's easy to forget to push or pull the latest state. Also version control systems like Git don't have a way of locking a file.
Read Deepshikha Gandhi's full review
If you have environments that change a lot and you need ephemeral systems on the fly to test your code releases, Terraform is the tool for you. Maintaining different environments like staging and QA before releasing to production is also easy as you can use the same code and configs for all three. Terraform also makes it easy to destroy these environments when they become obsolete.
Currently we are using terraform in our department. We are using to implement AWS stack creation with Terraform. It's easy to use compared to CFT. We are developing infrastructure with Terraform and currently deploying into AWS. In future if we want to use a different cloud it's easy to reuse this.
Read SHASHIDHAR REDDY MALLEPALLY's full review
It's well suited if you are targeting to multi-cloud deployment. Terraform manages state via a json file. This file serves as the source of truth about what the actual environment contains. However, the problem is the inability of Terraform to uniquely identify resources that it creates.
April 12, 2017
Terraform is used by our monitoring team and I used Terraform to architect it to connect to OpenStack and spin up VMs for monitoring. The monitoring team uses it for installing/configuring monitoring software. Again Terraform's script has everything to stage the VM, connect to Chef and install/configure all the required software. Terraform addresses our on-demand provisioning issue, which in turn helps in IT flexibility to cope with business demands.
- It helps make VM provisioning easier.
- It helps integrate CICD software pipeline to provisioning, thereby reducing the time to quickly standup a server/service.
- It helps make clustering of boxes easier.
- Provisioning bare metal.
- Replacing Chef as the automation/compliance software for enterprises.
- Get away from that single state file dependency. If someone accidently deletes the state file or that file becomes corrupt, the entire environment state is lost and we have to rebuild the whole infrastructure.
Read this authenticated review
Terraform Scorecard Summary
Terraform enables you to create, change, and improve production infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
Categories: Configuration Management
Terraform Technical Details