So over the last couple of weeks at work, I’ve been learning to use Terraform (well OpenTofu) to help us manage multiple deployments in Azure and AWS.
The thought being that we can have a single ‘plan’ of what a deployment should look like, and deviations will be spotted / can be alerted on.
I was tempted to try and write a contrived article showing how you could create a VM in AWS (or Azure) using Terraform, but I’m not sure I’ve got anything to add over the 101 other articles on the internet.
Vaguely useful things :
- The tofu configuration is much quicker to write than e.g. trying to talk to AWS using it’s SDK (something I did do about 7-8 years ago)
- You can split the config up into multiple .tf files within your working directory, the tool just merges them all together at run time
- Having auto-complete in an editor is pretty much necessary (in my case, PHPStorm)
- tofu is quite quick to run – it doesn’t take all that long to check the state of the known resources and the config files, which is good; unfortunately Azure often takes sometime to do something on its end…
- I’ve yet to see any point in writing a module to try and encapsulate any of our configuration as I can’t see any need to re-use bits anywhere
I’m not sure how we’re going to go about reconciling our legacy (production) environment with a newer / shiny one built with tofu though.
You can piecemeal import your existing environment into TF to bring it under management.
My recommendation is that you start with a very small number of components, and soon for zero change plans until it is fully inner TF control and you’ve stripped out all the ‘import’ lines (they’re only needed for the first apply to link things up, after that they are noise). You can then make any changes e.g. consistency fixes with a clean git history