patternterraformMinor
Cloud agnostic infrastructure automation better than terraform?
Viewed 0 times
thanautomationcloudbetterinfrastructureagnosticterraform
Problem
Are there any infrastructure automation technologies which do a better job at being portable than terraform?
We heavily leverage terraform as it is a cloud-agnostic technology (vs, say, ARM templates in azure, or cloud formation in AWS).
I was very depressed a year ago when we deployed an app from azure to AWS to see that a basic scale-set + load balancer basically required a complete rewrite between Azure and AWS though. Having used ansible equivalents, the same seems to be true there. Both basically use cloud-specific extensions to create cloud resources meaning that, while you understand the tool still, any project you code has to be re-coded for deployment in a new cloud.
I understand that a generic tool would have to understand numerous differences like:
I'm surprised there aren't any companies or OSS projects trying to simplify/automate the translations here with a higher level DSL or something though. So, I'm thinking I might be missing something.
Note: We are heavy kubernetes users, so I do understand that kubernetes mitigates most of these issues once you've brought up a cluster (and if you have ported all your apps to it).
We heavily leverage terraform as it is a cloud-agnostic technology (vs, say, ARM templates in azure, or cloud formation in AWS).
I was very depressed a year ago when we deployed an app from azure to AWS to see that a basic scale-set + load balancer basically required a complete rewrite between Azure and AWS though. Having used ansible equivalents, the same seems to be true there. Both basically use cloud-specific extensions to create cloud resources meaning that, while you understand the tool still, any project you code has to be re-coded for deployment in a new cloud.
I understand that a generic tool would have to understand numerous differences like:
- Azure uses resource groups to encapsulate all resources.
- AWS has security groups to define network boundaries.
- AWS load balancers require separate target groups/listeners vs Azure's simpler backend pool concept.
- IAM differences, and so on.
I'm surprised there aren't any companies or OSS projects trying to simplify/automate the translations here with a higher level DSL or something though. So, I'm thinking I might be missing something.
Note: We are heavy kubernetes users, so I do understand that kubernetes mitigates most of these issues once you've brought up a cluster (and if you have ported all your apps to it).
Solution
There are no "agnostic" products due to the dramatic differences of the design of the Cloud Services provided by different companies.
My best recommendation is to write your code to support the different cloud providers. Whether you choose Ansible or Terraform this can be done with Ansible Roles or Terraform Modules that are specific to the cloud provider. Just the same as you would write Ansible roles specific to Operating Systems or different scenarios.
My best recommendation is to write your code to support the different cloud providers. Whether you choose Ansible or Terraform this can be done with Ansible Roles or Terraform Modules that are specific to the cloud provider. Just the same as you would write Ansible roles specific to Operating Systems or different scenarios.
Context
StackExchange DevOps Q#10826, answer score: 3
Revisions (0)
No revisions yet.