Hashicorp’s Terraform: The Benefits of Infrastructure as Code

AUG 12, 2019

By John Wellen, Trace3 Principal Engineer


There are many benefits of deploying an Infrastructure as Code Platform with Hashicorp’s Terraform Infrastructure as Code Solution.  These benefits can be categorized into the areas of Collaboration, Automation, and Scale.  Terraform is an excellent tool to utilize in your organizations cloud deployments for quickly deploying standard cloud infrastructure in a standardized manner.

First, Terraform offers superb collaboration advantages.  While it is easy for individual developers to leverage the tool and build code from scratch or templates, best practice is to standardize your code and some point and maintain code repositories to store your standard Infrastructure as Code scripts.  This helps to encourage sharing knowledge between groups.  One group may be deploying Cloud VPCs, networks, and security contructs while another group may become proficient at deploying cloud compute and platform services.  The best practice of each area can be shared easily by hosting your code in a repository such as Github and also conducting knowledge-sharing sessions to detail what worked and what did not.  Organizations may also find that certain groups may proceed more quickly on terraform than others.  In this case, the early adopters may quickly pickup modules, variables, looping, conditional statements and other great features.  They can share these practices easily with laggard groups and assist them in bringing their code up to more modern versions.

As mentioned earlier, it is very easy to experiment with Terraform code.  There is a wealth of information on the Terraform website (www.terraform.io) and since the platform has been around for a few years there are mature versions in place and many developers and scripters publish practices on the internet.  It is easily to find templates to get started, so as they say “Fail early!  Fail often!” when it comes to Terraform.  Really the best way to gain knowledge on terraform is through personal trial and error by testing, deploying, and destroying.

Second, the bread and butter of the Terraform platform is Automation.  It automates deployment and configuration of cloud platforms and reduces provisioning of resources from hours and days down to minutes.  Terraform is extremely proficient at automating deployment of compute, network and storage.  This was one of the initial use cases I started with on Terraform: deploying an instance.  It’s also quite easy to provision your VPCs, VNETs, Subnets and Security groups using the platform as well as your storage buckets and volumes.  These are proven use cases that have been done hundreds of times with lots of reference code available.  As Terraform has matured over time, the providers issued by Hashicorp keep up with the evolution of services.  Therefore, not only are instances easy to create but platforms are as well such as hosted database (AWS RDS), containers, and app services can also be provisioned.  There are a lot of provisioning and automation capabilities in place today across multiple platforms.

Terraform also reduces your time to provision.  Organizations get used to click-ops methods of provisioning infrastructure which is often error prone and can take days to weeks for provisioning of Networks and Subnets.  Terraform helps automate this and reduces provisioning times to minutes.  Similarly, for cloud instances; if you are utilizing templates it’s quick and easy to provision multiple hardened instances in a standardized way.  This makes cloud green field deployments and migrations very speedy and efficient.

Another interesting area of automation is Policy as code.  Terraform allows the developer to deploy policy as code.  This includes Service control policies, security groups, and firewall rules in AWS; Azure policies and network security groups; and GCP firewalls and organizational policies.  Hashicorp is also constantly adjusting their providers to include newly added policies and adapt as more services are added over time.

Last, a great benefit of terraform is the scale which it helps organizations achieve.  Terraform is extensible to almost 90 different platforms with changes being made every day.  Terraform has providers for AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud, and VMware private cloud.  It also will interact Docker, Datadog, F5, Nutanix, Kubernetes, Rancher and many other software and hardware platforms.  It’s possible to automate a great deal of deployments using Terraform Infrastructure as Code.  Most popular of these are the cloud providers with AWS, Azure, and GCP deployments taking center stage.

Also, Terraform achieves scale both horizontally and vertically.  It offers functionality to deploy multiple objects at once.  For example, you can deploy multiple VPCs and Subnets while also deploying up to 10 instances inside them.  This lends the tool to be of great assistance for large scale cloud migrations.  Developers also like it a lot because you can house scripts for multiple providers and make it somewhat cloud agnostic although not quite 100% as the constructs differ between providers.

In conclusion, Hashicorp’s Terraform Infrastructure as Code product offers many great benefits to organizations and developers.  It can assist in automated many cloud platforms while enabling collaboration between both slow and fast-moving groups.  It is also very useful in helping organizations achieve horizontal and vertical scale in public and private clouds very quickly.  In my opinion, terraform is an essential tool as part of a multi-cloud migration and can accelerate your migration program on a path towards success.  Terraform is available in both open source and enterprise version.  Open source is great for trial and experimentation while Enterprise is extremely useful for managing multiple workspaces and integrating more smoothly with version control systems.

We believe All Possibilities Live in Technology.  Learn more about Trace3 Cloud Services

Leave a Reply

Your email address will not be published. Required fields are marked *