Terraform

Rationale

Terraform  is used for writing our entire infrastructure stack as code .

The main reasons why we chose it over other alternatives are:

• It is Open source .
• It is widely used by the community.
• It uses HCL , a very easy to learn structured configuration language.
• It is not platform-bounded.
• It has a stateless approach to infrastructure. There are no master machines, agents, or incremental infrastructure. Instead, the infrastructure is regenerated from scratch every time it is required.
• Due to its stateless approach, parity between development and production environments is assured.
• It has hundreds of open source providers  that give it full flexibility across many platforms.
• It has thousands of open source modules  that simplify writing infrastructure and avoid repetition.
• Deploying infrastructure usually takes no longer than a few minutes.

Alternatives

The following alternatives were considered but not chosen for the following reasons:

• Ansible : Deployments were too slow.
• AWS CDK : It is platform-bounded.
• AWS CloudFormation : It is platform-bounded.
• Chef : It has a stateful approach to infrastructure, including a master machine, agents and mutable infrastructure.
• Pulumi : It is not as widely used, resulting in fewer providers , modules  and overall community support.
• Puppet : It has a stateful approach to infrastructure, including a master machine, agents and mutable infrastructure.
• SaltStack : It has a stateful approach to infrastructure, including a master machine, agents and mutable infrastructure.

Usage

Used for every infrastructure piece, like databases, DNS records, firewall rules, and computing clusters, among others. Some examples are:

• GitLab Runners 
• DNS 
• Kubernetes 
• Okta 
• Website 

We do not use Terraform  in:

• AWS Redshift  (pending implementation)
• GitLab  (pending implementation)
• GitLab Runner Bastion  (pending implementation)
• Google Workspace  (pending implementation)