I signed up for #systeminit, the new open open source #Terraform alternative. Looking forward to working through the tutorials. That legalise is quite the first impression, and I'm not yet sure how I mean that, but it looks promising! #DevOps#opensource
I'm curious: is this something people actually use? Is managing resources in a #Kubernetes cluster with #Terraform something a significant number of Kubernetes users do?
If you're using this in production, or have done so before, I'd hugely appreciate if you would share your first-hand experience in a comment.
As I'm importing my cloud #Kubernetes cluster into #Terraform I want to look at a new ingress. Looking for something very lightweight, runs on both ARM64 and AMD64 so it can run on my cloud and home clusters for simpler management, and is easy to manage (the less work the better). What is everyone using?
Yet another corporate-led #FOSS project getting screwed by the company that is supposed to be taking care of it.
If you or your business uses it, and if you care about such things (and I hope you do) ... time to quit using #Terraform and switch over to #OpenTF ( https://openTF.org/ ).
The parent corp changed the project license from a FOSS license to a more profit-friendly business license. Of course, it was promptly forked by FOSS folk to maintain a free and open version.
Run your own #kubernetes cluster on #raspberrypi's they said, it will be fun they said. So now once every blue moon there is a leader change in the middle of a #terraform apply 🤣
While I’ll be following the #Linkerd / #CNCF drama with interest, this isn’t a rug pull like the #terraform license switch. #OpenSource means the source code is… well, open. That’s all. I’ve said it before: there’s no “spirit of open source” that always seems to put a ton of obligations on maintainers but never on users.
Doesn’t mean anyone has to be happy about the change, and I fully understand those who aren’t. But if it’s not in a license — OSS or commercial — it’s not an obligation.
Good example of an open source project that gets forked after it changed its licensing to be non-OSS. The new project will apply to join Linux Foundation and then CNCF.
All this takes place very much in a business environment (Hashicorp competitors are first to commit efforts to the fork), but this move should keep the project open for everyone.
Terraform remains open-source-enough for me—and there is no viable alternative today—but I am still disappointed in HashiCorp adopting Business Source License as a customer, open source contributor, and shareholder.
I know someone will come at me for saying there is no viable alternative, so preemptively: There is no declarative alternative that’s extensively & officially supported by infrastructure providers, “more” open source, not problematically financed.
#AWS#Pulumi#TerraForm frens I have a weird thing. I rearranged the security group configuration for an EC2 instance config so that it has four CIDR blocks per inbound rule. This is intended for a multi-subnet SQL Server WFCL. The only changes are adding CIDR blocks for a third node that's in a different subnet. This is 4 CIDR blocks total - 1 in us-west-2-lax-1a, 1 in us-west-2-lax-1b, 1 in us-west-2a, and a 10.x block. Only 3 CIDR blocks get added per inbound rule. Is there a limit in Pulumi?
I haven’t wanted to weigh in on all the #Terraform stuff because it is dramatic and nuanced and not something I want to hot-take. But I’m so happy to see #OpenTofu (née OpenTF) out and under the Linux Foundation https://opentofu.org
Anyone familiar with terraform, GKE and enabling GCP services from TF?
Setting up a new project and trying to plan a GKE cluster. But I get this response saying the Kubernetes API hasn't be used or is disabled - well yes, it's a new project. But it's listed in the services for the project and should then get enabled like all the others, right 🤔
Google just asked if we could enable via the UI. But that's not the point. This is meant to be automated with TF.
Anyone have a good write up/how-to for standing up #OpenPolicyAgent server? Looking at the documentation, I'm a bit lost on how to point it to rego files, and how to have my clients call OPA to evaluate their JSON.
My use case is kind of fun - have all my team's Terraform repos do a pre-merge OPA evaluation on the Terraform plan. I'd like to get away from bundling the rego with the repos - the developers could just change the accept criteria and hope nobody notices in the pull request.
So success looks like having a rego file on a remote opa server that will allow a user to POST a url with their terraform plan, and get back the results.
This is why I love #Renovate over #Dependabot: it picked up #Docker tags somewhere deep inside some #Helm chart, plus picked up all the Helm charts in my #TerraForm that need updating. Looks like I'll be updating everything tomorrow (well today since it's past midnight) 🎉🎉🎉#
Unimpressed by #HashiCorp
We use #terraform in our service deployments and now the teams that do that will be having to decide what to do. All actions are going to cost.
The danger Hashicorp have to fear is if another open source fork of their current code gains traction. I can see motivation there
Anybody out there with solid experience with #AWS in #terraform / #opentofu? All the resources for the Gender Dysphoria Bible are managed in terraform, but they're created against my root account.
I want to migrate them all to their own organization, but can't find any guides on how to do this in terraform. I don't want to break my config by clickopsing this.