Terraform vs Pulumi vs Cloud SDKs - Keep It Simple, Silly

Mmmmm mixed feelings about this. Although I feel you are right in most of what you say, I would like to paint a slightly different picture. HCL is completely different to typescript, the actual IntelliSense is spotty in provider coverage so doesn't give you the rich at the finger support that a fully typed language like typescript does.

Ok so the crux of where I am heading with this is I just learned terraform/HCL completed the Terraform Associates Exam and use it at work to manage our infrastructure over on GCP. However speaking with the other engineers, we have evaluated both technologies from the standpoint of engineers not knowing HCL. A full-stack javascript engineer can look at Pulumi's typescript stack and have a very good understanding of what's happening. It doesn't take long with a language you are comfortable in to start exploring resource objects and find the "required" elements needed to provision something.

Pulumi has some enhanced features to manage cloud functions which is great. Just feels like a natural fit for the Typescript/Javascript team. Just less technical overhead of learning yet another language and methodology. If you already have experience with DevOps/cloud engineers on the team they will build in good practices and simple directory structures that wouldn't be far off how TF projects are structured, but with a language, everyone already knows.

Also, Testing Infrastructure is much easier with a traditional language, all the testing frameworks, and tooling. I quite often find that super-niche tooling like TF help paves the way but the super-fast innovation will happen in and around dynamic and typed safe imperative languages. TF is fantastic for all the reasons you mentioned, but then so is Pulumi for the reasons mentioned. Both have excellent reasons to be used.

As my boss said TF is battle-tested, but taking into consideration the team and the primary language, would be easier to stay within the team's language focus.

I do like that you mentioned learning Go at the end ;)

Great content, will keep tuning in :)

seanknowles

I like the thesis. How are your feelings now, in late 2023? Kubernetes could be used as a gitops infra control plane for all of your company’s infra (using terraform operator or crossplane, or kubevela). Now, the expertise isn’t about managing workloads on kubernetes, but is, instead, about managing more/less unified infra control plane. We get the benefits of gitops and the low complexity overhead of, e.g. server less app deployments.

Love to hear your thoughts!

emjones

You won my total respect with your brutal honesty. Keep is Simple, so simple that a Junior engineer could maintain years to come.

ChristopherKMEtou

Assuming you're just starting our infrastructure as code, and you have devops culture and no devops team, then the KISS approach would be to stick with your programming language for your IAC.

FranzAllanSee

Hey Michal,

Thank you for you quick review.
Can you please review for us CDKTF vs Pulumi as they look more related then HCL.

sharonmafgaoker

This is also why people end up writing ansible or other code-based tools to generate HCL.

joshuaschmidlkofer

I completely agree with KISS, but it's not about terraform or pulumi, but about good and bad engineers: you can mess things up quite easy even with terraform.

victorbalan

I'm relatively new to this space, so bare that in mind for the following. I'm coming from a background using yaml to provision Openstack resources. Openstack HEAT provides some functionality for spinning up groups of similar resources, which is similar to TF's `count` functionality. However I found both lack when trying to conditionally build resources. I first started with Jinja + yaml to build in that functionality, which worked, but obviously requires jinja and still generates a yaml file at the end. I went down the TF rabbit hole and saw that I could "make" an if statement using `count` as in "count = var.port_data.is_float ? 1 : 0". This also worked, but to someone at home in bash or python, it just isn't as intuitive. When I learned about Pulumi, it seemed to incorporate the best of both worlds imo. Am I just coding bad TF or is this something you suggest writing a "custom provider" for as mentioned at the end of the video. Thanks, and I appreciate all the great devops content.

kevinc.

Like your view but the business doesn't want to understand when it comes to dollar and cents.

johnreyna

Hey Michal,

Thank you for sharing your thoughts.

I think you are missing the craving to learn and develop more skills.

I understand from your side that you wanna take people and keep them locked on they role to maintain the system. I think that robot can take this.

As humans we like to keep our creative mind opened.

To play with code and find your own ways to a different solution it what keep me on this industry.

sharonmafgaoker