The Problem With Terraform
Let me start by saying that I like Terraform. Terraform makes automating infrastructure as easy as terraform apply
, HCL makes defining that infrastructure as code a breeze compared to YAML and JSON, but there’s one problem that I’ve consistently run into with Terraform – the providers.
Terraform Providers enable people to extend the functionality of Terraform to 3rd party services like AWS, Digital Ocean, and Heroku. For Terraform to be viable, every service you use for infrastructure needs a corresponding provider. Usually these simply wrap an officially supported golang client, so most major services have a provider.
The problem I have is not with provider availability, but with provider quality. Recently I wanted to play around with Digital Ocean’s (DO) new hosted database service, but looking at their officially supported Terraform provider, the resource doesn’t exist. A recently opened issue mentions a lack of support in the underlying DO golang library.
While exploring DO’s new hosted Kubernetes (k8s) offering, I was relieved to find Terraform provider support. Sadly, the Hashicorp supported k8s provider fails to deliver on the critical features required for everyday k8s use. Specifically, the provider doesn’t support ingress resources. Actually, Hashicorp has made the explicit decision to only support v1 features (i.e. no beta or alpha features). For k8s, where many everyday features are in beta, the Terraform provider is nearly useless. While members of the community have forked the official k8s provider and added these sorely needed features, I find it disappointing to see this provider languish. Apparently Hashicorp hired a full time dev to work on this provider around August 2018, but there’s little to show for it beyond basic deployment resource support.
The viability of Terraform is threatened by poorly maintained Terraform providers.
For now I’m going to explore the k8s provider fork, terraform-provider-helm
, or begrudgingly fall back to Helm, but I’d really like to avoid using templated YAML if at all possible.
Hashicorp may be looking to resolve these deficiencies in the k8s provider with the release of Terraform v0.12. Time will tell.