- Terraform Weekly
- Posts
- Terraform Weekly - Issue #4
Terraform Weekly - Issue #4
We are back with Part 2 of Muffy Barkocy's detailed lessons from using Terraform to manage AWS RDS at Instacart.
This week she details the challenges with creating and configuring replicas and managing abstractions via modules for AWS RDS.
HERE’S THE THING: Terraform (and the provider plugin ecosystem) are abstractions over cloud providers. Like all good abstractions they are very useful and occasionally leaky.
Some of the leakiness highlighted here is painful because the operations are slow (creating new databases takes time) and surprising ("wait, you have to create the database replica and then modify and reboot?").
The way I see it, the challenges stem from the impedance mismatch between Terraform's declarative model and the AWS API's imperative model. Terraform has you declare database instance with a set of parameters and then delegates to the AWS Terraform provider to figure out how to create or update your infrastructure. Depending on whether you are creating a new instance, a replica of an existing one, resizing, etc it could be a totally different API call with different constraints and can take anywhere from seconds to hours to run.
I don't know if there is a lesson here, maybe just a warning. This corner of the cloud is hard to manage with Terraform, but I wouldn't want to use anything else these days.
HachiConf is going digital and is running June 22-24, 2020 during CEST working hours. Check out the schedule and speakers.
I have never found certifications very useful for work, either for myself or when hiring. However, for those that do, HashiCorp is now offering Associate certifications in Terraform and Vault with Consul "coming soon". If you take one, let me know how it goes.
Notable Releases
A non-exhaustive list of software updates in the Terraform ecosystem (provider plugins, libraries, etc).
I am trying to track what I think are the most popular projects.If there projects missing not covered here, hit reply and let me know what I should add.
A new release of the heroku provider that includes a few bug fixes plus some CI automation (running acceptance tests on every PR via Github Actions).
A handful of improvements to cloudflare_zone_settings_override, cloudflare_logpush_job, cloudflare_zone_settings_override and cloudflare_access_group. The changes are detailed in the CHANGELOG.
A simple bugfix release for terragrunt-source.
Another small terragrunt release, this time adding a new feature to the dependency feature that allows you to skip generating the signature line.
A small but useful improvement release - terratest_log_parser now buffers input lines so that it can support parsing long lines.
One feature - two new Resources: pagerduty_business_service and pagerduty_service_dependency.
And several bugfixes to pagerduty_service_integration, pagerduty_ruleset_rule, and pagerduty_ruleset_rule.
Changelog is here.
The time provider is pretty new and I expect not in wide use. But in case you are-
This release has a number of breaking changes in it. If you are one of those already using it take a look at the change log.
Bug fixes to auth0_client, auth0_connection and auth0_role.tun
Changelog is here.
A bug fix to the auth0_connection resource.
Changelog is here.
A bug fix release affecting schedule rotation.
Changelog is here.