🚀 Executive Summary
TL;DR: HashiCorp’s 2023 license change for Terraform spurred the creation of OpenTofu and highlighted alternatives like Pulumi and Crossplane. Teams must now evaluate their IaC strategy based on existing investment, open-source principles, or a desire for developer-centric tooling to solve specific problems.
🎯 Key Takeaways
- HashiCorp’s August 2023 license change from MPL 2.0 to BSL for Terraform led to the community-backed creation of OpenTofu, a truly open-source fork.
- Organizations can choose to stick with HashiCorp Terraform (minimal practical impact for most users), migrate to OpenTofu (for open-source compliance and future de-risking), or adopt new paradigms like Pulumi, AWS CDK, or Crossplane.
- Pulumi enables infrastructure definition using general-purpose programming languages (Python, TypeScript, Go), offering advanced programmatic control but potentially increasing code complexity.
- Crossplane extends Kubernetes to manage external cloud resources, making Kubernetes the central control plane for infrastructure provisioning.
- Terraform and OpenTofu remain dominant, versatile IaC tools, but the market now demands a strategic choice based on team skills, ecosystem, and specific project requirements.
Is Terraform still the king of Infrastructure as Code? This guide from a senior DevOps engineer explores the current IaC landscape, comparing Terraform to OpenTofu, Pulumi, and Crossplane to help you decide what’s right for your team.
I Live Under a Rock: Is Terraform Still Relevant in 2024?
I remember sitting in a planning meeting about a year ago for a new greenfield project. The lead developer, sharp as a tack but new to the infrastructure side, declared, “We should use Pulumi. No one wants to learn another clunky DSL like HCL.” Across the table, our project manager, who lives and dies by Gantt charts and established processes, shot back, “All our other projects use Terraform. The runbooks are written, the team is trained. We are not introducing a new tool.” The air got thick. For ten minutes, they went back and forth, arguing about syntax and developer experience versus operational consistency. I finally had to step in and say, “We’re asking the wrong question.” The question isn’t just “Terraform vs. X.” The real question is: “What problem are we solving, and who is solving it?”
So, Why is Everyone Asking This Now?
If you feel like this conversation blew up overnight, you’re not wrong. For years, Terraform was the undisputed champion of Infrastructure as Code (IaC). It was the default, the standard, the thing you just used. Then, in August 2023, HashiCorp, the creators of Terraform, switched its license from a very permissive open-source license (MPL 2.0) to the Business Source License (BSL). In simple terms, this meant it was no longer “open source” in the traditional sense and placed restrictions on competitors who wanted to use the source code.
This move fractured the community. In response, a coalition of companies, backed by the Linux Foundation, forked the last truly open-source version of Terraform and created OpenTofu. Suddenly, there wasn’t just “Terraform.” There was “HashiCorp Terraform” and the community-led “OpenTofu,” which promised to be a drop-in replacement. This event, combined with the growing maturity of other tools, cracked the door wide open and left a lot of engineers wondering, “What should I be using?”
Your Path Forward: Three Ways to Tackle the IaC Question
Forget the hype. Let’s break this down into practical paths. There’s no single right answer, only the right answer for your team and your project.
Path 1: The ‘If It Ain’t Broke’ – Stick with HashiCorp Terraform
Let’s be brutally honest: for most companies, this is the path of least resistance. HashiCorp Terraform is still a fantastic, powerful, and mature tool. The ecosystem is massive, the official provider registry is unparalleled, and the amount of community documentation, tutorials, and Stack Overflow answers is staggering.
- When to choose this: You have a large existing investment in Terraform code. Your team is well-versed in HCL. You rely on HashiCorp’s commercial offerings like Terraform Cloud or Enterprise.
- The Reality: The BSL license change has zero practical impact on 99% of companies using Terraform to manage their own infrastructure. The “controversy” is more about principle and future risk than immediate technical limitations. Choosing to stay is a perfectly valid and safe engineering decision.
A Word from the Trenches: I’ve seen teams spend weeks debating a migration away from Terraform only to realize the engineering cost far outweighed the perceived benefit of “sticking it to HashiCorp.” Don’t let Twitter drama dictate your architecture. Analyze the real-world impact on your team and your deliverables.
Path 2: The Principled Pivot – Migrate to OpenTofu
If the license change bothers you on principle, or your company has strict open-source compliance rules, OpenTofu is your answer. It was designed from day one to be a seamless transition.
For now, it’s essentially a re-branded version of Terraform v1.5.x. You can use your existing code, your existing state files, and your existing workflows. The migration is often as simple as installing the `tofu` binary and running tofu init instead of terraform init.
- When to choose this: You want to de-risk from HashiCorp’s future licensing decisions while retaining your entire existing codebase and knowledge base. You believe in a community-governed, truly open-source future for the tool.
- The Code ‘Change’: It’s almost comical how simple it is.
# Old Command
terraform apply -var-file="prod.tfvars"
# New Command
tofu apply -var-file="prod.tfvars"
Path 3: The Developer-Centric Approach – Embrace a New Paradigm
This is where things get interesting. The “Terraform still?” question often comes from developers who are tired of writing HCL. They already know Python, TypeScript, or Go, so why learn a custom Domain-Specific Language (DSL)? This is where tools like Pulumi, AWS CDK, and Crossplane shine.
| Tool | Core Idea | Best For… |
|---|---|---|
| Pulumi | Define infrastructure in general-purpose languages like Python, TypeScript, Go, or C#. | Teams with strong development skills who want to use loops, functions, classes, and unit tests for their infrastructure. Great for platform teams building internal tools for developers. |
| AWS CDK | Similar to Pulumi, but AWS-specific. It “synthesizes” down to CloudFormation. | Teams that are 100% committed to the AWS ecosystem and want a higher-level, code-first abstraction over raw CloudFormation. |
| Crossplane | A Kubernetes-native approach. It extends the Kubernetes API so you can manage external resources (like an S3 bucket or GCP Cloud SQL) using `kubectl apply`. | Organizations that are all-in on Kubernetes as their central control plane. If your team lives and breathes YAML and `kubectl`, this is a powerful option. |
Let’s look at a practical example. Here’s how you’d define a simple S3 bucket in HCL vs. Pulumi (Python).
Terraform/OpenTofu (HCL)
resource "aws_s3_bucket" "prod_app_data" {
bucket = "techresolve-prod-app-data-2024"
tags = {
Name = "Prod App Data"
Environment = "Production"
ManagedBy = "Terraform"
}
}
Pulumi (Python)
import pulumi
import pulumi_aws as aws
# You can use loops, variables, and logic from Python!
env = pulumi.get_stack() # 'production'
common_tags = {
"Environment": env,
"ManagedBy": "Pulumi",
}
prod_app_data_bucket = aws.s3.Bucket(
"prod-app-data",
bucket=f"techresolve-{env}-app-data-2024",
tags=common_tags
)
The Pulumi version might look more complex at first, but imagine needing to create 50 buckets with slightly different configurations. In Python, that’s a simple `for` loop. In HCL, you’re reaching for `count` or `for_each`, which can get unwieldy fast.
Warning: The ‘Nuclear’ Option: With great power comes great responsibility. Giving developers the full power of a programming language to define infrastructure can lead to overly complex, “clever” code that is impossible for an on-call SRE to debug at 3 AM. The simplicity and declarative nature of HCL is a feature, not just a bug.
My Final Take: Is Terraform Still It?
Yes, absolutely. Terraform (and its fork, OpenTofu) is not going anywhere. It remains the most versatile, battle-tested, and widely-known IaC tool on the market. It’s the lingua franca of DevOps.
But the monopoly is over. The landscape is richer and more diverse now. Pulumi offers a compelling alternative for developer-heavy teams. Crossplane presents a fascinating future for Kubernetes-centric organizations. The question is no longer “Should I use Terraform?” It is “Which IaC tool best fits my team’s skills, my company’s ecosystem, and the specific problem I’m trying to solve today?”
So, no, you don’t live under a rock for asking. You’re just paying attention. And that’s the most important skill any of us can have.
🤖 Frequently Asked Questions
âť“ Why is there a debate about Terraform’s relevance now?
The debate intensified after HashiCorp switched Terraform’s license from MPL 2.0 to BSL in August 2023, prompting the creation of OpenTofu and re-evaluating other IaC tools.
âť“ How do Pulumi and Crossplane differ from Terraform/OpenTofu?
Pulumi uses general-purpose programming languages (Python, TypeScript, Go) for IaC, offering more programmatic flexibility. Crossplane is Kubernetes-native, extending the Kubernetes API to manage external cloud resources using `kubectl`. Terraform/OpenTofu primarily use HCL, a declarative DSL.
âť“ What’s a key consideration when choosing between HCL-based tools and developer-centric IaC?
While developer-centric tools like Pulumi offer powerful programmatic capabilities, the declarative simplicity of HCL in Terraform/OpenTofu can be a feature, preventing overly complex infrastructure code that is difficult to debug.
Leave a Reply