So what are provisioning tools? Infrastructure as Code (IaC) offers developers and operations teams the facility to automate the processes to manage and provision the infrastructure required for their application’s technology stack. The configuration of the discrete hardware devices and operating systems that comprise the infrastructure can now be undertaken using code, replacing the traditional manual approach. This automation makes the Infrastructure provisioning process faster while reducing the probability of configuration errors, leading to cost and time savings.
Terraform and CloudFormation are both designed to be provisioning tools designed to manage cloud infrastructure (servers, load balancers, databases, networking configuration). Conversely, tools such as Chef, Puppet, Ansible, and SaltStack are all designed to be configuration management tools responsible for installing and managing code on infrastructure devices.
While the configuration management tools can manage provisioning tasks, they are not as effective as Terraform or CloudFormation, which have been specifically developed for this role. Also, suppose you’re using tools such as Docker or Packer. In that case, you’ll already have configuration management services available, so it makes sense to bring in a provisioning tool rather than a separate configuration management tool with a provisioning capability.
Provisioning tools like CloudFormation and Terraform have the advantage of being masterless by design; that is, they do not require a master server to be configured to manage the provisioning process. Configuration management tools such as Chef, Puppet, and SaltStack usually require a master server for state management unless other procedures are put into place to run distributed agents across the provisioned servers. The requirement for a master server places financial and security overheads to the deployed solution.
The choice if you’re looking for a provisioning toll then comes down to Terraform or CloudFormation. On paper, AWS Cloud Formation should be the clear favorite for developers, but the reality is that it is no longer the most popular.
So why choose Terraform over CloudFormation?
Terraform is an open-source and cloud-agnostic tool, while CloudFormation has been developed for AWS cloud and is now maintained by AWS. The greater flexibility of Terraform makes it attractive for the development of multi-cloud solutions and re-usability benefits should an AWS-cloud solution be migrated into an alternate cloud services provider. The tight integration of CloudFormation with AWS services and tools makes future migration from AWS a more challenging prospect if the IaC software is to be reused.
A positive in CloudFormation’s favor is the handling of State Management. CloudFormation enables developers to identify configuration changes and facilitates implementing changes that do not require the targeted resource to be rebuilt from scratch if dependencies allow. It also manages dependencies whenever a resource is deleted. On the other hand, Terraform maintains a record of the infrastructure’s state, which developers must interrogate to identify and process to manage configuration changes.
Terraform is implemented using a modular approach for its provisioning code facilitating decomposition and reuse, providing efficiencies to the IaC development process. Terraform also enables creating more manageable code thanks to the ability to implement abstracted structures, improving useability and maintainability. The code structure is even more straightforward and concise, improving coding productivity and reducing error probability. This makes it simpler for developers to create shareable and reusable code. In contrast, CloudFormation uses the concept of nested stacks that are based on templates. This approach is less flexible and has more complex permissions management.
The CloudFormation templates are based around the specification of unique defined parameters, limited to types supported by CloudFormation, declared and referenced within the template, and provided at the stack’s runtime with the capability for implementing Dynamic References subject to implementation constraints. CloudFormation templates are also subject to code sizing constraints. Terraform is more flexible in that there are far fewer programming constraints and parameters that can come from any developer-defined source, including other Terraform modules or sources external to Terraform. This offers greater flexibility to developers.
In Summary
CloudFormation and Terraform are powerful IaC tools for cloud infrastructure management. Still, CloudFormation is only attractive to AWS users familiar with AWS tools and do not need to integrate these third-party services or solutions and have no plans to migrate to a different cloud services provider in the future.
Terraform’s increased popularity over CloudFormation comes from its flexibility, both in terms of fewer programming constraints and its cloud-agnostic benefits, making it suitable for AWS services and other popular providers. While coding in Terraform in its simple form is similar to writing software, GUI interfaces are available as a premium addition if developers and operations teams who are not conversant in command line coding are necessary.