Configuration management is not enough

Thoughts on uptake of IaC

Author

Matt Gowie
August 27, 2024

Heya,

I'm seeing a shift in the level of adoption of infrastructure as code (IaC) solutions that I’d like to talk about. People already understand the value of configuration management, but more and more people are getting the value of IaC.

Particularly in the mid-market world where people have hired a lot of sysadmins, cloud engineers, platform engineers, and DevOps people. There's often a team of five or ten or something along those lines who manage infrastructure.

And a lot of that infrastructure management have historically been ClickOps.

Maybe the team had some scripts, but they are unfortunately getting into a state where it is just unmanageable. They don't know how to wrangle all these different resources in AWS. They don't even know what they have in their accounts!

Granted, AWS doesn't make it easy. Everybody criticizes AWS, and it's well founded. They say AWS is a hard environment in terms of user experience. And that the account boundary is really difficult. Plus, there's a lot of things with IAM that are hard.

Now, Terraform doesn't make all that go away. But if you bring in Terraform, you have a tangible artifact. Terraform modules declare, in a way, that "Hey, this resource is here" and "that other resource is there". It feels like people are really getting on board with this approach.

Story time.

We just had a big client with some problematic infrastructure. They were in about six regions or so around the world. They were managing it all by hand. All by hand! This included tasks like manual deployments of EC2 instances.

We upgraded them over a few months from not having any IaC for major environments into a world where now they don't have much pain when they roll out updates or patch their instances. They are now getting a handle on all these environments.

When you're dealing with infrastructure at scale, people are realizing that there's only one way to do it well.

That's Terraform or OpenTofu.

That's IaC.

Configuration management is simply not enough.

May your terraform always go according to plan, Matt @ Masterpoint