CDK for Terraform vs Pulumi
It all started with finding that perfect workflow for deploying the cloud infrastructure. Everyone is rushing to get their hands dirty on the Cloud, developing suitable approach that can easily be adopted with little to no cloud experience. It’s easy just like that. Or is it? From manual console work to automating the process, the Cloud providers has expanded their possibilities for everyone can participate creating solutions using their variety of services, plugins, tools, programmatical approach or by just using a pre-build solution from their marketplace. Since the expansion of the DevOps culture, the Cloud infrastructure had become our Totem, the Hub between all Spokes, the Umbrella above. The traditional approach included the complexity of gathering bunch of people teaming up from different skill sets like Sysadmins, DB engineers, Application engineers, Developers, Solution Architects and Network engineers to provide and build one whole process had its flaws, besides the high cost of on-premises maintenance, there was also slow deployment, limited automation, and inconsistency between team members. The Infrastructure as a code breakthrough brought everything from the traditional on-premises structure, starting from primordial shell scripting with simple virtual machines, the server being the highest-level primitive, to advanced methods deploying hundreds of virtual machines in the Cloud with just one build, pay as you go. At the end of the day, it’s all software development lifecycle.
So, who came first? The four main IaC providers today are Amazon AWS Cloudformation, Azure Resource Manager (ARM) from Microsoft Azure, Google Cloud Deployment Manager, and Terraform from Hashicorp. The first three are considered native IaC providers, and their offerings work best within their own clouds. But Terraform works on all those Cloud Providers and more. Mentioning the DevOps culture, which beautifully blends all those skills which we mentioned above starting from Development, System administration, networking, databases, testing, monitoring, and operations, adopted IaC as a starting point when building cloud infrastructure solutions. That can be very demanding, knowing all those DevOps workflow processes from start till the end.
But do you need to know all of this to deploy Cloud infrastructure? What about providing a developer friendly workflow that can do this? Without context switching from their familiar programming language, using the same tooling and syntax to provision infrastructure resources as they are using to define the application business logic. Depending on your developer background, whether you are closer to system administration or development, choosing the right solutions of your desired preference.
Developers in the Cloud
If you don’t want to go outside your development stack, leaving your desired programing language and follow strict structure to create your Cloud resources, then Pulumi fits perfect as your choice. Founded in 2017, Pulumi is a modern, universal way to implement IaC. Pulumi allows you to build your infrastructure using familiar languages like TypeScript, Go, .NET, Python, and Java, tools, and engineering practices. And as of May 2022, has added the markup languages of YAML and CUE. While offering support for the cloud giants AWS, GCP, and Azure Cloud. Additionally, it has automation options for: Deployment delivery, Quality assurance using policies, Easy auditioning, Comprehensive identity control.
The installation is very straightforward, please find your desired preferences from their official documentation. As we can see from the snippet example bellow (this is not a tutorial), we can easily create an AWS S3 private bucket w/tags in Typescript and deploy your stack using the following command:
$ pulumi up
This command evaluates your program and determines the resource updates to make. First, a preview is shown that outlines the changes that will be made when you run the update:
Once the preview has finished, you are given three options to choose from. Choosing details will show you a rich diff of the changes to be made. Choosing yes will create your new S3 bucket in AWS. Choosing no will return you to the user prompt without performing the update operation. How easy was that? Imagine creating the whole infrastructure with your favorite language.
Next, we have the №1 choice for 2022 from the Infrastructure as a Code tools. HashiCorp Terraform is the most popular and open-source tool for infrastructure automation. It helps in configuring, provisioning, and managing the infrastructure as code. With Terraform, you can easily plan and create IaC across multiple infrastructure providers with the same workflow. But, as a developer you must learn a DSL-namely, Hashicorp Configuration Language (HCL). Those with an admin background tend to lean toward Terraform. It’s perfect for DevOps people deploying very complex infrastructures with a large variety of providers that Terraform supports. Thankfully, there is a way for Devs to ease their work with CDK for Terraform (CDKTF) announced as generally available officially on August 01, 2022. You can write Terraform configurations in your choice of TypeScript, Python, C#, Java, or Go, and still benefit from the full ecosystem of HashiCorp Terraform. Please bear in mind that this is for AWS. The prerequisites’ part is more complexed. To use CDKTF, you need:
· The Terraform CLI (1.1+).
· Node.js and npm v16+.
· TypeScript v4.4 and Node.js v16.13 (or your preferred language)
· Any other provider such as Docker.
· Installation for CDKTF with the following command:
$ npm install — global cdktf-cli@latest
Here we have the project’s code to create a Docker container from the latest NGINX image. With running $ cdktf deploy to compile the code and provision the NGINX Docker container. CDKTF will print out a report of the changes that Terraform will make to your infrastructure. Of course, this is just an example of our main.tf file where the resource resides, much more configuration files are needed for proper setup.
Conclusion
So, as we can see, it really falls on one’s preference. There is no dispute that both services are strong of the opportunities they provide in the Cloud race, the choice is completely to the engineer background and the organization policy. Terraform and Pulumi are two great solutions that aim to solve similar problems using different approaches. Pulumi offers more flexibility and more focus on functions, while Terraform has better documentation and solid community support. Consider your cloud infrastructure and skillset when deciding. Also, when choosing please take one more important key factor between these two platforms is where the infrastructure state is located. In Terraform, the state files are stored locally with the option to store them in a backend provider such as Amazon S3 or Google Cloud Storage. In contrast, Pulumi requires users to register with an account, and by default, stores state files online with functions like detailed resource overviews and deployment history available through Pulumi. Both platforms are free to use.
<Happy coding>
