Terraform is one of the industry’s preferred Infrastructure-as-Code (IaC) tools for secure DevOps management, with a market share of around 30 percent. However, the platform is expected to gradually lose a significant part of its user base because HashiCorp, Terraform’s creator, announced last summer that the company would no longer offer it under an open-source license. The company decided to switch to a commercial Business Source License (BSL) model.
For context, following its late 2021 IPO, HashiCorp has been under significant pressure to achieve profitability after years of losses. Just recently, executives admitted considering the possibility of selling the company after it reported a loss of around $48 million in early March.
It may be unfair to regard HashiCorp’s BSL decision to be purely born out of greed. Nevertheless, it is also unsurprising that Terraform users will be looking for alternatives, as the once popular open-source tool they had been reliably using switches to BSL.
Is It Really Time to Switch?
Terraform’s pivot to BSL does not necessarily make it a closed-source model. However, it entails a number of significant changes.
Aside from limiting access to new features to paying users, the BSL license means greater control for HashiCorp over the codebase, which infers a significant dilution of community-driven innovation. This also suggests reduced (or nearly nonexistent) transparency and the possibility of vendor lock-in.
These changes are more than enough to drive away Terraform users who chose the tool because of advantages linked to its being open-source. Also, the switch to BSL has caused consequential reactions that may make BSL Terraform less appealing to current and prospective users, which can accelerate the further shrinking of the Terraform user community.
Simply put, it is reasonable to consider alternative IaC tools. It is even a must for many organizations that can barely afford the BSL version. In situations like these, sticking to the old open-source versions of Terraform would be counterintuitive, given that IT technologies rapidly change and deferring the switch to an alternative might prove too cumbersome in the future.
Popular Alternatives
Lists of Terraform alternatives and comparisons with other IaC tools proliferated as the news of Terraform’s decision to transition to BSL surfaced.
Users understand there is nothing much they can do with HashiCorp’s decision, so most of them have been quick to examine their options. Some of the most common alternatives include Ansible, Puppet, Chef, and SaltStack. In addition, OpenTofu and Pulumi, which are quite visible in online ads, are also good options.
A quick online search for Terraform alternatives will also likely lead to insightful comparisons, particularly those examining the pros and cons between Ansible and Terraform, Pulumi and Terraform, or OpenTofu and Terraform. In all these discussions, it is clear that the open-source alternatives have the edge and there is little incentive in sticking with Terraform.
Why Open Source Is Still Better
Cost-effectiveness is arguably the first and foremost reason why organizations might want to switch to an open-source IaC management solution. There are no license fees or recurrent subscription payments to make. However, organizations have to spend on developing internal IT expertise, especially when it comes to customization efforts, integration, and security. These indirect costs, though, are usually manageable and rarely an argument against open-source.
Another crucial benefit of managing IaC with an open-source tool is the large community of users that serve as a source of technical support, insights, and innovative ideas. For a long time, Terraform has been associated with this advantage, with its vibrant global community of users eager to share their knowledge and drive innovation in Terraform as they encounter problems or new challenges in dealing with IaC. Users that are seeking the community support and innovation advantage would have to find a new open-source solution to use.
Transparency and security are also vital factors in the preference for open-source tools. Contrary to what many may believe, open-source solutions are not necessarily insecure because they do not have paid expert developers maintaining them. The open-source community is usually highly sensitive to security and transparency concerns. The transparency of open-source code allows anyone to undertake in-depth scrutiny and also customize for specific requirements, which help foster a culture of trust and security.
Additionally, open-source solutions are typically interoperable. They are designed to be compatible or integrable with various other solutions, infrastructure platforms, cloud providers, and third-party services. They also work with different standardized formats, protocols, and APIs. This seamless integration provides the flexibility and scalability organizations need as they cope with changing requirements and breadth of operations.
Moreover, the use of an open-source IaC management tool ensures vendor neutrality. It addresses worries over the possibility of a vendor lock-in and proprietary dependencies. Virtually all enterprises that use or are planning to use public cloud adopt a multi-cloud provider strategy. Getting stuck to a single or a few cloud providers because of a proprietary IaC solution does not align with the prevailing multi-cloud strategy preferred by almost all organizations.
Ansible as a Key Example
Ansible is easily one of the best alternatives to Terraform. While it does not match all of the features and functions that come with the latter, it provides a number of compelling attributes that make it an excellent tool for IaC management with an emphasis on security.
Ansible’s architecture means that using it does not require the installation of an agent in managed systems, making its deployment straightforward and light on the managed nodes. It employs SSH to secure communications and YAML for its playbooks. It also comes with robust automation capabilities that enable advanced configuration management and support complex workflows. Additionally, Ansible works with a wide range of operating systems, cloud platforms, and third-party tools.
Also, just like Terraform, Ansible has a large community of active users, which ensures the availability of relevant resources and continuous development. It is easy to find useful documentation, plugins, modules, and other resources necessary to undertake efficient IaC management with Ansible.
Moreover, as mentioned, security is a crucial part of Ansible. It is made with ample attention to security concerns. It comes with role-based access control and sensitive data management with vault integrations. It also provides privilege escalation control, which supports the enforcement of the principle of least privilege.
Organizations may have to go through some acclimatization period in using Ansible or other open-source Terraform alternatives. However, the benefits easily outweigh the challenges or inconveniences. Ansible represents many of the IaC management advantages that are unalienable to the open-source model.
In Summary
HashiCorp’s decision to bring Terraform towards the freemium model presents challenges, but it also creates opportunities for open-source IaC tools to stand out. Open-source tools are not only cost-effective, they also spur community-driven innovation and facilitate transparency and security. Open-source alternatives like Ansible make it easier for organizations to avoid unnecessarily embracing BSL tools and abandon the benefits of vendor neutrality, interoperability, and transparency.