I'm curious about how OpenTofu has been doing in comparison to Terraform. Has it established itself as a viable alternative? I don't use infrastructure as code in my current job, but I'm interested in understanding how the landscape has evolved recently.
5 Answers
I switched to OpenTofu right after CDKTF was discontinued and I’m really liking it. The `for_each` feature helps maintain control flow better than CDKTF used to. Plus, the state encryption is a bonus! It’s been a straightforward switch with no major rewrites needed.
We had a big bill from HashiCorp and decided to migrate to Terrakube over the weekend. So far, I'm really pleased with how everything has turned out. OpenTofu really is a suitable alternative.
Using `for_each` on providers is a major game changer! It keeps everything DRY and uncluttered.
It’s also nice how you can use variables and locals to determine the backend configuration. Overall, OpenTofu responds to a lot of what the community has been wanting for years, which wasn't part of HashiCorp's vision.
We still use Terraform at work but are trialing OpenTofu. I'm impressed with the use of target files; it simplifies targeted applies which used to be a hassle in CI environments.
That sounds helpful! How are you finding your release pipelines with OpenTofu?
OpenTofu has a significant advantage over Terraform when it comes to encrypting local state files, which is great for environments like bootstraps where storage needs plenty of security.
So, if it’s encrypted, does that mean I can keep my backend in source control instead of a bucket? That would make my IaC completely self-contained and not tied to a cloud provider for storage.
That doesn’t make sense if you’re working with public cloud! If you don’t trust the provider, just use your own customer-managed keys.
I don't quite understand that. Could you give me a quick example?