OpenTofu
Revision | Date | Description |
|---|---|---|
| 24.07.2024 | Init Changelog |
Introduction
OpenTofu is a fork of Terraform that is open-source, community-driven, and managed by the Linux Foundation.
OpenTofu is an infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share. You can then use a consistent workflow to provision and manage all of your infrastructure throughout its lifecycle. OpenTofu can manage low-level components like compute, storage, and networking resources, as well as high-level components like DNS entries and SaaS features.
How it works?
OpenTofu creates and manages resources on cloud platforms and other services through their application programming interfaces (APIs). Providers enable OpenTofu to work with virtually any platform or service with an accessible API.
The OpenTofu community have already written thousands of providers to manage many different types of resources and services. You can find all publicly available providers on the Public OpenTofu Registry, including Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes, Helm, GitHub, Splunk, DataDog, and many more.
The core OpenTofu workflow consists of three stages:
Write: You define resources, which may be across multiple cloud providers and services. For example, you might create a configuration to deploy an application on virtual machines in a Virtual Private Cloud (VPC) network with security groups and a load balancer.
Plan: OpenTofu creates an execution plan describing the infrastructure it will create, update, or destroy based on the existing infrastructure and your configuration.
Apply: On approval, OpenTofu performs the proposed operations in the correct order, respecting any resource dependencies. For example, if you update the properties of a VPC and change the number of virtual machines in that VPC, OpenTofu will recreate the VPC before scaling the virtual machines.
Installing OpenTofu
You can install OpenTofu via a wide range of methods. Please check official documentation here.
Migrating to OpenTofu from Terraform
If you want to migrate from Terraform to OpenTofu, follow official documentation from links below:
Upgrading OpenTofu to the newest version
If you want to upgrade OpenTofu to the newest version, just check official documentation from links below:
OpenTofu vs. Alternatives
OpenTofu provides a flexible abstraction of resources and providers. This model allows for representing everything from physical hardware, virtual machines, and containers, to email and DNS providers. Because of this flexibility, OpenTofu can be used to solve many different problems. This means there are a number of existing tools that overlap with the capabilities of OpenTofu. We compare OpenTofu to a number of these tools, but it should be noted that OpenTofu is not mutually exclusive with other systems. It can be used to manage a single application, or the entire datacenter.
OpenTofu vs. Boto, Fog, etc.
Libraries like Boto, Fog, etc. are used to provide native access to cloud providers and services by using their APIs. Some libraries are focused on specific clouds, while others attempt to bridge them all and mask the semantic differences. Using a client library only provides low-level access to APIs, requiring application developers to create their own tooling to build and manage their infrastructure.
OpenTofu is not intended to give low-level programmatic access to providers, but instead provides a high level syntax for describing how cloud resources and services should be created, provisioned, and combined. OpenTofu is very flexible, using a plugin-based model to support providers and provisioners, giving it the ability to support almost any service that exposes APIs.
OpenTofu vs. Chef, Puppet, etc.
Configuration management tools install and manage software on a machine that already exists. OpenTofu is not a configuration management tool, and it allows existing tooling to focus on their strengths: bootstrapping and initializing resources.
OpenTofu focuses on the higher-level abstraction of the datacenter and associated services, while allowing you to use configuration management tools on individual systems. It also aims to bring the same benefits of codification of your system configuration to infrastructure management.
If you are using traditional configuration management within your compute instances, you can use OpenTofu to configure bootstrapping software like cloud-init to activate your configuration management software on first system boot.
OpenTofu vs. CloudFormation, Heat, etc.
Tools like CloudFormation, Heat, etc. allow the details of an infrastructure to be codified into a configuration file. The configuration files allow the infrastructure to be elastically created, modified and destroyed. OpenTofu is inspired by the problems they solve.
OpenTofu similarly uses configuration files to detail the infrastructure setup, but it goes further by being both cloud-agnostic and enabling multiple providers and services to be combined and composed. For example, OpenTofu can be used to orchestrate an AWS and OpenStack cluster simultaneously, while enabling 3rd-party providers like Cloudflare and DNSimple to be integrated to provide CDN and DNS services. This enables OpenTofu to represent and manage the entire infrastructure with its supporting services, instead of only the subset that exists within a single provider. It provides a single unified syntax, instead of requiring operators to use independent and non-interoperable tools for each platform and service.
OpenTofu also separates the planning phase from the execution phase, by using the concept of an execution plan. By running tofu plan, the current state is refreshed and the configuration is consulted to generate an action plan. The plan includes all actions to be taken: which resources will be created, destroyed or modified. It can be inspected by operators to ensure it is exactly what is expected. Using tofu graph, the plan can be visualized to show dependent ordering. Once the plan is captured, the execution phase can be limited to only the actions in the plan. Other tools combine the planning and execution phases, meaning operators are forced to mentally reason about the effects of a change, which quickly becomes intractable in large infrastructures. OpenTofu lets operators apply changes with confidence, as they know exactly what will happen beforehand.
OpenTofu vs. Custom Solutions
Most organizations start by manually managing infrastructure through simple scripts or web-based interfaces. As the infrastructure grows, any manual approach to management becomes both error-prone and tedious, and many organizations begin to home-roll tooling to help automate the mechanical processes involved.
These tools require time and resources to build and maintain. As tools of necessity, they represent the minimum viable features needed by an organization, being built to handle only the immediate needs. As a result, they are often hard to extend and difficult to maintain. Because the tooling must be updated in lockstep with any new features or infrastructure, it becomes the limiting factor for how quickly the infrastructure can evolve.
OpenTofu is designed to tackle these challenges. It provides a simple, unified syntax, allowing almost any resource to be managed without learning new tooling. By capturing all the resources required, the dependencies between them can be resolved automatically so that operators do not need to remember and reason about them. Removing the burden of building the tool allows operators to focus on their infrastructure and not the tooling.
Furthermore, OpenTofu is an open source tool. The community around OpenTofu helps to extend its features, fix bugs and document new use cases. OpenTofu helps solve a problem that exists in every organization and provides a standard that can be adopted to avoid reinventing the wheel between and within organizations. Its open source nature ensures it will be around in the long term.
OpenTofu Language Documentation
Check official documentation: OpenTofu Language Documentation
OpenTofu CLI Documentation
Check official documentation: OpenTofu CLI Documentation