Skip to main content
IMHCloud Logo
Back to glossary

Terraform

Terraform is an open-source Infrastructure as Code tool by HashiCorp that provisions and manages cloud resources using declarative configuration files written in HashiCorp Configuration Language (HCL).

Infrastructure

What is Terraform in cloud hosting?

Terraform is an open-source Infrastructure as Code (IaC) tool developed by HashiCorp. It allows you to define, provision, and manage cloud infrastructure using declarative configuration files instead of manual processes. You describe what resources you want, and Terraform figures out how to create them.

Terraform uses a domain-specific language called HashiCorp Configuration Language (HCL). This language is human-readable and allows you to define infrastructure components such as instances (virtual machines), networks, storage volumes, and security groups in text files that can be version-controlled alongside your application code.

Related Terms

  • Instance: A virtual machine running in the cloud, such as a compute resource created by Terraform using the OpenStack Nova provider.
  • Project: An organizational container in OpenStack that groups related resources, such as the tenant context Terraform uses when authenticating to provision infrastructure.
  • Virtual Private Cloud (VPC): An isolated network environment where cloud resources operate, such as the network topology Terraform can create and configure.
  • API Credential: Authentication tokens that grant programmatic access to cloud services, such as the OpenStack credentials Terraform requires to communicate with cloud APIs.

Why Terraform Exists

Before Infrastructure as Code tools existed, cloud administrators created resources manually through web dashboards or ad-hoc scripts. This approach caused several problems.

Manual provisioning is slow and error-prone. Creating identical environments for development, staging, and production requires repeating the same steps multiple times. Each repetition introduces opportunities for configuration drift where environments become inconsistent.

Scripts written to automate provisioning often become unmaintainable. They typically contain imperative logic that describes step-by-step how to create resources. When infrastructure changes, these scripts require significant rewrites.

Terraform solves these problems by providing a declarative approach. You describe the desired end state of your infrastructure, and Terraform determines the actions needed to achieve that state. If you want three instances with specific configurations, Terraform creates exactly that, regardless of what currently exists.

What Does Terraform Actually Do?

  • Reads configuration files written in HCL that describe desired infrastructure resources and their relationships
  • Builds a dependency graph to understand which resources depend on others and determines the correct order for creation
  • Queries cloud provider APIs to discover what resources already exist and their current configurations
  • Calculates a plan showing exactly what will be created, modified, or destroyed before making any changes
  • Provisions resources by making API calls to cloud providers like OpenStack, AWS, Azure, or Google Cloud
  • Maintains state in a state file that tracks the mapping between your configuration and real infrastructure resources
  • Detects drift by comparing actual resource configurations against the state file to identify manual changes
  • Supports multiple providers simultaneously, allowing you to manage resources across different cloud platforms in a single configuration

When Would I Use Terraform?

Use Terraform when you need to create repeatable infrastructure. If your team deploys the same stack to multiple environments or regions, Terraform ensures consistency. You define the infrastructure once and apply it wherever needed.

Use Terraform for multi-cloud deployments. If your organization uses OpenStack alongside AWS or Azure, Terraform manages all providers from unified configuration files. This eliminates the need to learn each provider's proprietary tooling.

Use Terraform when infrastructure changes frequently. The plan and apply workflow shows exactly what will change before execution. This visibility reduces the risk of unexpected modifications to production systems.

Use Terraform when you want infrastructure versioned in Git. Configuration files are plain text that integrate with standard version control workflows. You can review infrastructure changes in pull requests before applying them.

When Would I NOT Use Terraform?

Avoid Terraform for one-time resource creation that will never change. If you need a single instance for a quick test and will delete it immediately, using the cloud dashboard is faster than writing configuration files.

Avoid Terraform when your team lacks programming fundamentals. HCL syntax is straightforward, but effective Terraform usage requires understanding variables, modules, state management, and debugging. Organizations without this expertise may struggle initially.

Avoid Terraform for resources managed by other automation. If your Kubernetes cluster already manages certain cloud resources through its own controllers, introducing Terraform for the same resources creates conflicts. Choose one tool per resource type.

Avoid Terraform when state management is not feasible. Terraform requires a persistent state file that multiple team members can access. If your organization cannot provide secure, shared storage for state files, collaboration becomes difficult.

Real-World Example

Company A operates a SaaS application that requires identical infrastructure across development, staging, and production environments. Each environment needs an OpenStack project containing instances, a private network, floating IPs, and security groups.

Before Terraform, their operations team spent two days manually creating each environment through the Horizon dashboard. Configurations frequently differed between environments, causing bugs that only appeared in production.

After adopting Terraform, Company A wrote a single set of configuration files defining their infrastructure. They use Terraform variables to customize environment-specific values like instance counts and sizing. Creating a new environment now takes 15 minutes. They run terraform plan to preview changes and terraform apply to execute them. When they modify infrastructure, the changes propagate consistently to all environments through their CI/CD pipeline.

Frequently Asked Questions

What is the difference between Terraform and Ansible? Terraform provisions infrastructure resources such as instances, networks, and storage. Ansible configures software on existing servers. Many organizations use both: Terraform creates the infrastructure, then Ansible installs and configures applications on that infrastructure.

Does Terraform work with OpenStack? Yes. Terraform includes an official OpenStack provider that supports managing instances, networks, volumes, security groups, floating IPs, and most other OpenStack resources. You configure the provider with your OpenStack API credentials to authenticate.

What happens if I modify resources outside of Terraform? Terraform detects the difference during the next terraform plan operation. It shows the drift between actual state and your configuration. You can then choose to update your configuration to match reality or run terraform apply to revert the manual changes.

Is the Terraform state file sensitive? Yes. The state file contains resource identifiers, configuration values, and sometimes secrets. Store it in a secure backend such as encrypted object storage with access controls. Never commit state files to version control repositories.

Can I import existing infrastructure into Terraform? Yes. The terraform import command adds existing resources to your state file. After importing, you write configuration that matches the resource. This process allows gradual adoption of Terraform for infrastructure that predates your IaC initiative.

Summary

  • Terraform is an Infrastructure as Code tool that provisions cloud resources using declarative configuration files written in HCL
  • It maintains state to track real infrastructure and calculate precise changes needed during updates
  • Terraform supports multiple cloud providers including OpenStack, allowing consistent management across platforms
  • The plan and apply workflow provides visibility into changes before execution, reducing deployment risk
  • Configuration files integrate with version control, enabling code review and collaboration for infrastructure changes