Terraform, Vault, Nomad etc by HashiCorp moving away from Open Source

thewitchofcalamari@bookwormstory.social to Technology@beehaw.org – 113 points –
HashiCorp Abandons Open Source for Business Source License
thenewstack.io
  • HashiCorp is moving its products previously licensed as Open Source away from it to Business Source License (BSL) moving forward
  • Terraform is a popular Infrastructure as Code tool used for provisioning cloud resources like AWS, Azure among others
  • Terraform version 1.5.5 and earlier are still open source
  • there is a push for a community maintained open source fork if this decision is not reversed, OpenTF

Gruntwork response on the problem with BSL

25

We will see how this plays out... Terraform is awesome but the product would not be very popular today if open source developers hadn't worked for 10 years for free to maintain and update it.

Now they take all their work and decides it's not open source anymore, because hashicorp needs to make money.

I for one am recommending pulumi for any of my teams new infrastructure needs.

I used pulumi but it's much worse than terraform. I didn't used to think so before I learned terraform however.

My main reason to dislike pulumi is that you have to work around it's async behavior in python. Maybe it's better and more natural if you use typescript, but I had to constantly wrap methods in Outputs and other things to get the code to work.

I had to adapt my code to how pulumi worked all the time. With terraform, I just write it and it works.

So I'm using it with Python. For me it's able to do some stuff that terrafom never would be able to (Ive got a spot where resources are generated for each file/object on disk).

Give me an example... What file on disk are you generating a pulumi resource from?

We've got it rigged up for aws sso. Each department can make any number of permissions sets (and link to any number of groups). The config for that is all stored in git (with code owners configured so you can only mess up your own stuff).

I wonder how many of those "open source developers", are actually employees of the same companies HashiCorp is accusing now of competing against them. No company is going to pay their employees to contribute to a piece of software, that they then have to buy a license for... so this can very well mean that HashiCorp is cutting off contributions from the same people most capable of contributing in the first place.

No, just new versions.

Not so "just". Terraform open source version went into a fork. Who will work on that one and who will continue with the hashicorp version? It's a split in the community now, and I bet most devs will continue on the hashicorp version.

I bet most devs will continue on the hashicorp version

Only the hobbyist ones. Every dev paid for by a company using the products, will be on the OpenSource fork.

It's something companies often forget: open source, and the GPL in particular, is a way for companies to cooperate. Use the AGPL if you want to prevent unfair server-side competition. Switching to the BSL is restricting cooperation to only those with less experience.

PS: IANAL, but by reading MariaDB's guidelines for the BSL, HashiCorp may not even have applied it correctly.

We were considering Vault, I guess we'll look into alternatives now, are there any decent Free Software ones in the first place?

I'm not an infra dev, but a previous project used SOPS and it seemed alright

For the people who continue to work on the open source fork of terraform, can HashiCorp pull their commits into their closed source BSL fork?

I would assume not, but I am curious if there's some weird workaround of their previous license that they still own contributions

The integrations with other services are implemented in plugins which are separate programs, that are installed separately, and communicate with the core over RPC. I would imagine these plugins can continue to be licensed however their owners choose. I think this license change just applies to core.

7 more...

I was hit aggressively by HC sales team last year, we are using TF and Vault, and were looking to add consul, now it is pretty vauge how it will all pan put

Not that I'd know much about this, but can't you easily replace terraform with some script that remotely installs NixOS?

i dont think theyre equivalent tools since Terraform is used for things like creating cloud VMs with the selected OS image, configuring subnets and route tables among other things which i dont believe NixOS is meant for

Terraform is great automation, but it really shines over scripts in a few ways:

  • intrinsic documentation for your infrastructure
  • much less brittle to differences in the initial state
  • changing your setup later doesn't require any new script logic, just a simple config change
  • much better support for collaborative editing