- Status: approved
- Last Updated: 2021-05
- Builds on: Use Terraform for Infrastructure Management, Monorepo for Code Management
- Objective: Determine if Terraform should be centralized or decentralized
Terraform for a project generally lives in a terraform/ directory. However, our repository includes multiple components as standalone services. Should infrastructure ownership be standalone, or should each service own it's own dependencies?
- Delivery across the project has a single lead
- Dependencies are more easily managed with a centralized terraform definition
- Terraform at
/terraform: Terraform is contained in a single directory - Terraform per Component: Each component (website, content-api, and delivery) has independent terraform definition & state
- Terraform Controller & Modules per Component: Terraform has centralized resources at
/terraformand each component supplies it's own module. Each component may optionally provide it's own terraform entrypoint to be independently tested.
Chosen option: "[option 1] Terraform at /terraform".
With a single engineer overseeing responsible for terraform excellence and knowledge unevenly spread across the team, we want to avoid "premature optimization" of the components.
- We have an "infrastructure monolith"
- The infrastructure monolith further risks us falling into the "distributed monolith" anti-pattern for the application
- As an example terraform implementation, we will be less effective at showing how service teams can own their own infrastructure
- https://www.terraform.io/docs/language/modules/develop/composition.html
- https://opencredo.com/blogs/terraform-infrastructure-design-patterns/
- https://www.hashicorp.com/resources/evolving-infrastructure-terraform-opencredo
- User Journey: #25