👋 Hey folks, quick question for you all! How are you currently handling Terraform resource management in your Kubernetes environments? 🤔 I came across this something called Terranetes Controller which is open source that’s designed to manage Terraform resources in K8s, with a focus on giving platform teams more control over security and compliance before developers can self-serve. Has anyone tried it or used something similar? Would love to hear your experiences or thoughts on it!

Hey Amir! I haven’t used the thing and possibly wouldn’t. The main reason is, that it focuses on infra alone - a task that is for sure important, but also incomplete. Usually you need infra that is connected to an application so that the combination serves a purpose. If you look at the tooling landscape, platform orchestrators are the kind of platform component, that will look at the combination and deliver consistent outcomes instead of infra that needs to be configured and connected to apps by the PE team.

Personally we draw the line of what's infrastructure at "outside the cluster" and "inside the cluster". We control everything in the cluster via ArgoCD, and everything outside (including the cluster itself) via terraform. Terraform at least for us wasn't the right tool to manage k8s resources

Crosslane is the most common Kubernetes tool for managing Infrastructure, Many of the crossplane providers are built using Upjet which generates crossplane code from terraform providers.

Our experience with the upjet controllers has not been great. We are big fans of leveraging kubernetes controllers to manage all kinds of in-cluster and external resources, but wrapping terraform with a controller is not the way to do it, IMO. For example, we have used the upjet rds controller, and some of the (what I would consider) baseline functionality seems to be broken. The "external-name" of the RDS resources did not match the actual resource, deletion of the database often did not work, and conflicting resource attributes yielded runtime states that the controller seemed to not be able to deal with. These were just some of the things we ran into. On the contrary, we have had a lot of success with the "native" (non-terraform) Crossplane RDS controller.

Cluster-API for cluster creation, Flux for in-cluster microservices and crossplane for outside cluster requirements Managed resources i.e IAM, Buckets etc .. This allows me to take advantage of kubernetes control loop and standardize on kubernetes manifest.