OpenTF is disconnected from reality.
They don't understand Terraform, they don't understand users, they don't understand the ecosystem, and they don't even understand who's at the table. Or that there is a table!
Let me explain how dumb this whole thing is... π§΅
1/75 (i know)
TL;DR: OpenTF is a failure and you should not be taking it seriously. At all.
This will be a very long thread. I know and I am sorry for that, but y'all really need to see the whole story to understand how utterly pathetic this whole drama is.
2/75
First up, some history.
On August 10 HashiCorp (the company behind Terraform, Vault, Packer, Vagrant, Nomad, Waypoint, Consul, and Boundary) changed licenses from the open-source MPL2.0 to the source-availabe-but-only-some-can-use-products-in-production-fuck-you BUSL1.1.
3/75
All of HashiCorp's products were affected, but Terraform is huge and OpenTF is focusing on Terraform so we'll also focus on that here.
We won't discuss why HashiCorp changed their license, what dumb things HashiCorp did or still does, or anything like that.
4/75
When HashiCorp announced the license change, there was β¨dramaβ¨ and, after a little while, OpenTF posted a manifesto.
The manifesto was pretty much "HashiCorp, please make Terraform open-source again cause it's awesome. We don't wanna be forced to fork it".
5/75
OpenTF really looked legitimate!
Sure, the manifesto was preachy as heck.
Sure, the name was a bit on the nose.
Sure, it was very early.
Whatever. It was looking very legit!
6/75
OpenTF got even more legit with support from key players in the Terraform community:
- GruntWork and CloudPosse, critical consulting companies advancing Terraform, pledged support
- Spacelift, a leading Terraform automation SaaS (and HashiCorp competitor), pledged support
7/75
OpenTF got even more legit: somebody that wasn't even in the Terraform community joined!
Oxide Company, a server hardware company that was using Terraform in their product, pledged support.
This meant "outside" traction and that was, in my view, a game-changer.
8/75
I, like the optimistic dumbass that I am, tweeted that.
I genuinely believed that OpenTF was legitimate and serious!
9/75
twitter.com/iamvlaaaaaaad/status/1691551956987265057
Aaaaand then things took a turn for the worse.
OpenTF got no other traction or support. If you were looking at the pledges on the manifesto there was a flurry of support coming in, but that was all bogus.
10/75
OpenTF got spammed with fake support.
Every single proof-of-concept Terraform Cloud startup pledged support.
Random 2-person consulting companies pledged support.
Random individuals pledged support.
Random first-year college students pledged support.
11/75
OpenTF had very little support that was real.
Of course everybody added their names to a list β it's free marketing without any real commitment!
"Sign here to save the starving orphans" is very different from "every evening spend 3 hours cooking for orphans", you know?
12/75
There were only a handful of legitimate supporters: Gruntwork, Spacelift, evn0, and Scalr. That's it!
Sure, other companies and individuals pledged _something_ but that was cheap marketing or just a show of initiative. The 4 companies above pledged actual resources!
13/75
Gruntwork is 25% of the legitimate supporters.
They are a consulting company. They started with Terraform consulting, then built open-source tooling around Terraform, paid Terraform templates, support and more.
They are awesome! They also pledged very abstract support.
14/75
The other 75% of legitimate supporters are Terraform Cloud competitors.
I'm not holding it against them, but they are the tiny percentage of people impacted by license change: they would have to pay licensing fees (debatable, but let's not get into legal stuff here).
15/75
That 75% of legitimate supporters aren't even that legitimate.
Spacelift, env0, and Scalr are startups: small and early companies. Hungry and determined, yes. But definitely not stable, mature, or with a plethora of resources at their disposal.
16/75
That's it!
OpenTF = 1 small consulting company + 3 small companies that would have to pay licensing fees without OpenTF + a bunch of empty shows of support from random people.
There is no community rallying behind OpenTF!
17/75
The community did not rally behind OpenTF. The community did not in any way, shape, or form show support for OpenTF. The community ignored OpenTF or passively watched the β¨dramaβ¨.
OpenTF sure manipulated public perception though!
18/75
OpenTF did great PR and marketing and, in my view, started to manipulate people.
OpenTF bragged to journalists about their spammy and fake numbers.
The companies behind OpenTF posted preachy and grandiose blog posts.
Aaaand everybody ate that shit up π€¦ββοΈ
19/75
As an aside, tech journalism is broken.
Without any due diligence or review, an overwhelming majority of journalists stupidly repeated the "over 100 companies and more than 350 individuals" line they got fed. WTF y'all couldn't even look at the list and click some links?!
20/75
Meanwhile, I was thinking that OpenTF was working on stuff in private.
I hoped they were talking with people and companies. I thought they were building up numbers. I assumed they were negotiating support.
We now know that OpenTF was coordinating PR puff pieces.
21/75
OpenTF could have tried to gather more support. We now know they did not.
Nobody else that mattered joined β 0 other big players in the Terraform ecosystem, 0 cloud providers (even small ones), 0 serious companies.
The list of supporters was growing but it was useless.
22/75
On August 18, OpenTF posted an update: HashiCorp MUST answer them by August 25.
Yes, OpenTF was DEMANDING that HashiCorp answer them and change Teraform's license back to the open-source MPL2.0 by August 25.
Yes, the barely-any-support OpenTF was now demanding things π€£
23/75
twitter.com/opentforg/status/1692602243701186852
OpenTF's demand showed they have no idea how this all works.
If you're in a fight with somebody and genuinely want to resolve the conflict you don't yell and scream in the streets. You take a breather and then discuss the problem in private. It's the same for business!
24/75
OpenTF could've demanded things nicely. OpenTF could've reached out to HashiCorp to figure out something mutually beneficial. OpenTF could've done so many other things.
Instead, OpenTF chose to make this needlessly aggressive.
25/75
At this point I realized OpenTF was complete bullshit.
I was hoping OpenTF would realize how silly this is and that they would regroup or that the whole drama would die down, so I only tweeted a meme and a "nevermind".
The drama did not die down, as you can see.
26/75
twitter.com/iamvlaaaaaaad/status/1693354475266638059
I tried to ignore this hoping it would go away. It did not.
In the following days OpenTF continued their marketing and PR efforts by spreading bullshit. They also made it very clear how out of their depth they are. Let me explain what I mean...
27/75
OpenTF does not understand how open-source works.
They assume Terraform is just a GitHub repository and that's it. That could not be further from the truth, but it looked great when they posted graphs of commits that showed just 5 HashiCorp engineers making changes.
28/75
Terraform is a lot more than 1 GitHub repository!
Terraform is HashiCorp talking with thousands of companies to figure out what to build.
Terraform is HashiCorp collaborating under NDA with clouds, vendors, and community members to build for the reality of tomorrow.
29/75
Terraform is a lot more than 1 GitHub repository!
The Terraform on GitHub is the "main", "stable", and "safe" version of Terraform. There are many forks and experimental versions of Terraform out thereβsome at HashiCorp, some at HashiCorp's partners, some in the wild.
30/75
Terraform is a lot more than 1 GitHub repository!
Terraform is not just code. Terraform is thousands of design documents, tens of thousands of discarded features and PRs, and millions of hours of engineering.
That's all hidden from us because HashiCorp handles it all!
31/75
But noooo, dumb-fuck OpenTF has the same level of understanding as an Intern: it's all code, how hard can it be? Just throw a bunch of developers at it and it'll be perfect!
Product people? HA, losers!
Documentation? HA, bums!
Talking to customers? HA, idiots not needed!
32/75
This was all a bit abstract and rant-y, so let's look at 2 examples.
When they should've been building up support, OpenTF was actually giving interviews, so we have a lot of examples of them being totally disconnected from reality and showing just how idiotic they are.
33/75
OpenTF doesn't even understand Terraform and I believe there are 2 examples that can resume the vast stupidity of OpenTF.
Example 1: state encryption.
Example 2: alternative interfaces.
I know this thread is long, but let's discuss these!
34/75
OpenTF doesn't even understand Terraform: state encryption.
An example of "look how mean HashiCorp is, they don't accept features and don't wanna work with the community" that OpenTF loves to quote is this pull request:
github.com/hashicorp/terraform/pull/28603
35/75
For folks that aren't deep into the Terraform world, Terraform basically keeps a list of all the resources it manages in a "state file". That file may include sensitive data if you're not careful.
The #28603 pull request is pretty much an "encrypt the state file" feature.
36/75
It sounds good, right? Who would not want potentially sensitive data encrypted? Because it sounds so good OpenTF uses it as an example.
But it's shit. Utter shit. A horrible feature to have. Which is why it wasn't added to Terraform.
37/75
Why is it shit?
What happens if you lose the key that was used to encrypt the whole list of cloud resources? Terraform is suddenly useless because it has no idea what resources to manage. Terraform just exploded in a customer's face, in an unrecoverable way.
38/75
Why is it shit?
Who actually has access to that maybe-sensitive state file that it needs to be encrypted? In reality, with common and not complex defaults that most people use, only machines have access to that file. And the file is encrypted at rest. And access is logged
39/75
This feature is pretty much "to protect the President of the USA it's not enough to have the Secret Service, bulletproof cars, and all that β we need to put Biden in a 2-ton metal cube that can only be opened with 1 flimsy key. Air for him to breathe, seeing him? Meh".
40/75
OpenTF does not understand Terraform users.
OpenTF does not understand that people sometime lose keys. Storage failure, accidental deletes, etc.
OpenTF does not understand that errors happen.
OpenTF does not understand that users need to balance security with usability.
41/75
I imagine HashiCorp understands this.
And even if they don't, they talked to a bunch of companies and collected feedback about the idea. Feedback that amounted to pretty much "nice, but too much of a footgun so maybe not".
Of course HashiCorp didn't merge the PR!
42/75
As an aside, that's not how open-source works!
You don't just randomly send a 2000-line change! You talk with the maintainers first: validate the idea, ask if somebody already looked into this and the results, ask if the maintainers would accept an implementation, etc.
43/75
Also, HashiCorp did not ignore this risk!
HashiCorp implemented features to better handle secrets in the state file (not putting them in the file, redacting values everywhere including in logs, education around best practices, etc). They just did not implement the footgun
44/75
In all the interviews and podcasts and YouTube videos that OpenTF did where they shared this example they made 1 thing clear: OpenTF does not understand open-source, OpenTF does not understand Terraform users, and OpenTF has no clue how to build a product.
45/75
Example 2 of OpenTF not understanding anything: alternative interfaces.
Another example OpenTF used to show "look what we could do with Terraform if we can take it out of HashiCorp's evil hands" was alternative interfaces for Terraform.
Get ready, this gets even dumber!
46/75
The idea for alternative interfaces is pretty much "you can only use Terraform through the command-line-interface which is pretty limited. What if you could use it as a library or as an API? That could be awesome"
OpenTF heavily pushed this as something only they could do
47/75
OpenTF heavily pushed this as a next-generation Terraform and as something only they could do in the open open-source and open ecosystem and ooooh, bad HashiCorp did not do this and are clearly a failure and stuff.
HashiCorp did this! OpenTF is hilariously uninformed π€¦ββοΈ
48/75
The idea of alternative interfaces for Terraform is super-old.
I was personally in conversations about this in 2017. Yes, more than 5 years ago! A lot of people wanted CloudFormation-like APIs for Terraform so they could use Terraform for SaaS tenant provisioning.
49/75
HashiCorp invested *a lot* in this!
HashiCorp had a lot of conversations with customers about this. They collected requirements, discussed usage scenarios, debated implementations, and discussed roadmaps with A LOT OF stakeholders.
50/75
HashiCorp invested *a lot lot* in this!
HashiCorp designed, reviewed, and shared a lot of ideas and prototypes with the people that wanted this! I saw a bunch of them. Heck, a bunch were even made public: go-tfe, terraform-exec, terraform-k8s, terraform-cloud-operator!
51/75
HashiCorp invested *a lot lot lot* in this!
Since people were sharing their company's roadmap and since HashiCorp was sharing their roadmap, this was all done under NDAs.
Of course you can't see that in the GitHub repository for Terraform! Nobody wants that in public.
52/75
I won't break NDAs here, but the "let's do alternative interfaces for Terraform" widely known conclusion was pretty much "yeah, this is a shit-ton of effort (and probably requires a large re-write) for little benefit, but ββββ ββββββ ββ βββ βββ ββ".
π
53/75
Please note that I, Vlad Ionescu, know this. My job is not to be a Terraform expert. Not even remotely! I'm barely a Terraform user. And yet, I know all that!
The so-called Terraform experts behind OpenTF did not know this. Or they did and hid it in their many interviews.
54/75
"Only OpenTF can implement these awesome things and save Terraform, but we have no idea what this is or what was already done for this"
The so-called Terraform experts behind OpenTF are either clueless or manipulative. I don't know what's worse, but both are dangerous.
55/75
To recap the last 55 tweets:
π
OpenTF has little-to-no supporters
π« OpenTF doesn't understand open-source
β OpenTF doesn't understand products
π² OpenTF doesn't even understand Terraform
β OpenTF doesn't understand who is involved in Terraform
π€ OpenTF is manipulative
56/75
If, somehow, you're not convinced of the above statements, there are a lot more examples! This thread is ridiculously long tho, so I chose what I believed were the clearest and easiest to explain. But OpenTF proved how dumb they are with a looooot more actions. Repeatedly!
57/75
I saw all this and I was trying to ignore it in hopes it all goes away. Or OpenTF realizes how moronic they are. Or somebody educates them. Or something.
Instead, a bunch of trusted tech leaders jumped on to praise the effort because it was a hot topic and drama == money.
58/75
I won't go on a whole rant here about how much we, the tech community, failed at this.
I won't rant about how we, the trusted leaders that people look up to for informed opinions, just... shat the bed.
59/75
On August 25 OpenTF officially announced they were forking Terraform.
This was wildly reposted and so very popular buuut to anybody actually paying attention, OpenTF yet again proved how utterly disconnected from reality they are. But hey, free marketing for 4 companies!
60/75
twitter.com/opentforg/status/1695094626615734420
This thread is ridiculously long already and I don't want to go line-by-line and show how imbecilic they are, but let's look at 1 example.
61/75
OpenTF features will be proposed though a public Request For Comment (RFC) process.
With OpenTF largely ignored by the community and with OpenTF not having HashiCorp's large network of customers to talk to, just how many replies you think they'll get?
62/75
RFCs are the nerd version of "please complete this survey". Somebody posts an idea and then others share their feedback and thoughts.
Unless you get people to complete the surveys, your results will be utterly useless!
63/75
OpenTF yet again fails to understand how companies and how open-source works.
Engineers reply to RFCs because a company pays them to.
Companies mostly reply to RFCs in private after a business partnership is done and after an NDA is signed.
64/75
Don't get me wrong, OpenTF will get replies to their RFCs.
A few. A small and very biased sample made out of their customers + open-source fanatics + eager fans. With OpenTF already having proved they have no idea how to build a product, I fear what the result will be.
65/75
Worse, Spacelift, evn0, and Scalr made it clear they are not companies to partner with.
A SaaS used for infrastructure is a critical partner, not just a vendor! With all their statements, they all made it clear they don't care about their customers.
66/75
Negotiate a license with HashiCorp so customers can keep their businesses running?
Spacelift: PAAAAASSSS. LAME!
Spend at least a few million dollars a year building and maintaining a fork of Terraform and force customers to use this shitty alternative?
Spacelift: YAAAS!
67/75
"Instead of paying HashiCorp licensing fees, Spacelift will spend $1m/year on OpenTF and fuck over all customers by forcing them to adopt OpenTF" is... something.
I certainly hope Spacelift has a different stance in private conversations with their customers.
68/75
As an aside, dear Spacelift: y'all do realize that you're basically telling HashiCorp "it would be more cost efficient for us to pay any licensing fee that's smaller than the cost of 5 full-time engineers ($1mm/yr at the lowest range)", right?
69/75
If I was HashiCorp I'd be evil and literally charge Spacelift $(5FTE - 1$) as a licensing fee. Thank the heavens I am just a dum-dum on the internet!
70/75
Getting back to the point, with the latest announcement OpenTF continues to prove they are not serious.
They don't understand Terraform, they don't understand how Terraform is built, they don't understand the wider ecosystem, and they don't even understand open-source.
71/75
Why would I use OpenTF over Terraform?
There are no reasons to do so! Not today and not tomorrow.
OpenTF can put out all the hopeful and excited statements they want, but they again and again proved they have no idea what they're doing so why would you use OpenTF?
72/75
What should you do?
Keep using Terraform and ignore this bullshit. Re-visit the situation in 3 months and see if you need to change anything. Maybe, by some miracle, OpenTF will get serious and actually build something. Highly un-fucking-likely.
73/75
I have a feeling both Terraform and HashiCorp will end up being better, both as a company and as a product.
Just like MongoDB: they had their licensing drama but they're now both a more comprehensive database and a better company π
74/75
HashiCorp may fuck it up, but they're on the right path.
OpenTF might've been an alternative path but they have, time and time again, proved that they cannot be taken seriously.
75/75
Vlad Ionescu (he/him)
@iamvlaaaaaaad
sugarbaby cosplaying as a tech consultant β’ mean eastern european with unrealistically high expectations and unreasonable quality standards π³οΈβπhe/himπ³οΈβπ