A well-designed Terraform module is a force multiplier — one module can standardize infrastructure across 50 teams and prevent the same misconfiguration from happening twice. A poorly designed module is a different kind of multiplier: it spreads complexity, creates tight coupling, and makes every change a breaking change. The difference comes down to design patterns. Terraform does not have classes or inheritance, but it has something better: composition.
151 posts tagged with "DevOps"
DevOps practices, CI/CD, and automation
View All TagsIt's 2 AM. Your primary region (us-east-1) is experiencing a major outage. Your CEO is calling. Customers are tweeting. And you're realizing that "we'll figure out DR later" was not a viable strategy. Disaster recovery isn't about preventing failures — AWS regions go down, AZs have issues, services degrade. DR is about how fast you recover and how much data you can afford to lose.
When a user reports that checkout is slow, monitoring tells you that latency spiked. Observability tells you why — the payment service waited 3 seconds for a database query that normally takes 20ms because a missing index caused a full table scan on a table that grew past 10 million rows last Tuesday. That's the difference.
It is Friday afternoon. You deploy a new version of the payment service. The rollout stalls. Pods are stuck in CrashLoopBackOff. The previous version is still serving traffic (thanks to rolling updates), but if you do not fix this soon, the old ReplicaSet will scale down and you have an outage. You need a systematic approach, not a panicked kubectl delete pod loop.
You just deployed a server on the internet — here are the 20 things you must do before going to sleep. Every minute an unhardened server is exposed, automated scanners are probing it. Shodan indexes new IPs within hours. This isn't theoretical — this is Tuesday.
Terraform state is the single source of truth for what Terraform manages. When you refactor your code — rename a resource, move it into a module, split a monolith into separate state files — the state needs to match. If it does not, Terraform sees a "delete old thing, create new thing" plan instead of recognizing it as the same resource with a new address. State surgery is how you fix that mismatch without destroying and recreating production infrastructure.