gburiola
commented
5 years ago Hi @Karthickarumugam
I'm glad you've been using kapitan and are now considering using it for your terraform templates as well.
We started using kapitan to generate TF templates about 1 year ago after getting frustrated with some limitations of the HCL language. This blog post is old but explains it well
HCL2 will solve many of those problems but we didn't know when exactly it would be released and we didn't want to wait. In addition to that, after looking at some early specs of HCL2, we felt that although it is a significant improvement over HCL1, it would still have a few limitations.
For example, jsonnet has a more comprehensive list of standard library functions than terraform built in functions.
We also use jsonnet asserts to restrict and validate input values at "kapitan compile" time. You can for example limit the cloud regions you're allowed to use.
We manage dozens of GCP accounts using kapitan to generate the terraform code. Using the templates allows you to reduce code repetition. We could achieve that with TF modules as well but it's not as flexible as templates.
Another great feature of kapitan is the hierarchical inventory. If you use plain terraform modules with variables to manage say 20 projects, you'll end with with 20 identical sets of variables. With kapitan you can have hierarchical variables for "all dev environments" or for "all environments in region X"
I agree that writing the TF templates adds a bit of overhead but at least for us it fells like it was the right choice. You can use tools like hcl2json to help you creating the templates.
You can also find some other interesting arguments in this blog post from databricks.
ademariag
We are moving away from helm and started using kapitan.
On the other side, can you give me some reason why we should use terraform template instead of using terraform directly?
Any special feature we would get if we use kapitan template? Personnel i feel it is extra step to use terraform in kapitan, but open minded to explore.