In this article we’ll take a look at some of the leading technologies in the cloud orchestration space: Microsoft Azure Resource Manager (ARM), Hashicorp Terraform, and Cloudify. All three offerings have different approaches and philosophies, and all have their place in the ecosystem. Let’s take a look at them and identify the sweet spots for each.
Microsoft Azure ARM
Azure Resource Manager (ARM) is the user facing management software layer that is native to the Microsoft Azure cloud, and is delivered via a SaaS (Software as a Service) model. Of the three tools mentioned in this article, it is the only one that is cloud specific. It is commanded using a CLI, Azure Powershell, REST API, UI, SDKs, and JSON templates. ARM templates provide a declarative option to the other imperative tools. ARM performs resource viewing, creation, deletion, updating, and other management functions.
ARM templates provide an idempotent (redeployable), resource aware approach to deployments. This permits an infrastructure as code (IaaC) approach, where the template can serve as the source of truth (or at least desired truth). Like Terraform below, this enables repeated deployments without the risk of duplicating existing resources.
ARM allows for the tagging of resources, which can be used for billing reconciliation (using Azure services), as well as providing logical attributes for resources. ARM supports a vast and growing array of Azure services natively.
Hashicorp Terraform is an open source, cloud neutral resource automation tool that uses declarative templates to represent the desired state of virtual infrastructure. The template format is a proprietary format called HCL (Hashicorp Configuration Language). Commanded via CLI commands, Terraform detects differences between the desired state of cloud infrastructure with the actual current cloud state, and commands the cloud as needed to synchronize the cloud state with the desired state. Hashicorp is a strong proponent of the “Infrastructure as Code” (IaaC) approach, and so doesn’t CLIs or SDKs that offer an imperative alternative to their template format. Terraform is available as an on-premises tool or as a cloud service.
Terraform takes a passive approach to cloud deployment management. As a CLI tool, it is only “aware” of cloud state problems (e.g. a VM crashing), when it is performing it’s “plan” phase. For large deployments with many resources, the plan phase must make a large number of cloud API calls to detect the overall state, after which an “apply” command would heal the environment. And of course, this only addresses the problems detectable by cloud APIs. Application performance issues, which might require a restart, will never be detected or corrected by Terraform.
Cloudify, like Terraform, is an open source cloud neutral automation tool that uses the declarative template approach to cloud orchestration. Beyond being a tool, however, Cloudify is an easily user extensible platform. Cloudify uses a YAML based syntax for its templates. Unlike Terraform, Cloudify isn’t focused or limited to infrastructure automation, but takes a more holistic approach. Cloudify isn’t a command line tool, but rather a highly available service that uses a master/worker architecture to automate software deployments (cloud and non-cloud). Cloudify is available as an on premises deployment, and is in beta for a SaaS alternative.
Cloudify uses an active model for managing cloud workloads that isn’t limited to infrastructure. Cloudify’s template language can model infrastructure and non-infrastructure components in a deployment, and apply workflows across them. Cloudify integrates with Nagios to detect infrastructure and non-infrastructure issues in order to quickly correct problems in near real time.
As evidence for Cloudify’s extensibility and flexibility, it provides plugins for automating both Azure ARM and Terraform to allow a technology agnostic, best of breed approach. So it really isn’t a question of ARM vs Terraform vs Cloudify. Cloudify also has a built-in secret storage, high availability, and multi-tenant support.
Like all tools, their applicability is highly specific to a given user’s use case. If you are going to commit to a single cloud (rare) forever, and it happens to be Azure, then using Azure ARM tools and APIs is going to provide the most complete and up to date coverage of the Azure cloud’s capabilities.
If, on the other hand, you are not going to be married to Microsoft, you’ll be wanting to add a cloud neutral layer like Terraform or Cloudify. Terraform keeps things simple, and provides a clean abstraction via the IaaC philosophy. This can be effective at small scale and where high availability isn’t of high importance, but breaks down otherwise.
Cloudify, on the other hand, provides active management of workloads and a more flexible, standard, configuration language that isn’t limited to infrastructure management. Cloudify isn’t scale or latency limited by its implementation, and provides high availability out of the box. Because of Cloudify’s plugins for ARM and Terraform, the Cloudify vs Terraform or ARM isn’t really a choice you have to make. For future proofing vis-a-vis scale and extensibility, Cloudify is the superior, lower risk choice.