**OpenTofu** is the fully open source fork of Terraform, created after HashiCorp changed Terraform's license to the Business Source License (BSL) in 2023. It is now a Linux Foundation project. OpenTofu maintains wire-level compatibility with Terraform — existing `.tf` files, providers, and modules work without modification. --- ### First Principle: Infrastructure should be expressed as code, version-controlled, reviewed, and applied idempotently. OpenTofu lets operators declare what infrastructure should exist — VMs, networks, DNS records, firewall rules — and automatically calculates and applies the changes needed to get there. This is the foundation of repeatable, auditable infrastructure management. --- ### Key Considerations - **Declarative Language (HCL)**: Infrastructure is described in HashiCorp Configuration Language (HCL). OpenTofu plans the diff, operators review it, OpenTofu applies it. - **State**: OpenTofu maintains a state file recording the actual resources it manages. State can be stored remotely (S3, [[Ceph]], etc.) for team use. - **Providers**: Providers connect OpenTofu to APIs — [[OpenStack]], AWS, GCP, [[Kubernetes]], DNS, etc. The OpenTofu Registry hosts thousands of providers. - **vs [[Ansible]]**: OpenTofu is for provisioning infrastructure (creating/destroying resources). [[Ansible]] is for configuring what's already been provisioned. They're complementary. - **Modules**: Reusable infrastructure patterns packaged as modules. A well-designed module library turns infrastructure provisioning into composable building blocks. --- ### How It Fits ``` OpenTofu (declares infrastructure: VMs, networks, DNS) → [[OpenStack]] / [[Kubernetes]] APIs → [[Ansible]] (configures what OpenTofu provisioned) → [[ArgoCD]] (keeps Kubernetes resources in sync with Git) ``` [[Ansible]] | [[ArgoCD]] | [[OpenStack]] | [[Kubernetes]] | [[Open Source Hyperscaler MoC]]