Software Engineering Daily - Episode: OpenTofu with Cory O’Daniel and Malcolm Matolka
Release Date: May 27, 2025
In this engaging episode of Software Engineering Daily, host Shawn Falconer invites Cory O’Daniel, CEO of MassDriver and founding member of OpenTofu, and Malcolm Matolka, co-founder at Terra Team and also a founding member of OpenTofu, to delve deep into the inception, development, and future of OpenTofu—an open-source alternative to Terraform for managing infrastructure as code (IaC).
1. Introduction to OpenTofu (00:00 - 04:28)
Shawn Falconer sets the stage by introducing OpenTofu, highlighting its purpose as an open-source tool that allows users to define, provision, and manage cloud and on-premises resources using a declarative configuration language. The emphasis is on ensuring an open and community-driven approach, prioritizing compatibility and extensibility across diverse deployment scenarios.
Notable Quote:
Cory O’Daniel [00:59]: "Cory and Malcolm, welcome to the show."
2. Origins of OpenTofu: Forking Terraform (01:46 - 06:40)
Cory and Malcolm recount the pivotal moment leading to OpenTofu's creation. Malcolm shares how a change in HashiCorp's licensing prompted a community-driven response to ensure a truly open source IaC tool. They mobilized industry peers across various organizations to explore the feasibility of forking Terraform, leading to the rapid formation of OpenTofu.
Notable Quotes:
Malcolm Matolka [01:46]: "We decided to put our efforts into figuring out if it was plausible to do a fork of a project as big as Terraform."
Cory O’Daniel [04:28]: "What happens after that? Like, how do you actually go? [...] it takes a lot of execution from there to actually turn it into something."
3. Community and Foundation Governance (06:15 - 15:44)
The discussion shifts to the role of community support and the governance structure of OpenTofu. Malcolm explains how various companies pledge support by dedicating full-time employees to the project, fostering a collaborative environment free from corporate ownership influences. This foundation-backed model ensures OpenTofu remains truly open source, aligning with community interests rather than singular corporate agendas.
Notable Quotes:
Malcolm Matolka [06:15]: "Our support is less monetary and person time and more about kind of like almost like marketing, [...] we get what the users are interested in."
Malcolm Matolka [14:50]: "You really can't stress the importance of OpenTofu being part of foundation enough."
4. Features and Innovations in OpenTofu
a. Stateful Encryption (23:53 - 26:36)
A standout feature of OpenTofu is stateful encryption, which enhances security by allowing users to encrypt their infrastructure state. Malcolm discusses its implementation, emphasizing its ease of use and robust encryption management options, including integration with various Key Management Services (KMS) like AWS and GCP.
Notable Quote:
Malcolm Matolka [24:02]: "It might have a password in it or whatever. But honestly, [...] encrypting that is more than just encrypting some secrets."
b. OpenTofu Registry (26:36 - 29:04)
Building an open-source registry was a significant early challenge. Malcolm details the process of replicating Terraform’s registry, ensuring it is open and independently hosted (initially by partners like Cloudflare and Fastly). This move underscores OpenTofu’s commitment to transparency and community trust.
Notable Quote:
Malcolm Matolka [27:00]: "We don't want any company having information about the download rates of these modules and providers."
5. Roadmap and Community-driven Development (20:26 - 31:27)
OpenTofu’s development roadmap is heavily influenced by community feedback and RFCs (Request for Comments). Malcolm emphasizes the importance of maintaining compatibility with Terraform while allowing the community to shape future features through a transparent voting and discussion process.
Notable Quotes:
Cory O’Daniel [20:21]: "How do you continue to evolve it and how does community get factored into that?"
Malcolm Matolka [20:26]: "We have our RFC process. And that right there, [...] that's the real roadmap of where OpenTofu goes."
6. Infrastructure as Code Adoption Challenges (35:51 - 45:20)
The conversation shifts to the broader challenges organizations face in adopting IaC. Cory and Malcolm discuss how many companies struggle with operational overload and cultural inertia, which hinder the adoption of IaC practices. They advocate for incremental implementation—starting with new projects rather than overhauling existing infrastructures.
Notable Quotes:
Cory O’Daniel [35:51]: "The number one reason for outage is configuration issues."
Malcolm Matolka [41:07]: "How little as an industry we invest in our operations teams [...] Any OPS person that's listening to this, you are the force multiplier in your business."
7. Testing and Best Practices in IaC (35:51 - 40:35)
Malcolm elaborates on the complexities of testing infrastructure code, highlighting the necessity of rigorous testing beyond mere application of configurations. He shares best practices like defining use cases for each infrastructure component and implementing comprehensive test suites to simulate production scenarios and validate functionality.
Notable Quote:
Malcolm Matolka [39:44]: "Prod is the one and only source of truth, no matter what anybody tells you."
8. Cultural Barriers and Organizational Challenges (40:35 - 46:23)
The discussion highlights how cultural resistance and lack of proper investment in DevOps teams can impede IaC adoption. Malcolm underscores the importance of easing teams into IaC and providing adequate support and resources to prevent burnout and frustration.
Notable Quotes:
Malcolm Matolka [45:43]: "How do you even like go backwards? Right?"
Malcolm Matolka [46:23]: "It's definitely cultural. [...] Particularly in larger organizations with teams across different time zones."
9. Migration and Interoperability with Terraform (30:27 - 31:27)
Cory and Malcolm discuss the seamless migration capabilities of OpenTofu from Terraform, emphasizing features like backward compatibility and the ability to interoperate without being locked into Terraform’s ecosystem. They highlight OpenTofu’s flexibility in allowing organizations to switch without jeopardizing their infrastructure configurations.
Notable Quote:
Malcolm Matolka [26:36]: "That’s one of the ways that builds this trust even though we don't, you know, make a stink about it."
10. Conclusion and Future Outlook (45:21 - End)
In wrapping up, Cory and Malcolm reiterate the significance of OpenTofu’s foundation-backed, community-driven approach in creating a sustainable and open IaC tool. They encourage ongoing community participation to shape OpenTofu’s evolution, ensuring it remains responsive to user needs and industry demands.
Notable Quotes:
Cory O’Daniel [48:22]: "Well, Corey, Malcolm, this was awesome. Thanks so much for being here."
Malcolm Matolka [48:25]: "Yeah, thank you. It was awesome."
Key Takeaways:
- OpenTofu was born out of a need for a truly open-source IaC tool, free from corporate ownership constraints.
- Community and Foundation Governance are central to OpenTofu’s sustainability and trustworthiness.
- Innovative Features like stateful encryption and an open registry distinguish OpenTofu from Terraform.
- Community-driven Development ensures that OpenTofu evolves based on user feedback and collective needs.
- Adoption Challenges in IaC are largely cultural and operational, necessitating strategic, incremental implementation.
- Testing Practices must go beyond configuration validity to ensure infrastructure reliability in production environments.
- Migration to OpenTofu is designed to be seamless, offering organizations flexibility without lock-in.
OpenTofu represents a significant stride towards a more open, collaborative, and community-focused infrastructure as code ecosystem, addressing both technical and cultural challenges in the modern cloud landscape.
