Driftctl: A Tool to detect Infrastructure Drifts

TL;DR

The team behind the infrastructure-as-code collaboration platform for DevOps, Cloudskiff, recently released the first version of a new open-source command-line interface tool called driftctl to help combat infrastructure drifts.

The company stated that the goal of this new tool is to help infrastructure developers, DevOps, SRE, and cloud practitioners help manage all types of infrastructure drifts.

“We built Driftctl to help developers know when things change on their IaaS, whatever reason it does, and give them a good overview of their infrastructure-as-code coverage.” The team said in their official announcement.

What Driftctl does is to make sure that it warns you of infrastructure drift before they become a problem, whereby it runs the Terraform state files against the actual infrastructure
What Driftctl does is to make sure that it warns you of infrastructure drift before they become a problem, whereby it runs the Terraform state files against the actual infrastructure
Key Facts
  1. 1

    Driftctl is designed to monitor, examine, highlight and notify users of infrastructure drift.

  2. 2

    Driftctl is an open-source tool using an Apache 2.0 license.

  3. 3

    It scans the Terraform state of the files and simultaneously compares it with the infrastructure state on provider sites.

  4. 4

    It arranges these notifications of drift according to importance, leading with those that might have severe effects. Developers and other users of driftctl would be able to filter the notifications that they wish to ignore.

Details

Infrastructure-as-code tools make it easy to provision servers and other infrastructure components on public and private clouds. When constant changes, version and configuration differences, with faulty processes, are made to infrastructure even when controlled by tools such as Terraform and other similar tools, it could lead to what is known as Infrastructure drift.

Despite diligence and carefulness from DevOps teams and infrastructure developers, infrastructure drift could still happen. Sometimes tools such as Terraform, fail to catch the update that was made to an infrastructure code. This is however not due to the incompetence of Terraform but due to the fact that Terraform runs without taking into account the capacity of humans to make errors.

Infrastructure drift causes a lot of headache for developers, it means spending a lot of time and energy fixing bugs caused by this infrastructure drift. It could lead to a bunch of security problems, deployment failures, and cost you a lot of money.

What Driftctl does is to make sure that it warns you of infrastructure drift before they become a problem, whereby it runs the Terraform state files against the actual infrastructure.

The most important however is that driftctl doesn’t just catch changes made on the Terraform state files but also notifies you of manual changes that might have been made on the Cloud application programming interface. While Driftctl notifies you of the drift, it doesn’t fix them. However, this is apparently part of the plan for versions to come.

“So far, Driftctl detects and warns of infrastructure drift but does not correct it.” Said Driftctl CTO Stephane Jourdane. He continued, saying “But providing corrections of the drift events is definitely something that we’re planning as a second step of the project. Part of this remediation will be proposed as pull requests with some additional code matching the change detection.”

Alongside that, the team hopes to release updated versions that support other cloud providers apart from AWS and just Terraform as those are what the initial version supports. The team said they did not want to wait to add support for more before releasing driftctl.

Future releases will add support for a lot more, but we didn’t want to wait to release this early. Those releases support what we thought were the most common services on AWS, and this was also backed with hours of interviews with DevOps practitioners around the world those last months. So we started with EC2, S3, IAM, RDS, and Lambda, and we’re already working on supporting VPC, CloudFront, Aurora, DynamoDB, API Gateway, SNS/SQS, ECS/EKS/ECR, or KMS. The coming weeks will be exciting!” The team promised in their official announcement.


Get similar stories in your inbox weekly, for free

Is this news interesting? Share it with your followers

Latest stories


Why Golang Is Widely Used in the DevOps and Cloud Native Space?

The Golang programming language has been rising to popularity in the DevOps community in recent …

The app used by the organization's staff for their activities, Facebook Workplace, is also down.
Facebook, WhatsApp, Instagram Prolonged Downtime: Facts and Impacts

A news report on a recent outage to the apps managed by Facebook inc.

What are the criteria for selecting a Magento agency?

Magento development company can help the business step up its eCommerce website to ensure its …

7 Remote Working Tools That Simplify Your Work

With the tools mentioned below, remote work has proven to become much more manageable.

DevOps: Report on DevOps Practices by DORA

The report is drafted from a report release of the annual research and survey of …