Hi there,
we are now tracking some parts of our Cloud VPS infra using opentofu.
We have a repository [0] and some docs on wikitech [1].
As of this writing, we have support for a bunch of resources in tofu-infra, and we consider it to be the source of truth for at least the following elements:
* nova flavors * neutron networks, subnets, routers, routers ports and security groups * OpenStack projects * DNS zones, and some DNS records
Extending coverage to more resource types is in the roadmap [2].
We are in a transition period. There are a bunch of resources that have been migrated to tofu-infra, but others will be imported "as we go", because importing everything in one go is too heavy.
That being said, if you see yourself wanting to create or modify any of the resources mentioned above, you should do via tofu-infra. Ask for help if in doubt.
Be warned that some cookbooks, docs or other code bits may need update. Small regressions to some of our admin workflows are somewhat expected, as you may be the first one to eg, create a new project using tofu-infra, or create a new flavor using tofu-infra.
Additionally, I have been conducting a few cleanups in codfw1dev [4], for stuff like projects and security groups, with the goal of making this tofu-infra transition a bit less confusing.
Also note a refactor of the tofu-infra repo is incoming [3], although that should not affect which resource we track, only how the code is organized.
[0] https://gitlab.wikimedia.org/repos/cloud/cloud-vps/tofu-infra/ [1] https://wikitech.wikimedia.org/wiki/Portal:Cloud_VPS/Admin/OpenTofu [2] https://phabricator.wikimedia.org/T370037 [3] https://phabricator.wikimedia.org/T375283 [4] https://phabricator.wikimedia.org/T375604