How UCloud Leverages Terraform for Faster, Safer Cloud Resource Orchestration

Background

As user resource consumption on UCloud grows exponentially, manual API/SDK scripts cannot meet demand. UCloud’s R&D team built a Terraform‑based resource orchestration tool to lower management cost, provide safe, reliable, consistent product experience, and reduce migration risk.

Terraform represents industry‑leading technology and standards. Combined with UCloud CLI, the new tool extends Terraform’s capabilities, enabling programmable infrastructure. In a case where traffic is offloaded via ULB to cloud hosts, build time dropped from 3 min 20 s to 43 s, improving efficiency, stability, and descriptiveness.

What is Terraform?

Terraform is an open‑source multi‑cloud resource orchestration tool from HashiCorp, with a rich ecosystem and partnerships with major cloud providers.

Users describe infrastructure with HCL (HashiCorp Configuration Language). Terraform parses the configuration, builds a dependency graph, creates an execution plan, and calls UCloud public‑cloud APIs to manage the full lifecycle.

Key features of Terraform include:

Broad compatibility – over 40 public cloud providers, including four Chinese clouds such as UCloud, and more than 200 software services.

Infrastructure as Code (IaC) eliminates semantic ambiguity and reduces human error.

Readable execution plans enable thorough change review.

Directed Acyclic Graph (DAG) allows parallel execution of independent changes.

Application Scenarios

Terraform benefits users by reducing time spent on initial cloud service setup and simplifying complex change logic to ensure infrastructure safety.

Common problems solved by UCloud’s orchestration tool:

CI/CD automated resource management

Peak‑time scaling

Deploying complex topologies (e.g., multi‑region, multi‑center architectures)

Example: SaaS provider Yike integrated UCloud Terraform orchestration to manage resources across multiple clouds, avoiding the cost of building a custom platform.

Lifecycle

The lifecycle of a Terraform‑driven resource creation on UCloud includes core Terraform processes, provider processes, and provisioner processes.

Core process handles configuration, DAG construction, and state storage. Provider process implements cloud‑specific actions (e.g., UCloud resources). Provisioner process runs post‑creation steps such as shell commands or file uploads.

UCloud Resource Orchestration Practice

Key engineering requirements:

High success rate in complex environments.

Product consistency for seamless migration.

Robust engineering quality for critical infrastructure.

Optimizations include fault‑tolerance, integration capability, and engineering quality.

Fault‑Tolerance Optimization

Terraform’s plan‑and‑apply separation allows users to review changes before execution. UCloud customizes Diff logic to block conflicting actions (e.g., preventing duplicate high‑speed channels) at the planning stage.

Error information is formatted as a four‑tuple (verb, action, resource name, ID) and presented in natural language, enabling precise source‑line identification.

Idempotent operations are automatically retried; non‑idempotent operations rely on Terraform’s state management to safely re‑execute only failed steps. Exponential backoff and graceful shutdown further improve resilience.

Integration Capability Optimization

Terraform excels at infrastructure provisioning but is less suited for ad‑hoc tasks like start/stop. UCloud extends functionality with a CLI tool that can query and restart resources created by the orchestration system.

The orchestration tool can invoke the CLI directly, reusing topology information such as host lists and network CIDRs, thereby expanding product integration capabilities.

Engineering Capability Optimization

UCloud emphasizes smooth cross‑version and cross‑cloud migration, automated API change handling, and rigorous quality assurance.

Version migration follows Terraform’s schema change policy, providing automatic state migration for breaking changes.

A unified API management platform models APIs, records idempotency, and generates Go SDKs automatically, reducing manual effort and ensuring safe retries.

Continuous integration pipelines (Travis CI, GitLab CI, TeamCity) enforce code style, unit, integration, and regression testing, while static analysis tools (GoReportCard, SonarCloud, Gocyclo) maintain an A+ quality rating.

Conclusion

Terraform has become a de‑facto standard for resource orchestration. UCloud’s deep exploration of Terraform’s internals and extensive engineering optimizations deliver a reliable, high‑performance cloud‑native orchestration system.