[TimMurnaghan]

Bit of a leap of logic there. Using proprietary cloud services is the decision that causes lock-in, not the tool you use for managing it. Terraform and Pulumi do a resonable job of making similar APIs for the variations of cloud providers - but it's not their job to provide an abstraction layer as you need to be able to pull all of the underlying levers. Kubernetes IS an abstraction layer so where you choose to roll you own stuff you can make it somewhat portable to another cloud (at the cost of writing the config).

On the choice of cloud services, I'm happy enough using cloud databases (they can do fast I/O and high-availability at a reasonable price). I'm much less happy with their packaged stuff. Tried out cloud composer this week. Turns out that it can't be easily scripted in Pulumi and wants bigger infrastructure than our main application so not the painless composition of services of the marketing brochure.

[sshine]

I agree. I recently got responsibility for deploying an app on EKS. After collaboration with DevOps on Terraform, K8s/Helm and the myriad of assistive services, I wanted to replicate some of the infra privately, using another cloud provider.

My experience is that Terraform does encourage vendor lock-in because every cloud have slightly different resource topologies. Picking which resources to manage yourself in a cluster, and which to manage by Terraform seems like a place to strike a balance.

[margor]

This is exactly the experience I wanted to describe, but sadly didn't choose correct words for that.