Goodbye HashiCorp, Finally, With Feeling
The last domino fell and now the full exit is actually possible.
The glacier metaphor was generous to IBM. OpenTofu continued quietly becoming better than Terraform. The migration away from HashiCorp tools accelerated exactly as described.
IBM bought HashiCorp, which is something that happens to companies — the same way glaciers happen to mountain ranges.
The licensing change came first, August 2023, Terraform flipping from MPL-2.0 to the Business Source License. The stated reason was protecting against cloud providers, which is a reasonable grievance dressed up as a policy that penalizes everyone equally. OpenTofu forked immediately, moved under the Linux Foundation, and spent the next eighteen months quietly becoming better than the thing it replaced. State encryption. Provider-defined functions. A release cadence that doesn't require reading IBM's quarterly earnings to understand.
That covered Terraform. Vault was the harder problem — the thing you actually couldn't walk away from cleanly, because secrets management is load-bearing in a way that most of the HashiCorp stack is not. Consul you could replace with Cilium and a prayer. Nomad you could replace with Kubernetes and a much larger prayer. But Vault is where your secrets live, and secrets don't tolerate loose handling.
Now that problem has a solution — a real one, not a "we technically have an alternative" one — and the full exit is on the table.
This is what the end of an era looks like: not a dramatic break, not a manifesto, just a quiet moment where someone checks the board and realizes every dependency has a replacement that's actually good. The migration guides are written. The tooling is mature. The PTSD from the BSL announcement has faded into something more useful, which is a complete list of alternatives and the institutional knowledge of how to use them.
HashiCorp built genuinely important things. Terraform changed how infrastructure is written. Vault solved a real problem at a time when the alternatives were "encrypt it yourself" or "put it in the repo" (both still observed in production today, by the way, in 2025). The tools were good. The acquisition was not the tools' fault.
None of that is a reason to stay.
The door has been open for a while. It's just that now there's no reason to look back through it.
Counterpoints
Push back, extend the argument, or sharpen it. New counterpoints go through review before they show up here.
No approved counterpoints yet.