
Ask HN: Ansible vs. Terraform - albertlie
Hi all,<p>I&#x27;m starting a project in my company for upgrading our deployment infrastructure across cloud providers. Our current system is mainly using ansible for both provisioning and configuration management.<p>I&#x27;m trying to see Terraform as well for this option. And I wonder anyone has experience on migrating from ansible to Terraform or using both of them? And maybe can share the benefit and drawback of both of them when using them in production?
======
bproven
A good strategy is to use both (these are complementary tools) - one is
stronger for config management (Ansible), the other for provisioning
infrastructure (TF). Build and manage the infra itself (instances, security
groups, VPCs etc) with TF and use Ansible to configure (e.g. install, maintain
nginx on the instance). They work well together since there is a provisioner
for Ansible in TF.

Optionally if you go the totally immutable route you may only need TF (plus
somethig like packer) and not Ansible.

I have not had to migrate from on to the other, so unfortunately I can't be
much help here. Maybe someone else can share their insights on that (including
benefits/drawbacks).

~~~
albertlie
Hi Bproven,

Thanks for the answer! Did you use terraform or ansible fully then in your
current work? Any challenges you can share when dealing with terraform or is
there any reason you fully use Terraform?

~~~
bproven
For TF, I found it easy to work with and also cloud agnostic (nice bonus). So
you only have to learn one tool instead of one for each cloud provider
(Azure's Resource templates , AWS's CloudFormation, etc).

Also it seems to have great traction in the industry and is a very active
project so I don't see it going anywhere soon...

~~~
albertlie
Got it. Thanks!

------
cristobal23
Use both. If it talks ssh, Ansible. If it talks http, Terraform. I use Ansible
to define what goes into Packer images. I use Terraform to deploy those
images. Then I use Ansible again to flip flags or run migrations.

~~~
albertlie
Gotcha, Thanks for the answer!

Any benefit or drawback that you can share when you used both of them?

I'm not sure about Terraform since it's still new from me especially the state
file part in Terraform

------
avip
These are not competing tools - they are complementary. Terraform would
(immutably, declaratively) build your infrastructure (as in provisioning
resources). I'd use terraform if your inf. is terraform-friendly. I'd likely
skip if your cloud provider is not aws.

~~~
albertlie
Hey avip, Thanks for your answer!

Could you elaborate what you mean by Terraform friendly?

~~~
bproven
probably means if TF has a provider for your infra (vmware, aws, azure, etc).
Check the hashicorp website docs and see how well supported the provider is
for your infra of choice

[https://www.terraform.io/docs/providers/](https://www.terraform.io/docs/providers/)

~~~
albertlie
Got it. Thanks!

