
Ansible 2.10 - sm4rk0
https://www.mail-archive.com/ansible-project@googlegroups.com/msg53862.html
======
avolcano
Ansible has been nice for replacing a bunch of ad-hoc shell scripts for my
Digital Ocean boxes for personal projects. I have a bunch of simple
provisioning scripts I can re-run as many times as I want, and I have simple
deploy scripts that automatically skip unnecessary steps. Cannot imagine a
better tool for single-host devops, really - if I were putting together a list
of "how to run your own small infrastructure" it'd be higher priority than
anything else.

I am curious, as a bit of a devops outsider, how it fits into the toolset of a
modern application. From what I can tell, a lot of the aspects of Ansible are
made redundant in a world of _hosted_ containers - you don't need Ansible if
you're, say, deploying container images to EKS/ECS/whatever - but if you were
to self-host your Docker hosts (or... whatever the Kubernetes is equivalent is
called), Ansible still seems to me to be the best tool around for standing up
and maintaining those hosts.

~~~
escardin
Ansible is a good choice for maintaining the k8s infra itself, but IMO is not
good at maintaining hardware or managing containers.

The major problem with Ansible compared to container orchestrators is that
Ansible has no concept of previously known state. It makes some things that
are easy in Terraform (deletions) more difficult, as you have to write a new
playbook to delete stuff. So can't say, "I don't want to run this nginx
container on this host anymore" by just removing that host from the part of
your inventory that gets nginx, or removing nginx from that hosts playbook.
You have to explicitly remove it.

This is not a huge problem if you're into immutable infrastructure, where you
just wipe any host and redeploy, as it lets you go from known state to known
state reliably. This kind of relgates Ansible to yaml shell scripts, but it's
generally a lot tidier and gives you a nice framework for knowing where you
are in your script.

When trying to apply Ansible to more infrastructure related stuff, again, it
can do it, but's not the right tool. You can write a playbook to deploy a host
or scale your EC2, but you basically have to do that separate from the
provisioning of the hosts you just deployed.

For container orchestration, I found Ansible more of a hinderance than a help.
Ansible is very imperative, and most orchestration tools are deliberately
declarative. There's no particular reason to use it to deploy, scale, delete
basically anything in k8s or swarm, as there is very little value add over
using the tools themselves.

Overall I find Ansible best suited to building the containers or vms that you
will run on your cluster, as these are necessarily imperative steps that fit
it well. This also applies to the hosts that make up your cluster, if you
aren't able to prepare an immutable image for them or get them to auto join.

------
tbran
Love using Ansible (though I don't always love writing YAML).

PROTIP: I use it to manage my laptops/workstations with a hosts entry like:

    
    
      [laptop-thinkpad]
      localhost ansible_connection=local
    

Sometimes I think it's overkill, but the config files are a little easier to
visually parse.

~~~
INTPenis
Deprecated group name format. ;)

I started using Ansible when it was brand new, like 0.2 I believe. It changes
so fast that I've had junior co-workers come in and teach me new best
practices in Ansible.

~~~
apple4ever
That deprecation was deprecated :)

~~~
INTPenis
No way, you're kidding!

------
ganstyles
Someone made the comment below, which can't be responded to, but I did have a
question about it. The comment:

> Immutable infrastructure killed Ansible.

I haven't used Ansible in several years, but when I was using it I was using
it to build immutable AMIs. So obviously this comment is off base. However, I
have been using terraform for years now.

Can anyone describe why one might use Ansible over Terraform? I understand the
differences, but I don't think I know people using Ansible as their primary
deployment/provisioning solution recently.

~~~
krmboya
I'm not too experienced with Terraform, can one use it to, for example, do a
rolling deployment with something like haproxy as the load balancer?

~~~
tyree731
Definitely not, you'd need to use something like Spinnaker to accomplish that.

~~~
krmboya
But one can do this with Ansible in a non-containerized environment

------
sm4rk0
Main change: "Ansible engine" is decoupled from "Ansible content" (modules and
plugins).

~~~
geerlingguy
Note that Ansible 2.10 is now packaged two ways: 'ansible-base' ( just the
engine and a few core modules), and 'ansible' (not yet released - Ansible base
plus a bundle of all the modules and plugins that were in what was before just
Ansible 2.9).

------
sgt
Recently started using this. Works brilliantly for our production
infrastructure. Well done to Ansible team.

------
user5994461
Doesn't work?

Secure Connection Failed: Error code SSL_ERROR_BAD_MAC_READ

------
stedaniels
The direct Google Groups list I think:
[https://groups.google.com/forum/#!topic/ansible-
project/_oKp...](https://groups.google.com/forum/#!topic/ansible-project/_oKp-
lYmhwU)

~~~
opk
That link seems to require a google account to access. So the mail-archive.com
link was rather more useful.

------
markuman123
no no no, it's alpha9, not stable yet!

~~~
markuman123
> 2020-09-22: ansible-2.10 GA release date.

~~~
markuman123
[https://docs.ansible.com/ansible/devel/roadmap/COLLECTIONS_2...](https://docs.ansible.com/ansible/devel/roadmap/COLLECTIONS_2_10.html#release-
schedule)

