Hacker News new | comments | show | ask | jobs | submit login
Ask HN: Ansible vs. Terraform
11 points by albertlie 4 months ago | hide | past | web | favorite | 11 comments
Hi all,

I'm starting a project in my company for upgrading our deployment infrastructure across cloud providers. Our current system is mainly using ansible for both provisioning and configuration management.

I'm trying to see Terraform as well for this option. And I wonder anyone has experience on migrating from ansible to Terraform or using both of them? And maybe can share the benefit and drawback of both of them when using them in production?




A good strategy is to use both (these are complementary tools) - one is stronger for config management (Ansible), the other for provisioning infrastructure (TF). Build and manage the infra itself (instances, security groups, VPCs etc) with TF and use Ansible to configure (e.g. install, maintain nginx on the instance). They work well together since there is a provisioner for Ansible in TF.

Optionally if you go the totally immutable route you may only need TF (plus somethig like packer) and not Ansible.

I have not had to migrate from on to the other, so unfortunately I can't be much help here. Maybe someone else can share their insights on that (including benefits/drawbacks).


Hi Bproven,

Thanks for the answer! Did you use terraform or ansible fully then in your current work? Any challenges you can share when dealing with terraform or is there any reason you fully use Terraform?


For TF, I found it easy to work with and also cloud agnostic (nice bonus). So you only have to learn one tool instead of one for each cloud provider (Azure's Resource templates , AWS's CloudFormation, etc).

Also it seems to have great traction in the industry and is a very active project so I don't see it going anywhere soon...


Got it. Thanks!


Use both. If it talks ssh, Ansible. If it talks http, Terraform. I use Ansible to define what goes into Packer images. I use Terraform to deploy those images. Then I use Ansible again to flip flags or run migrations.


Gotcha, Thanks for the answer!

Any benefit or drawback that you can share when you used both of them?

I'm not sure about Terraform since it's still new from me especially the state file part in Terraform


These are not competing tools - they are complementary. Terraform would (immutably, declaratively) build your infrastructure (as in provisioning resources). I'd use terraform if your inf. is terraform-friendly. I'd likely skip if your cloud provider is not aws.


With all due respect, this doesn't seem like the best advice.

Part of the appeal of Hashicorp tools (terraform, and also vagrant and others) is that they are platform-agnostic.

The tagline even says "ONE SAFE WORKFLOW ACROSS PROVIDERS".

Check out terraform.io to see what they say.

I wouldn't limit it to AWS, and AWS isn't even always the best option. ¯\_(ツ)_/¯


Hey avip, Thanks for your answer!

Could you elaborate what you mean by Terraform friendly?


probably means if TF has a provider for your infra (vmware, aws, azure, etc). Check the hashicorp website docs and see how well supported the provider is for your infra of choice

https://www.terraform.io/docs/providers/


Got it. Thanks!




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: