Terraform vs Ansible

Andrei Ciorba
Andrei Ciorba December 11 2020 #terraform

share this on:

  

Terraform is a tool for infrastructure management. That means that Terraform goes and deploys the infrastructure. Actually creates the virtual machines and the networking part of the storage entities.


[Video Transcript]

I mentioned at the beginning of this webinar that we'll be addressing where exactly does Terraform fit into the DevOps Ecosystem. Because if you ever use some configuration management tool before like Ansible, Chef, Puppet, then the idea of infrastructure as code all this fairy tale about State knowledge item potency things that we briefly covered, it might not be new to you. And you might think wait I already use Ansible and If you dig around the Ansible documentation for just a bit, you'll find that as people can actually deploy virtual instances on AWS as well. 

Why do I need terraform what's the catch here? 

Well first Terraform is a tool for infrastructure management. That means that Terraform goes and deploys the infrastructure. Actually creates the virtual machines and the networking part of the storage entities.

Then on the other hand, Ansible and other similar tools are configuration management tools. It means that they are meant to configure or connect to and execute some tasks on that infrastructure that has been previously deployed by Terraform

And this is actually how this process is designed as a best practice. If you should use Terraform to create your instances, your networking, your policies, then you could use Ansible to come on top of this infrastructure, connect to your running instances and configure them further. Set some operating system settings, add some users, install some packages, update them and so on and so forth. 

And yes, there is some overlapping here as in Terraform can be used to run some scripts on its virtual machines after it has created them, and Ansible can be used to deploy some AWS instances and or some other instances in some other cloud but this cross-functionality is extremely limited, lacks visibility and lacks State knowledge. Okay? If you use Ansible to deploy on an instance in AWS it's not going to have state knowledge.

It's not going to have all those benefits of item potency. Similarly if you use Terraform to configure and install, perhaps, Apache and MySQL on some virtual machine that you just deployed it will install them, but it's not going to have any knowledge of State. It's not going to have any item potency features in there. 

So it's very very limited. Each tool is the best at what it was designed to do.

So use each tool for the purpose. It was designed for, Terraform to create resources, Ansible to configure resources. 

They're actually not going to replace each other anytime soon, but they are better together.

New call-to-action

 

share this on: