3

What do you use for automating infrastructure? I'm thinking tools like Ansible, Terraform and Chef

Comments
  • 2
    This is obviously very junior of me, but I have no clue what this stuff does. On the other hand, I checked out the three tools you mentioned and none of them explained the problem they solve so I think it's something that can technically be done perfectly well with scripts that read JSON files, however forcing it into a framework guarantees some baseline code quality and consensus about the objects we use which prevents ops people from becoming unfireable by building an infrastructure no one else in the world understands.
  • 2
    I only know ansible.

    In my opinion, the utility is usually not the problem.

    E.g. in every company I've worked so far my primary job from the beginning is to turn a wildwest punk infrastructure into sth that follows law and order...

    Which is a necessity in my opinion for any of the tools - trying to create a sane and pristine ruleset when you know nothing about the environments except that it's a hot glued snowflake mess is impossible.

    Problem with documentation of host systems is from my experience less "what's in it" - especially when using a system like mine, as you have a common ground for _everything_ - more "what is intertwined with whom any why".

    * System of mine: I create a base OS image in Docker, then further images for e.g. language / development support. Conversion of Dockerfiles to VM templates is pretty easy... Hence I usually solve the "What's in it" part and documentation task first. :)

    That's sth that is really really hard to cover - even by rulesets - and which is the thing that usually breaks everyone's neck.

    "To update (in sense of OS update) A, we need to put B into maintenance which requires C to be run in read-only mode - thus D | E | F won't receive new data, meaning we cannot do task XYZ then, thus we should update systems U, V and W which execute that task at the same time".

    Just as one example... With time, you'll get used to it, at the beginning it's the usual play day of migraine :)

    Plus side is documentation, rules / framework, but if you'll need it is dependent on how often you'll get new hardware and deployment works. Documentation only of "What"… which isn't the most important thing.

    I'm always torn apart between "time taken" and "time saved".
  • 3
    Most common today is Terraform, followed by Ansible.

    Use Terraform to declare cloud resources to be deployed,

    Use Ansible to perform procedural actions on specific resources/servers.

    Chef is more of a configuration management. i.e make sure all Apache servers have same config, deploy new version to all of them. etc.

    All these tools have a little in common - Ansible can deploy cloud resources, Terraform can control configs etc. The above is their main "focus" and common use-case.

    There are other tools used for more specific needs:

    - AWS SAM for Lambda funcs and their dependencies (buckets, api gateway..)

    - AWS CDK - to progrematically deploy resources (like calling the AWS API/CLI from code)

    - Pulumi - also tool to deploy infra from code (py/ts)
  • 1
    Terraform, but on pure AWS stuff often just stick with cloudformation.
  • 0
    Configuration management they are called. Ansible, pulumi, helm and make.
    Those are the ones I like. Ansible for workstation and VPS management or kicking off stuff. Pulumi for infra as code and helm for kubernetes stuff and sometimes as template engine (though usually use ansible for that).
Add Comment