• azvasKvklenko@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    4
    ·
    10 months ago

    It’s far more than just SSHing and running shell scripts. Besides, I wouldn’t ever call it a „framework”.

    It’s a tool for Linux, BSDs and even Windows machine setup automation in a declarative fashion. Tasks are usually built out of wide range of provided modules for both universal actions (like file edits, templating, shell commands) and very specific ones (like Podman containers, Postgres users, indexes in Mongo, whatever you imagine, you can even implement your own in Python). Those tasks have logic that can detect the status for each of the tasks in each specified nodes, so they can not only be applied, but also dry run with precise diff tracking (diff of config files to be applied, packages to be installed, etc).

    It has inventory that can be both static (config file), and dynamic (e.g query an AWS account for Ec2-s or get nodes from Proxmox) that lets you group your however many hosts (by purpose, etc), attach variables to specific hosts or entire groups, or even store encrypted credentials to use them in roles. When dealing with hundreds of hosts, at some point this is something you need to do anyway, but here it really shines even with much smaller amount of machines.

    Ansible can be very reliable and provide awesome environments, but it requires some learning and due to its flexibility, it can also be used badly. I have some success stories with it in last 7 years of utilizing it for both small and big business.

    That being said, if you want some magic hammer that just does stuff without requiring any understanding, Ansible might not be the thing.

    And no, Terraform is not an replacement for Ansible and vice versa. Those two are designed for different purposes. I actually used them together in some projects.

    • Technus
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      And no, Terraform is not an replacement for Ansible and vice versa. Those two are designed for different purposes. I actually used them together in some projects.

      Yeah, that’s the problem. Every time infrastructure management came up, a certain coworker would always bring up Ansible. It eventually got kind of annoying.