Ansible vs. Terraform: What's the difference?

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi everyone today let's talk about terraform versus ansible now in some of our videos past we've talked about terraform in detail ansible and even infrastructure as code but i think a lot of you might be wondering when to use terraform and when to use ansible and in my view these are actually two very complementary tools so i believe you can use them together when you're doing kind of your infrastructure automation now i think the first thing people think about when they think about infrastructure automation is actually the step of provisioning right so how do we actually get something up and running so that we can actually start you know doing our application development and that kind of thing that's one thing terraform is really good at and one of the reasons it's so good at it is because terraform is declarative in nature and this is actually one of the key differences between terraform and ansible but we'll get to that in a minute so let's see what a kind of a terraform configuration would look like so we want to provision some resources let's say on a public cloud we're going to do so in a declarative way so we'll start by saying maybe we want a database service so we'll say create db and they'll have some configuration to go with it like you know what kind of class it is and what size that kind of thing maybe we also want to create a kubernetes cluster and maybe even some vms in a vpc so we'll first create the vpc and maybe some more configuration to create the vms so we'll kind of have our terraform config there now i mentioned it's declarative and this is awesome because you know in these steps over here we've created some db services and some other things so let's say we want to actually bind that database service to our kubernetes cluster so in in this step right here we'll say bind to kubernetes now in a procedural language everything would go top to bottom so it would start with the db and realize hey i can't bind it to something that doesn't exist but since terraform is declarative it'll actually say okay we can't do this one yet let's create the kubernetes cluster first also create the vpc cluster kind of simultaneously and then once that's ready then we'll create the database because it's dependent on the kubernetes cluster to bind to this is essentially what's called an implicit dependency you can also do explicit dependencies where you can just tell a resource to wait until another one is up and ready to go so that's one of the key advantages of terraform is that it takes kind of a declarative approach so we've talked about terraform let's kind of switch gears here a little bit and talk about what ansible is really good at and now ansible's main kind of purpose in my opinion is configuration management this includes things like application deployment but it can actually also do infrastructure provisioning now one of the key things i'll say about ansible is that it's not necessarily declarative but it supports declarative resources and it's not necessarily procedural either it's kind of let's call it a hybrid now in this sense i basically mean that you know ansible supports much like terraform kind of configuration files to do your automation so for example configuration management task can be something like first you would start up a vm maybe it was stopped maybe you need to restart it or stop it or something like that and some configuration so just telling it you know just to start up then maybe you install some application into the vm and some drivers maybe you need to install the runtimes and so you kind of have some configuration steps maybe you utilize the open source community where they you know build modules and collections of these things that make you allow you to get started quickly and then maybe finally you start the actual application so these are all config management tasks app application deployment you're working with resources that are already created now the reason i say it's hybrid is because although the resources are written kind of in a declarative fashion they're actually executed top to bottom so this is an ansible playbook and ansible with first star with the vm creation and then installing the app and then starting the app so if you had these in the wrong order things wouldn't work correctly so that's my view that's why i think you know ansible is declarative and procedural in a sense it's kind of a hybrid of both depending on how your modules are written so we've got our infrastructure we've got our kind of configuration now let's talk about you know going back to terraform what it looks like to actually start executing this configuration so first thing we'll do is you know generally you want to do something called a terraform plan which will enable you to see what will actually come up before you actually execute the real api calls we'll do a terraform plan and you know it'll spin up some of this a view of what's going to actually get created so the database cluster the vpc and when it all looks good you'll do a terraform apply that will use your api key and run the actual api calls against your cloud provider you know using your api key and spin up all of that infrastructure and this is what terraform is really good at and this brings me to my third thing about terraform is that it's very much managed on state for life cycle management so one of the really cool things here is for example you know once you've created this infrastructure if you go back and you know remove an entire piece of config for example to create vpc block if you remove that and you run a terraform apply again it'll actually remember from last time it'll say hey last time you had this now you've removed it and it'll go ahead and remove that vpc for you now the difference with ansible is that there is no kind of life cycle management no now essentially what this means is that if you wanted to delete some step of this flow you can't just remove it you would need to kind of mark it for deletion so you need to kind of do a remove app step now that's that doesn't go to say that you couldn't necessarily create an ansible playbook that automatically recognizes when you remove some configuration and run the steps the point is with terraform you get it automatically and with ansible you kind of have to implement that life cycle management into your actual code another key point i want to make here is item potency so that's essentially the ability to run something multiple times and if nothing has changed it won't actually run anything run any new actions so with terraform you get that automatically so you can run this a thousand times and the first time it'll create everything and the remaining 999 times it would actually just say hey you already have it nothing's changed and it wouldn't do anything now with ansible you could technically create item potent modules but it's not a requirement so that's something that you as a developer have to consider when using ansible is you know see the community modules you're using the cloud provider modules and collections you're using and make sure they're important and if they're not you know you might have to do some additional work to get them going now i think i've made a case for both capabilities here but i want to talk a little bit about the similarities between the two as well for one they both support heavy templating so this is great so you can have kind of one source of truth and then different configuration files so for example if you wanted a dev and a test and a prod environment you can have one source of truth and then kind of just switch out the variables that you're using to spin up the different environments so that's something neat that both environments support number two they're both open source as i mentioned but the key thing i want to mention is that you know they've got a big kind of community as well so for terraform they have the terraform registry with modules being developed providers to work with the cloud providers and and so they've got this rich community to help you get started very quickly and ansible's the same they've got ansible galaxy with collections of modules so you can get started very quickly with existing playbooks and that kind of thing so they're they're similar in that sense that they've got this big kind of community and the last thing i'll say is agent lists which is kind of more relevant in the ansible context than terraform since they're it's doing configuration management you don't have to install an agent on a vm somewhere it's both of these tools are kind of plug and play easy to get started whether on your local machine or somewhere in the cloud these tools are both very similar in that they're easy and quick to get started with now you might be wondering you know in the beginning i said these tools are complementary so how would you use ansible and terraform together well there's a couple of approaches you could start with terraform now as i mentioned terraform is really good at provisioning so you could have a terraform configuration that spins up some infrastructure and then once that infrastructure is ready you can actually use terraform to call ansible to do configuration management on the on the resources you spun up so starting the vm and installing an app and that kind of thing you could also take the other approach and start with ansible and in the first step of your ansible playbook call terraform to spin up infrastructure and then pick up where terraform leaves off take that infrastructure which is you know in some inventory an ansible inventory and run the ansible actions on that so in essence ansible and terraform can work really well together because terraform is very good at infrastructure provisioning but falls short where ansible comes in with configuration management and i think together you know both open source world-class infrastructure automation tools i think together you can really create a complete infrastructure automation story i want to thank you for joining me for this video today if you want to see what ibm cloud is doing in the infrastructure automation space be sure to check out ibm cloud schematics if you have any questions or you like the video be sure to drop a comment below and a like be sure to subscribe and stay tuned for more videos like this in the future thank you
Info
Channel: IBM Technology
Views: 112,653
Rating: undefined out of 5
Keywords: Ansible, Terraform, Infrastructure as Code, IT Automation, Red Hat, Infrastructure Automation, IBM, IBM Cloud, IBM Cloud Schematics, Config Management, DevOps
Id: rx4Uh3jv1cA
Channel Id: undefined
Length: 9min 32sec (572 seconds)
Published: Fri May 28 2021
Related Videos
GitOps on Multicloud Explained
IBM Technology
5K
What is Ansible?
IBM Technology
110K
Complete Terraform Course - From BEGINNER to PRO! (Learn Infrastructure as Code)
DevOps Directive
227K
Containers vs VMs: What's the difference?
IBM Technology
567K
5 Lessons Learned From Writing Over 300,000 Lines of Infrastructure Code
HashiCorp
109K
Kubernetes vs. Docker: It's Not an Either/Or Question
IBM Technology
926K
What is Helm?
IBM Technology
232K
you need to learn Ansible RIGHT NOW!! (Linux Automation)
NetworkChuck
651K
Cybersecurity Trends for 2023
IBM Technology
47K
What is Infrastructure as Code?
IBM Technology
100K
Terraform + Ansible : Automating configuration in Infrastructure
technotes of Hemant
14K
Ansible 101 - Episode 1 - Introduction to Ansible
Jeff Geerling
392K
API vs. SDK: What's the difference?
IBM Technology
1.2M
Git vs. GitHub: What's the difference?
IBM Technology
258K
Containerization Explained
IBM Technology
520K
Terraform Course - Automate your AWS cloud infrastructure
freeCodeCamp.org
1.4M
Istio & Service Mesh - simply explained in 15 mins
TechWorld with Nana
461K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.