Topics Discussed:
- What is Terraform and Ansible?
- What is infrastructure as code
- Terraform provisioners
- How to use provisioners in Ansible?
Terraform – Open source tool from Hashicorp for infrastructure provisioning and management. Infrastructure as a Code. Provisions resources like Storage, Compute resources in cloud. Uses Declarative configuration language known as HCL. Resources are available in hashicorp websites.
Ansible – Open source automation tool. Uses yaml language. Make use of playbooks. Uses modular structure. Simple, Agentless (No need to configure agents in the target machines). Almost all IT resources are able to manage through Ansible.
Comparison – Terraform has a state file which tracks the desired state and actual state, whereas Ansible doesn’t have a state file to track current infrastructure state.
Terraform + Ansible –
Infrastructure as Code Benefits:-
- Can get the log of activities on infrastructure provisioning
- Automation reduces human errors
- Can do Benchmarking, Stress Testing, Performance testing etc.
- Disaster Recovery :- Can help in provisioning in another region if any Disaster happens.
- Can easily modify iaac code
- We only need to change the code and terraform will take care of the rest.
- What is the purpose of ansible in terraform?
- We use provider to create resources in respective platforms
- We have provisioners and providers
Provisioners – File, Local and Remote. Local:- Only modifying inside a local machine Remote:- Used when we need to execute changes on remote machines. File – Destroy Time provisioner :- Provisioner runs inside destroy commands only (eg: playbooks for Taking Backups)
3 Types of Remote operation
Inline :– This is a list of command strings. They are executed in the order they are provided File, Local and Remote.
Script :– a local script that will be copied to the remote resource and then executed.
Scripts :– a list of paths (relative or absolute) to local scripts that will be copied to the remote resource and then executed.
How Ansible connects to a newly created instance from Terraform?
Local Method :- Needs Ansible and Terraform in the same local machine. Can use already set up ssh keys (like keypairs in AWS).
Remote Method :- Automatically install Ansible (using commands in the user data section) in the newly created instance and execute playbooks on the remote system. Inventory can be dynamically taken from the metadata of the cloud provider This method is good for Windows machines as Ansible is not available on windows natively.
Ansible playbooks are very good for error handling in configuration managements
Best Practice :- Mention correct versions of Terraform providers and terraform binary
OnFailure = continue (if anything happens to provisioners, Terraform will continue)
Terraform cloud is a paid feature for teams
Best Use case for Terraform + Ansible :-
- For cloning existing environments.
- Provisions infrastructure using Terraform and Managing configurations using Ansible.
- In Hybrid Infrastructure provision and management ( Cloud + Onprem ).
- In Migration projects.
- Eg:- Self Managed Kubernetes cluster provisioning and configuring.