Terraform talks to “clouds”, where as Ansible talks to devices. Whilst clouds do have many devices, I feel like Ansible has a greater ability to absorb likeness/distinctiveness (ships), over a greater scale than terraform.
I don’t use Terraform but from my understanding Terraform is more for “what kind of server hardware/VM/container/… do I want” and less “which configuration do I want on that server/VM/container/…”
Yes, it’s him, I was just pulling your leg for the “literally me” kind of comment
(btw, Terry is literally me (I am the best programmer that’s ever lived))
Probably an average. I think the above average types usually have a vim keybinding configured to send current buffer to CIA via curl so they don’t have to use bloated web browser for doing everyday task.
I love Ansible while hating when people touch it. Yes, it’s very flexible but at what cost? If you actually learn it and follow some basic guidelines, you can make beautiful playbooks and inventories having wonderful automation for even complex setups while keeping it clean. But if one doesn’t care and just try to make servers go brrr, it becomes horrific glorified shell script with everything hardcoded, most tasks unaware of changes they make, cesspool of shitty templates, breaking itself in minutes, being pain to work with and making me want to delete all the shit and start all over.
I decided I wanted nothing to do with Ansible when I was half an hour into reading the website and I still didn’t have a fucking clue what it is or exactly what it does.
To this day, I couldn’t really tell you. It seems to be basically a framework for automatically SSH’ing into machines and running shell scripts on them which doesn’t sound robust in the slightest. It’s like they took thirty years of sysadmins’ discarded spit-and-duck-tape solutions and bundled them into a “framework”.
I dunno how the fuck you’re supposed to manage cloud infrastructure at scale with that.
It’s far more than just SSHing and running shell scripts. Besides, I wouldn’t ever call it a „framework”.
It’s a tool for Linux, BSDs and even Windows machine setup automation in a declarative fashion. Tasks are usually built out of wide range of provided modules for both universal actions (like file edits, templating, shell commands) and very specific ones (like Podman containers, Postgres users, indexes in Mongo, whatever you imagine, you can even implement your own in Python). Those tasks have logic that can detect the status for each of the tasks in each specified nodes, so they can not only be applied, but also dry run with precise diff tracking (diff of config files to be applied, packages to be installed, etc).
It has inventory that can be both static (config file), and dynamic (e.g query an AWS account for Ec2-s or get nodes from Proxmox) that lets you group your however many hosts (by purpose, etc), attach variables to specific hosts or entire groups, or even store encrypted credentials to use them in roles. When dealing with hundreds of hosts, at some point this is something you need to do anyway, but here it really shines even with much smaller amount of machines.
Ansible can be very reliable and provide awesome environments, but it requires some learning and due to its flexibility, it can also be used badly. I have some success stories with it in last 7 years of utilizing it for both small and big business.
That being said, if you want some magic hammer that just does stuff without requiring any understanding, Ansible might not be the thing.
And no, Terraform is not an replacement for Ansible and vice versa. Those two are designed for different purposes. I actually used them together in some projects.
And no, Terraform is not an replacement for Ansible and vice versa. Those two are designed for different purposes. I actually used them together in some projects.
Yeah, that’s the problem. Every time infrastructure management came up, a certain coworker would always bring up Ansible. It eventually got kind of annoying.
Yup. I used ansible for a good year, maybe two, and found myself asking, “Why the fuck am I maintaining some abstract thing when I can just write a shell script and deploy that?”
Cloud orchestration is better done with other tooling. Honestly don’t see a use case for ansible beyond physical data center deployments.
They installed it for us at work as part of a project, and we went to ask the ansible guy wtf we could use it for in a windows world, and he couldn’t articulate how it would be an improvement in any way over a scheduled task.
It appeals to me for management of a windows machine for a few things:
Lots of machines at once, over winrm. Although ssh is the default, as ansible is linux first.
I don’t have to learn powershell - the shared language means the windows teams and the linux team don’t have to learn eachother’s language. In ansible, it’s very easy to avoid the footguns that come with something like bash, especially after you install the red hat linter, ansible-lint, which warns of ansible’s own footguns.
easy to version control it
premade stuff: the official “modules” are massive and do a lot. There are also community packages: galaxy.ansible.com - of course, you should probably check any stuff you run first. But ansible is very easy to read.
built in secret management. Encrypt secrets, but still be able to use them smoothly with the automation framework.
For just one machine? Task scheduler is probably good enough. 2-3 machines, managed remotely? Ansible is at least worth looking at.
The examples are very helpful, with things like getting a list of ad users. I used that to create a ansible script to shuffle all ad user passwords - while being a a linux lover who hates windows and has literally never touched ad before this.
There is a reason ansible exists and is widely used. Shell scripts are brittle and don’t account for a ton of use cases.
For instance- are you going to write a shell script to determine the OS family of a server? Are you then going to do a bunch of if statements for things you want run on Debian hosts vs RedHat ones vs. Alpine? Are you going to manually make templates yourself or just use jinja templates and the template module in ansible (and use variables easily gathered by the setup module)? Are you going to manually select which hosts you’re going to target or are you just going to use your ansible inventory that categorizes your machines based on location or purpose or whatever other arbitrary thing and use tags? Are you going to manually dig in and find out how many NICs are in a box, what IPs they have, what CPU, how many cores so you can set some service to use “X” amount of threads, define service templates using those machine variables, etc. etc. etc.? Are you going to make such well defined shell scripts that they can be reused over and over again against a variety of machines without breaking things and make it easy to include them in parent shell scripts?
This is all stuff ansible does quite easily.
It’s not the end all be all of course. Some would argue (maybe rightfully) that Puppet or Salt can maintain config drift a bit better. I would argue it’s not the tool to use for containerization really either. But it definitely has a real purpose in initial and maintained configuration management and in both cloud and on-prem deployments.
Terraform for day 0 operations is a better experience but it had its quirks. Ansible is nice when it’s done well, but when you don’t have an Ansible module for something, you’re essentially writing a shell script
Yeah, in contrast the value proposition for Terraform was immediately obvious. “Oh, you mean I don’t have to manually set up Kubernetes clusters and shit every time we want to deploy to a new region? Fucking sign me up!”
Not at all! Since it’s half of 9, it can therefore work with half of the software RHEL 9 is compatible with, but since the 4 is also divisible by 2, it can handle all of that software as well.
It’s really quite simple, I don’t see how this could be confusing at all…
Disagree on picking RPM distros for an absolute beginner (this is what the image is about at least). SUSE maybe but you don’t want a newbie having to deal with US patent bullshit and especially SELinux. Similarly, no newbie will ever pic a barebones WM as a first time user.
I have used Fedora for nearly all the time I’ve daily driven Linux, and haven’t encountered any problem that a newbie would encounter and couldn’t overcome, excluding distro-agnostic stuff. Yeah, the h264 shit sucks, but if you use flatpaks you shouldn’t have to worry about it. And if you ever have to face SELinux, then you’re probably doing something that’s beyond beginner level.
It’s a very rough guide I threw together. There’s all sorts of wedge cases you could use to argue against it. E.g. you could use RPMs on slack Linux. Not exactly user friendly.
Bit on the whole fedora or Suse do the job.
Also desktops are better for newbies. I thought I’d mentioned that but yeah I agree deffo better for newbies while WM managers more for tinkerers/power users.
I started on CentOS and don’t remember any issues but that was a long time ago. I flirted with Suse, Ubuntu, and Arch when RH started being a super dick. I finally settled on Rocky, rpm is the devil I know.
Same. I remember getting interested in Linux in like 1997 or so, and it seemed like RedHat was preferred for newbies.
Of course, what were the alternatives then? It was basically Slackware (or Suse), Debian, and RedHat (or Caldera). There was no RHEL or Canonical or SElinux back then. It was a different time.
Hell one of the language packs for installing RedHat was “Redneck”. It was a gimmick to demonstrate localization options.
So for gaming… Pacman? I thought mint and kubuntu use aptitude, and was under the impression those are two of the better gaming distros.
I hate windows, but am sick of trying Linux every 5-6 years and finding out that I cannot get half the games I play to work. Admittedly, with you guys I might not be going it alone this time…
I’d say, just use Ubuntu if gaming is your main concern.
Imo the main problem for games are 1. hardware drivers (afaik only if you have brand new hardware), 2. game launchers (fuck those fucking game launchers, fuck; except steam) and 3. anti- cheat software.
Otherwise gaming is really good under Linux nowadays.
The package manager is usually tied to the distro, but the point above is to let the package manager inform your distro choice.
You’ll notice a running theme in my lecture here is “choice.” You can switch Desktop Environment and other stuff on just about any distro and make it feel like yours. Switching package managers isn’t recommended though! 😅
So for instance, Arch (btw lol), or Manjaro, or Endeavour use Pacman.
I’ve switched to Endeavour recently which is essentially “User-friendly Arch-based” with an installer and stuff, and it’s absolutely lovely for games. My old 960M laptop runs plenty of stuff great. :D
On my main rig I’ve used OpenSUSE Tumbleweed for years, which is also a rolling release (constantly updated) distro that technically uses RPMs, but uses its own package manager called Zypper, which I find mostly user friendly. Packages are also a bit more thoroughly tested.
Both use KDE Plasma desktop environment and it’s gorgeous.
Alternatively, especially for laptops with hybrid Nvidia graphics, POP!_OS is alright if you’re okay with GNOME desktop environment. (You can always change, but it’s geared toward GNOME). It used Aptitude, and the updates trail behind a bit, but generally that’s supposed to make a more stable system.
(Note that when I say “lags behind”, latest security fixes tend to be backported, but you won’t see fancy new shiny features as fast.)
For gaming specifically though:
Win10 is gonna be my last Windows. 11 is invasive and opinionated, and 12 is gonna have a forced Ai fetish. Gross.
Good news: Steam games work wonderfully. Thanks to advances with Proton and all their support for the SteamDeck (which runs Linux btw!)
For other platforms, look into Heroic Launcher, which takes a lot of the headache out of managing stuff like GOG games. :)
With rolling releases you usually want to update cautiously and check news updates and stuff, because newer versions aren’t as thoroughly tested and some stuff might break…but you get new features faster so that’s fun.
That being said: If you’re willing to learn a little as you go, OpenSUSE Tumbleweed is a big win in my book for getting the latest fun stuff while still being stable! It’s also thoroughly security-minded.
And by default, it includes “Snapper” set up for you, so you can just roll the system back to a working version in the rare case something goes wrong. You can install snapper on any distro, but it comes pre-configured and ready to go, as long as you use the default “BTRFS” file system.
I won’t get into filesystems because hoo boi…but TL;DR: BTRFS allows “snapshots” and rollbacks that don’t require literally doubling your disk space for rolling back, so it’s a great safety net.
That being said: ALWAYS have more than one backup, in multiple locations, of anything you find important!
Good luck and have fun. I will say, Endeavour, OpenSUSE, and Pop_OS all have great communities that are eager to help if you’re eager to learn! :)
Debian-based systems (including Ubuntu and its forks such as Mint) uses dpkg and APT (APT does all the communicating with repositories, dependency managment etc, dpkg actually installs and removes packages.) Aptitude is a TUI front-end for APT that gives you a menu-based system in the terminal. Synaptic (not to be confused with the trackpad driver) is a GUI front-end for APT.
I game on Linux Mint. Now it might be my tendency to play single player and/or cooperative multiplayer (think Stardew Valley or Unrailed!) games often made by smaller studios and indie developers as most of the AAA space has otherwise offended me, but…I don’t really have a problem. The vast majority of things just install and run from Steam.
Started using Debian because I only used it for servers to begin with. Learned APT and never dared to learn anything else. So now I just stick with any distro using APT and a DE I like.
Most new Linux users if not all, are unable to make an educated decision on package management. The UI that they think they will like better would be more important.
linuxmemes
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.