Terraform and Ansible: Understanding the Differences
Infrastructure as Code (IAC) has become an increasingly popular approach for managing IT environments, and two of the most commonly used tools for IAC are Terraform and Ansible. This article will look at the differences between Terraform and Ansible and when to use each.
Terraform: Infrastructure Provisioning
Terraform is a cloud-agnostic infrastructure provisioning tool that can set up infrastructure in various cloud platforms such as AWS, GCP, and Azure. Terraform connects to the platform provider through its providers, which currently number over 100 with over 1000 resources.
Terraform has several commands for different stages of infrastructure management, including refresh, plan, apply, and destroy. In addition, the current state of the infrastructure is compared to the desired state defined in the Terraform configuration file (TF-Config). Terraform also allows operators to import existing infrastructure into Terraform, making it easier to manage the infrastructure.
Advantages of using Terraform include:
- Easily repeatable
- Easily readable
- Operational certainty with “Terraform plan.”
- Standardized environments build
- Quickly provisioned dev env
- Disaster recovery
Ansible: Configuration Management
Ansible is a configuration management tool that can be used to configure existing infrastructure or deploy applications, install/update software, and more. Ansible is a mature tool with many modules and is, therefore, suitable for configuring existing infrastructure.
Ansible can be used along with Terraform for complete infrastructure management and automation.
When to Use Terraform vs Ansible
Terraform is newer and more advanced in orchestration, making it better for infrastructure provisioning. On the other hand, Ansible is a mature tool with many modules, making it better for configuring existing infrastructure.
In conclusion, Terraform and Ansible are both essential tools in IAC, each with its strengths and use cases. Terraform is better for infrastructure provisioning, while Ansible is better for configuring existing infrastructure. They can also be used together for complete infrastructure management and automation.
Terraform import
- Allows you to import existing infra to terraform
- Import instance
- terraform import aws_instance.<instance reources> <instance id>
- Import security group
- terraform import aws_security_group.<sg resource name> <security group id>
- Volume attachment import
- terraform import aws_volume_attachment.<volume att resource> devicename:volumeid:instanceid
- terraform import aws_volume_attachment.ebs-1-att /dev/sda1:vol-0abc94cf1234c73c6:i-0a12341e50e1aad1234
- terraform import aws_volume_attachment.ebs-1-att /dev/sda1:vol-0abc94cf12345c73c6:i-01231e50e1as71
- Import target group
- terraform import aws_lb_target_group.<target resource> <aws target group ARN>
- terraform import aws_lb_target_group.test-tgrp arn:aws:elasticloadbalancing:us-east-1:xxxxxxx:targetgroup/report-portal-tgrp/xxxxxx
- Import elb
- terraform import aws_elb.<elb resource> <elb name>
Setup first infra in AWS
Terraform target
Run terraform by focusing on targeting resources, etc
https://developer.hashicorp.com/terraform/tutorials/state/resource-targeting
Example
- terraform plan -target=”random_pet.bucket_name”
Terraform will plan to replace only the targeted resource.
Now create a plan that targets the module, which will apply to all resources within the module.
Destroy a module
- terraform destroy -target=module.my_module
Terraform output
- terraform output -raw lambda_bucket_name
- aws s3 ls $(terraform output -raw lambda_bucket_name)
Terraform aws invoke Lamdba function to test its working fine
- aws lambda invoke –region=us-east-1 –function-name=$(terraform output -raw function_name) response.json
- aws lambda invoke –region=us-east-1 –function-name=$(terraform output -raw aws_lambda_function_url) response.json
- aws lambda invoke –region=us-east-1 –function-name=function-namehere response.json
Note that the function name might not need url just the function name or ARN
–function-name (string)
The name of the Lambda function, version, or alias.
Name formats
- Function name – my-function (name-only), my-function:v1 (with alias).
- Function ARN – arn:aws:lambda:us-west-2:123456789012:function:my-function .
- Partial ARN – 123456789012:function:my-function .
