Learning Library

← Back to Library

Terraform vs Ansible: Complementary Tools

9mUnknown ChanneldevopstutorialintermediateWatch on YouTube ↗

Key Points

  • Terraform and Ansible are complementary tools that can be used together for full‑stack infrastructure automation.
  • Terraform excels at provisioning cloud resources because it uses a declarative language that automatically resolves implicit and explicit dependencies.
  • Ansible’s strength lies in configuration management and application deployment, handling the setup of software on already‑provisioned infrastructure.
  • While Ansible can also provision resources, it is primarily procedural, making Terraform the preferred choice for defining and orchestrating infrastructure as code.

Sections

Full Transcript

# Terraform vs Ansible: Complementary Tools **Source:** [https://www.youtube.com/watch?v=rx4Uh3jv1cA](https://www.youtube.com/watch?v=rx4Uh3jv1cA) **Duration:** 00:09:33 ## Summary - Terraform and Ansible are complementary tools that can be used together for full‑stack infrastructure automation. - Terraform excels at provisioning cloud resources because it uses a declarative language that automatically resolves implicit and explicit dependencies. - Ansible’s strength lies in configuration management and application deployment, handling the setup of software on already‑provisioned infrastructure. - While Ansible can also provision resources, it is primarily procedural, making Terraform the preferred choice for defining and orchestrating infrastructure as code. ## Sections - [00:00:00](https://www.youtube.com/watch?v=rx4Uh3jv1cA&t=0s) **Terraform vs Ansible Overview** - The speaker explains how Terraform and Ansible serve complementary roles in infrastructure automation, highlighting Terraform’s declarative provisioning strengths versus Ansible’s differing use cases. ## Full Transcript
0:00hi everyone today let's talk about 0:01terraform versus ansible 0:03now in some of our videos past we've 0:05talked about terraform in detail 0:07ansible and even infrastructure as code 0:09but i think a lot of you might be 0:10wondering when to use terraform 0:12and when to use ansible and in my view 0:14these are actually two very 0:15complementary tools 0:17so i believe you can use them together 0:19when you're doing kind of your 0:20infrastructure automation 0:22now i think the first thing people think 0:23about when they think about 0:24infrastructure automation is 0:26actually the step of provisioning right 0:28so how do we actually get 0:30something up and running so that we can 0:32actually start you know 0:34doing our application development and 0:36that kind of thing that's one thing 0:37terraform is really good at 0:39and one of the reasons it's so good at 0:40it is because terraform is declarative 0:43in nature and this is actually one of 0:45the key differences between terraform 0:46and ansible 0:47but we'll get to that in a minute so 0:49let's see what a kind of a terraform 0:51configuration would look like 0:52so we want to provision some resources 0:54let's say on a public cloud 0:56we're going to do so in a declarative 0:57way so we'll start by saying maybe we 1:00want a database service 1:01so we'll say create db and they'll have 1:04some configuration to go with it like 1:06you know what kind of class it is and 1:08what size that kind of thing 1:10maybe we also want to create a 1:12kubernetes cluster 1:14and maybe even some vms 1:17in a vpc so we'll first create the vpc 1:20and maybe some more configuration to 1:21create the vms 1:22so we'll kind of have our terraform 1:24config there 1:26now i mentioned it's declarative and 1:27this is awesome because you know 1:29in these steps over here we've created 1:30some db services and some other things 1:32so let's say we want to actually bind 1:34that database service to our kubernetes 1:36cluster 1:37so in in this step right here we'll say 1:39bind 1:40to kubernetes now in a procedural 1:43language 1:44everything would go top to bottom so it 1:45would start with the db and realize hey 1:47i can't bind it to something that 1:48doesn't exist 1:49but since terraform is declarative it'll 1:52actually say okay we can't do this one 1:53yet 1:54let's create the kubernetes cluster 1:56first also create the vpc cluster 1:58kind of simultaneously and then once 2:00that's ready 2:01then we'll create the database because 2:03it's dependent on the kubernetes cluster 2:05to bind to 2:06this is essentially what's called an 2:07implicit dependency you can also do 2:09explicit dependencies where you 2:11can just tell a resource to wait until 2:13another one is 2:14up and ready to go so that's one of the 2:17key advantages of terraform 2:18is that it takes kind of a declarative 2:20approach 2:21so we've talked about terraform let's 2:23kind of switch gears here a little bit 2:24and talk about what ansible is really 2:26good at 2:28and now ansible's main kind of purpose 2:30in my opinion 2:31is configuration management this 2:33includes things like application 2:35deployment 2:36but it can actually also do 2:37infrastructure provisioning 2:39now one of the key things i'll say about 2:41ansible is that it's not necessarily 2:43declarative 2:44but it supports declarative resources 2:46and it's not necessarily procedural 2:48either it's kind of 2:49let's call it a hybrid 2:53now in this sense i basically mean that 2:55you know ansible 2:56supports much like terraform kind of 2:58configuration files to do your 2:59automation 3:00so for example configuration management 3:03task can be something like 3:05first you would start up a vm maybe it 3:08was stopped 3:09maybe you need to restart it or stop it 3:10or something like that and some 3:12configuration so 3:13just telling it you know just to start 3:15up then maybe you install some 3:16application 3:18into the vm and some drivers maybe you 3:20need to install the runtimes 3:22and so you kind of have some 3:23configuration steps maybe you utilize 3:26the open source community where they 3:27you know build modules and collections 3:29of these things that make you 3:31allow you to get started quickly and 3:33then maybe finally you start the actual 3:35application so these are all config 3:37management tasks app 3:39application deployment you're working 3:40with resources that are already created 3:43now the reason i say it's hybrid is 3:45because although the resources are 3:46written kind of in a declarative fashion 3:49they're actually executed top to bottom 3:51so this is an ansible playbook 3:53and ansible with first star with the vm 3:55creation and then installing the app and 3:56then starting the app 3:58so if you had these in the wrong order 3:59things wouldn't work correctly so that's 4:01my view that's why i think you know 4:02ansible is declarative and procedural in 4:05a sense it's kind of a hybrid of both 4:07depending on how your modules are 4:08written 4:10so we've got our infrastructure we've 4:12got our kind of configuration 4:14now let's talk about you know going back 4:16to terraform what it looks like to 4:17actually 4:18start executing this configuration so 4:21first thing we'll do 4:22is you know generally you want to do 4:23something called a terraform plan which 4:25will enable you to see 4:26what will actually come up before you 4:29actually execute 4:31the real api calls we'll do a terraform 4:33plan and 4:34you know it'll spin up some of this a 4:36view of 4:37what's going to actually get created so 4:39the database cluster the vpc 4:41and when it all looks good you'll do a 4:42terraform apply that will use your api 4:45key and run the actual 4:46api calls against your cloud provider 4:49you know using your api key 4:51and spin up all of that infrastructure 4:53and this is what terraform is really 4:55good at and this brings me to 4:57my third thing about terraform is that 4:59it's very much managed on state 5:02for life cycle management so one of the 5:04really cool things here is for example 5:06you know once you've created this 5:08infrastructure if you go back 5:10and you know remove an entire piece of 5:12config 5:13for example to create vpc block if you 5:15remove that and you run a terraform 5:17apply again 5:18it'll actually remember from last time 5:20it'll say hey last time you had this now 5:22you've removed it and it'll go ahead and 5:24remove that vpc 5:25for you now the difference with ansible 5:27is that there is no kind of 5:29life cycle management 5:33no now essentially what this means is 5:34that if you wanted to delete 5:36some step of this flow you can't just 5:38remove it you would need to kind of mark 5:40it for deletion so you 5:42need to kind of do a remove app step now 5:45that's that doesn't go 5:46to say that you couldn't necessarily 5:48create an ansible playbook 5:50that automatically recognizes when you 5:52remove some configuration and run the 5:53steps 5:54the point is with terraform you get it 5:55automatically and with ansible you kind 5:58of have to 5:58implement that life cycle management 6:00into your actual code 6:02another key point i want to make here is 6:04item potency 6:05so that's essentially the ability to run 6:07something multiple times and if nothing 6:09has changed it won't actually run 6:10anything 6:11run any new actions so with terraform 6:13you get that automatically so you can 6:15run this a thousand times 6:16and the first time it'll create 6:18everything and the remaining 999 times 6:20it would actually just say hey you 6:22already have it nothing's changed 6:23and it wouldn't do anything now with 6:26ansible 6:26you could technically create item potent 6:28modules but it's not a requirement 6:31so that's something that you as a 6:32developer have to consider when using 6:34ansible is you know 6:35see the community modules you're using 6:37the cloud provider modules and 6:39collections you're using 6:40and make sure they're important and if 6:42they're not you know you might have to 6:43do some additional work 6:44to get them going now i think i've made 6:47a case for both capabilities here 6:49but i want to talk a little bit about 6:51the similarities between the two as well 6:53for one they both support heavy 6:55templating 6:57so this is great so you can have kind of 6:59one source of truth and then different 7:00configuration files so for example if 7:02you wanted a dev 7:03and a test and a prod environment you 7:05can have one source of truth 7:07and then kind of just switch out the 7:08variables that you're using to spin up 7:09the different environments 7:10so that's something neat that both 7:12environments support number two 7:14they're both open source as i mentioned 7:17but the key thing i want to mention is 7:18that you know they've got a big kind of 7:20community as well 7:21so for terraform they have the terraform 7:23registry with modules being developed 7:25providers to work with the cloud 7:27providers and and so they've got this 7:29rich community to help you get started 7:30very quickly and ansible's the same 7:32they've got ansible galaxy with 7:34collections of modules so you can get 7:35started very quickly with existing 7:37playbooks and that kind of thing 7:39so they're they're similar in that sense 7:41that they've got this big kind of 7:42community 7:43and the last thing i'll say is agent 7:45lists which is kind of more 7:47relevant in the ansible context than 7:48terraform since they're it's doing 7:50configuration management 7:51you don't have to install an agent on a 7:53vm somewhere it's 7:54both of these tools are kind of plug and 7:56play easy to get started whether on your 7:57local machine 7:58or somewhere in the cloud these tools 8:01are both very similar in that they're 8:02easy and quick to get started with 8:05now you might be wondering you know in 8:07the beginning i said these tools are 8:08complementary 8:09so how would you use ansible and 8:10terraform together 8:12well there's a couple of approaches you 8:15could start with terraform 8:16now as i mentioned terraform is really 8:18good at provisioning so you could have a 8:19terraform configuration that spins up 8:21some infrastructure 8:22and then once that infrastructure is 8:24ready you can actually use terraform to 8:25call ansible 8:27to do configuration management on the on 8:29the resources you spun up 8:30so starting the vm and installing an app 8:32and that kind of thing 8:33you could also take the other approach 8:35and start with ansible and in the first 8:37step of your ansible playbook 8:38call terraform to spin up infrastructure 8:42and then pick up where terraform leaves 8:44off take that infrastructure which is 8:46you know 8:46in some inventory an ansible inventory 8:49and run the ansible actions on that 8:51so in essence ansible and terraform can 8:53work really well together because 8:55terraform is very good 8:56at infrastructure provisioning but falls 8:58short where ansible comes in 9:00with configuration management and i 9:02think together 9:03you know both open source world-class 9:06infrastructure automation tools i think 9:08together you can really create a 9:09complete 9:10infrastructure automation story i want 9:13to thank you for joining me for this 9:14video today 9:15if you want to see what ibm cloud is 9:17doing in the infrastructure automation 9:18space 9:19be sure to check out ibm cloud 9:20schematics if you have any questions or 9:22you like the video be sure to drop a 9:24comment below 9:25and a like be sure to subscribe and stay 9:27tuned for more videos like this in the 9:29future 9:30thank you