Terraform vs Ansible, Ansible vs Terraform - Google search is full of those queries, but are they true? Is there a war between those solutions and you can use only either-or? Or are they, in fact, a great combination and can or even should be used together? This article aims to solve the confusion and once for all answer the question: Terraform or Ansible?
This article is based on research as well as the subjective opinions of developers.
Table of Contents
Terraform
According to Terraform’s website
Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.
Terraform is used by Slack, Twitch (owned by Amazon, which has its own infrastructure building tools like Cloud Formation), Uber, Starbucks. It can be integrated with CloudFlare, Heroku, Microsoft Azure or Google Compute Engine.
Ansible
Ansible is the simplest way to automate and configure apps and IT infrastructure. An enterprise automation platform for the entire IT organization, no matter where you are in your automation journey.
Ansible is used by companies like 9gag, Zalando and Revolut. It can be integrated with Docker, Amazon EC2 or Kubernetes.
Who’s the best?
First of all, it is hard to clearly determine which one is better, because, although they are similar, they were created for different purposes.
Terraform is an orchestration tool and Ansible is a configuration management tool, however, some of their functions overlap, but are not excluding and can be used together.
I came across a great analogy to explain it: an orchestra of musicians. Here, Terraform would be a conductor who ensures that the right number of instruments are playing and sound correct.
If there is an issue, the conductor replaces the broken instrument with a working one. We can say that orchestration tools focus on the end result and make sure that the environment stays in a particular “state”. This makes Terraform a fantastic option for environments that require a steady-state.
Ansible - the configuration management tool - in such a situation will behave differently. It will work in order to repair the broken instrument instead of replacing it. However, Ansible is able to perform orchestration tasks, but Terraform is thought to be more advanced and generally a better option for it.
Terraform has built-in parallel mechanisms which allow creating a set of resources (within dependency tree) in threads. To achieve the same, Ansible would require to creatively use async and poll, which would probably make you do async blocks with a wait period between them.
Procedural or Declarative?
Another division in DevOps tools is procedural vs declarative. Those categories describe how tools perform their actions. Here, Terraform falls into the declarative group, which means if your defined environment changes, it will be corrected by Terraform.
Going back to the analogy of an orchestra - with Terraform you would have to declare how many more (or less) instruments do you want. So if you have 5 instruments and need 5 more, you would lay it in the code. If you need less you would specify how many you want to be removed.
On the other hand, Ansible would be perceived as a hybrid as it can perform procedural-style configuration or make use of modules that perform decorative-style. So it is super important to read the documentation and ensure you understand the behaviour expected.
That being said, Terraform is perfect for configuring cloud infrastructures and Ansible is used for configuring servers within this infrastructure. Many use Terraform to build servers and Ansible to configure them, even though Terraform lacks a provisioning plugin for Ansible. You can also call necessary Ansible roles from within Terraform.
Going through statistics on stackshare.io however, Ansible is much more popular than Terraform scoring over 12k StackOverflow questions and 41k GitHub stars.
Conclusion
Terraform was designed with immutability in mind. It is a provisioning tool that deals with immutable infrastructures in a native way. This makes it a good choice when you reject configuration management tools. The tool is more intuitive for infrastructure orchestration because it was created for it and all of its updates are dedicated to that.
Ansible is optimized for configuration management and although it can perform orchestration tasks it is better to use the best (and fastest) tool for the given task.
All in all, both Terraform and Ansible can work as standalone tools or work together, but remember to always use the right tool for a given job.
