Need advice about which tool to choose?Ask the StackShare community!
Ansible vs AWS CloudFormation: What are the differences?
Ansible: Radically simple configuration-management, application deployment, task-execution, and multi-node orchestration engine. Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates. Ansible’s goals are foremost those of simplicity and maximum ease of use; AWS CloudFormation: Create and manage a collection of related AWS resources. You can use AWS CloudFormation’s sample templates or create your own templates to describe the AWS resources, and any associated dependencies or runtime parameters, required to run your application. You don’t need to figure out the order in which AWS services need to be provisioned or the subtleties of how to make those dependencies work.
Ansible and AWS CloudFormation are primarily classified as "Server Configuration and Automation" and "Infrastructure Build" tools respectively.
Some of the features offered by Ansible are:
- Ansible's natural automation language allows sysadmins, developers, and IT managers to complete automation projects in hours, not weeks.
- Ansible uses SSH by default instead of requiring agents everywhere. Avoid extra open ports, improve security, eliminate "managing the management", and reclaim CPU cycles.
- Ansible automates app deployment, configuration management, workflow orchestration, and even cloud provisioning all from one system.
On the other hand, AWS CloudFormation provides the following key features:
- AWS CloudFormation comes with the following ready-to-run sample templates: WordPress (blog),Tracks (project tracking), Gollum (wiki used by GitHub), Drupal (content management), Joomla (content management), Insoshi (social apps), Redmine (project mgmt)
- No Need to Reinvent the Wheel – A template can be used repeatedly to create identical copies of the same stack (or to use as a foundation to start a new stack)
- Transparent and Open – Templates are simple JSON formatted text files that can be placed under your normal source control mechanisms, stored in private or public locations such as Amazon S3 and exchanged via email.
"Agentless" is the top reason why over 251 developers like Ansible, while over 36 developers mention "Automates infrastructure deployments" as the leading cause for choosing AWS CloudFormation.
Ansible is an open source tool with 37.8K GitHub stars and 15.8K GitHub forks. Here's a link to Ansible's open source repository on GitHub.
PedidosYa, Keen, and New Relic are some of the popular companies that use Ansible, whereas AWS CloudFormation is used by TimeHop, Custora, and NASA Jet Propulsion Laboratory. Ansible has a broader approval, being mentioned in 955 company stacks & 578 developers stacks; compared to AWS CloudFormation, which is listed in 195 company stacks and 75 developer stacks.
I'm just getting started using Vagrant to help automate setting up local VMs to set up a Kubernetes cluster (development and experimentation only). (Yes, I do know about minikube)
I'm looking for a tool to help install software packages, setup users, etc..., on these VMs. I'm also fairly new to Ansible, Chef, and Puppet. What's a good one to start with to learn? I might decide to try all 3 at some point for my own curiosity.
The most important factors for me are simplicity, ease of use, shortest learning curve.
I have been working with Puppet and Ansible. The reason why I prefer ansible is the distribution of it. Ansible is more lightweight and therefore more popular. This leads to situations, where you can get fully packaged applications for ansible (e.g. confluent) supported by the vendor, but only incomplete packages for Puppet.
The only advantage I would see with Puppet if someone wants to use Foreman. This is still better supported with Puppet.
If you are just starting out, might as well learn Kubernetes There's a lot of tools that come with Kube that make it easier to use and most importantly: you become cloud-agnostic. We use Ansible because it's a lot simpler than Chef or Puppet and if you use Docker Compose for your deployments you can re-use them with Kubernetes later when you migrate
Ok, so first - AWS Copilot is CloudFormation under the hood, but the way it works results in you not thinking about CFN anymore. AWS found the right balance with Copilot - it's insanely simple to setup production-ready multi-account environment with many services inside, with CI/CD out of the box etc etc. It's pretty new, but even now it was enough to launch Transcripto, which uses may be a dozen of different AWS services, all bound together by Copilot.
Because Pulumi uses real programming languages, you can actually write abstractions for your infrastructure code, which is incredibly empowering. You still 'describe' your desired state, but by having a programming language at your fingers, you can factor out patterns, and package it up for easier consumption.
We use Terraform to manage AWS cloud environment for the project. It is pretty complex, largely static, security-focused, and constantly evolving.
Terraform provides descriptive (declarative) way of defining the target configuration, where it can work out the dependencies between configuration elements and apply differences without re-provisioning the entire cloud stack.
AdvantagesTerraform is vendor-neutral in a way that it is using a common configuration language (HCL) with plugins (providers) for multiple cloud and service providers.
Terraform keeps track of the previous state of the deployment and applies incremental changes, resulting in faster deployment times.
Terraform allows us to share reusable modules between projects. We have built an impressive library of modules internally, which makes it very easy to assemble a new project from pre-fabricated building blocks.
DisadvantagesSoftware is imperfect, and Terraform is no exception. Occasionally we hit annoying bugs that we have to work around. The interaction with any underlying APIs is encapsulated inside 3rd party Terraform providers, and any bug fixes or new features require a provider release. Some providers have very poor coverage of the underlying APIs.
Terraform is not great for managing highly dynamic parts of cloud environments. That part is better delegated to other tools or scripts.
Terraform state may go out of sync with the target environment or with the source configuration, which often results in painful reconciliation.
I personally am not a huge fan of vendor lock in for multiple reasons:
- I've seen cost saving moves to the cloud end up costing a fortune and trapping companies due to over utilization of cloud specific features.
- I've seen S3 failures nearly take down half the internet.
- I've seen companies get stuck in the cloud because they aren't built cloud agnostic.
I choose to use terraform for my cloud provisioning for these reasons:
- It's cloud agnostic so I can use it no matter where I am.
- It isn't difficult to use and uses a relatively easy to read language.
- It tests infrastructure before running it, and enables me to see and keep changes up to date.
- It runs from the same CLI I do most of my CM work from.
Pros of Ansible
- Agentless284
- Great configuration210
- Simple199
- Powerful176
- Easy to learn155
- Flexible69
- Doesn't get in the way of getting s--- done55
- Makes sense35
- Super efficient and flexible30
- Powerful27
- Dynamic Inventory11
- Backed by Red Hat9
- Works with AWS7
- Cloud Oriented6
- Easy to maintain6
- Vagrant provisioner4
- Simple and powerful4
- Multi language4
- Simple4
- Because SSH4
- Procedural or declarative, or both4
- Easy4
- Consistency3
- Well-documented2
- Masterless2
- Debugging is simple2
- Merge hash to get final configuration similar to hiera2
- Fast as hell2
- Manage any OS1
- Work on windows, but difficult to manage1
- Certified Content1
Pros of AWS CloudFormation
- Automates infrastructure deployments43
- Declarative infrastructure and deployment21
- No more clicking around13
- Any Operative System you want3
- Atomic3
- Infrastructure as code3
- Cons1
- CDK makes it truly infrastructure-as-code1
- Automates Infrastructure Deployment1
- K8s0
Sign up to add or upvote prosMake informed product decisions
Cons of Ansible
- Dangerous8
- Hard to install5
- Doesn't Run on Windows3
- Bloated3
- Backward compatibility3
- No immutable infrastructure2
Cons of AWS CloudFormation
- Brittle4
- No RBAC and policies in templates2