|
|
|
|
|
|
by ldoughty
2368 days ago
|
|
|
I've used Ansible on AWS for 2 years to build out over 50,000 servers, to set up the vpc architecture, control IAM roles, nearly everything. Ansible kept breaking. A minor patch on v2.5.x destroyed my VPC links, 2.6 broke my IAM, at one step I had to have an intern set log group expiration on 200 log group across several accounts because ansible doesn't support log group going from "undefined" expiration to any value. I started with ansible because the the server modules are good... But I'm leaving them (for aws components) because there's just no quality control on the releases. I was tired of multiple sprints a year getting side tracked by a tool meant to help. Now our DevOps team uses SAM templates, a superset/tool on CloudFormation. We've had 0 outages or sidetracks over the last year due to a SAM/CF bug, and we now have access to be features that came out in the last 18 months that ansible still doesn't support. I don't suggest CloudFormation as a solution if you co-exist in multiple clouds, but I also reject the common belief among managers that teraform and ansible are the "god tools". Or team was almost forced onto teraform because a manager was convinced by a Hashicorp marketing guy that you could take a complex about setup from one cloud to another in 4-6 weeks using their product because the modules are cross-cloud. Right... Anyway, Ansible is still our server control platform (though we are moving more serverless), but cloud formation is what we use to build the entire accounts supporting ecosystem |
|
|
[0] - https://docs.ansible.com/ansible/2.3/s3_bucket_module.html
[1] - https://github.com/ansible/ansible/issues/47945