Question

Ansible inventory plugin instead of Terraform?

Posted November 5, 2021 37 views
AnsibleTerraform

Hello!

I am trying to setup a cloud with VPC and want to make it private by restricting access only for internal nodes and avoid using floating IPs (except for vpn server).

The problem is that I can’t rely on private IP addresses to manage ansible inventory, because they can change if I recreate deployment from scratch and even not sure if they may change on reboots.

To handle this, I decided to use ansible DO inventory plugin. It seems to allow dynamic extraction of droplets’ private IP addresses instead of hardcoding them in the inventory.

And here is the dilemma I have on how to manage my setup:

  • Terraform (to manage infrastructure) + Ansible DO inventory plugin (to extract private IP addresses dynamically)
  • Ansible DO inventory plugin to do both tasks

I don’t have much experience, but it seems there is no difference whether to define droplets/firewalls/… using Terraform or using digital_ocean_droplet/digital_ocean_firewall/… from the ansible DO inventory plugin.

So the question is, should I get rid of Terraform to simplify things or I will regret it at some point of time? If so, what are the pros of sticking with Terraform?

Thanks to everyone in advance!

Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!