I am trying to setup a cloud with VPC and want to make it private by restricting access only for internal nodes and avoid using floating IPs (except for vpn server).
The problem is that I can’t rely on private IP addresses to manage ansible inventory, because they can change if I recreate deployment from scratch and even not sure if they may change on reboots.
To handle this, I decided to use ansible DO inventory plugin. It seems to allow dynamic extraction of droplets’ private IP addresses instead of hardcoding them in the inventory.
And here is the dilemma I have on how to manage my setup:
I don’t have much experience, but it seems there is no difference whether to define droplets/firewalls/… using Terraform or using
digital_ocean_firewall/… from the ansible DO inventory plugin.
So the question is, should I get rid of Terraform to simplify things or I will regret it at some point of time? If so, what are the pros of sticking with Terraform?
Thanks to everyone in advance!
Click below to sign up and get $100 of credit to try our products over 60 days!