DigitalOcean

Report this

What is the reason for this report?
Question

Ansible inventory plugin instead of Terraform?

Posted on November 5, 2021
Terraform
Ansible
tzoiker

By tzoiker

Hello!

I am trying to setup a cloud with VPC and want to make it private by restricting access only for internal nodes and avoid using floating IPs (except for vpn server).

The problem is that I can’t rely on private IP addresses to manage ansible inventory, because they can change if I recreate deployment from scratch and even not sure if they may change on reboots.

To handle this, I decided to use ansible DO inventory plugin. It seems to allow dynamic extraction of droplets’ private IP addresses instead of hardcoding them in the inventory.

And here is the dilemma I have on how to manage my setup:

  • Terraform (to manage infrastructure) + Ansible DO inventory plugin (to extract private IP addresses dynamically)
  • Ansible DO inventory plugin to do both tasks

I don’t have much experience, but it seems there is no difference whether to define droplets/firewalls/… using Terraform or using digital_ocean_droplet/digital_ocean_firewall/… from the ansible DO inventory plugin.

So the question is, should I get rid of Terraform to simplify things or I will regret it at some point of time? If so, what are the pros of sticking with Terraform?

Thanks to everyone in advance!



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Bobby
Bobby
January 10, 2024

Hey there!

That’s a great question and quite a common dilemma in the world of cloud infrastructure and automation. Let’s dive into your options to find the best fit for your project.

First off, it’s awesome that you’re considering both Terraform and Ansible for your setup – both are fantastic tools in their own right. The key is to understand how they can complement each other in your workflow.

Using Terraform and Ansible Together:

  • Terraform is a powerhouse when it comes to infrastructure as code. It’s like having a blueprint for your entire infrastructure, making it super easy to manage and replicate. Plus, Terraform’s state management gives you a detailed overview of your infrastructure, which is incredibly handy for complex setups.
  • Ansible is more like your go-to tool for getting everything configured just the way you want after Terraform has set up the base. It’s brilliant for ensuring your configurations are consistent and maintained correctly across all your nodes.

Think of Terraform as the architect that designs and builds the structure, while Ansible is the interior designer that makes sure everything inside works perfectly and looks great.

Going Solo with Ansible:

  • If you’re aiming for simplicity and have a relatively straightforward setup, using just Ansible might be the way to go. Its dynamic inventory feature is a real gem, especially for managing environments where IP addresses or configurations might change frequently.
  • However, remember that while Ansible can manage infrastructure tasks to some extent, it’s not its primary strength compared to Terraform.

Some Food for Thought:

  • Consider the complexity of your infrastructure. If it’s relatively simple now but might grow in complexity, starting with Terraform could save you a lot of headaches down the road.
  • Think about your team’s skills and what they’re comfortable with. If everyone’s already up to speed with Ansible, introducing Terraform might require some upskilling.
  • How does either option fit into your existing workflows? Integration with your CI/CD processes is crucial for smooth operations.

Final Thoughts:

  • For smaller setups, managing everything with Ansible can work well.
  • In more complex or scalable environments, leveraging both Terraform for infrastructure and Ansible for configuration could be your best bet.

It’s all about what works best for your specific needs and context. Both strategies have their merits, and many folks successfully use a mix of Terraform and Ansible.

Hope this helps clear things up a bit! Feel free to reach out if you have more questions.

Best,

Bobby

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.