What is Terraform?
HashiCorp Terraform is an open source infrastructure as code management tool mainly specialized for orchestration and provisioning in data center environments. Terraform does not directly configure or install apps or software; instead, it creates, changes or destroys servers to reach an end state.
Terraform uses a declarative approach to deal with network management, which means the user sets an end state that is to be maintained, and Terraform performs the actions necessary to maintain that state.
SEE: Feature comparison: Time tracking software and systems (TechRepublic Premium)
What is Ansible?
Red Hat Ansible is also an IaC management tool, but it uses a procedural approach, which is the key difference setting it apart from Terraform.
Through Ansible’s procedural approach, user-defined steps are used in a configuration to achieve the desired state or change. This means it is best suited for adding installations or software on top of existing networks.
Ansible is an agentless system and uses SSH or other authentication methods to communicate. This makes it lightweight and efficient. Ansible does require Python to be installed on targets, as it does install small modules using JSON, but these modules are automatically removed after being executed by Ansible.
Terraform vs. Ansible: Feature comparison
Feature | Terraform | Ansible |
---|---|---|
Purpose | Provisioning and orchestration | Configuration and adding software |
Approach | Declarative | Procedural |
Network | Best for building services from the ground up | Works best on an existing network |
Mutable | No | Yes |
Head-to-head comparison: Terraform vs. Ansible
Masterless
Both Terraform and Ansible are masterless management tools. They do not require a central server for saving the state of your infrastructure.
Agentless
Both use an agentless system. With Terraform, commands are sent to the cloud services which then use their own agents to carry out functions. Ansible does require you to run SSH Daemon, and also installs a small Python module when executing actions, but these simple modules are removed after execution.
Open source
Both of these tools are open source. They also both have large communities of users which share and help to build updates, as well as offer support and quickly find any security issues. Ansible is written in the popular Python language, while Terraform uses the HashiCorp Configuration Language, or HCL.
Which is the better IaC tool?
A business should choose between Terraform or Ansible based on their exact needs and existing infrastructure.
With Terraform being built on a declarative approach, it works best for maintaining a steady state within your infrastructure without much intervention. This also holds true for building an infrastructure from scratch and getting up to a specific state.
Ansible’s procedural approach is for those who need to manage and configure their infrastructure in ways that see it evolving and changing over time. Things such as adding software or updates in an already configured environment is where Ansible excels over Terraform.
When it comes to simplicity, Ansible is widely regarded as the easier of the two to use. Although based on a command line interface, there is a new web-based UI, but it does not have the full features of the command line tool. However, Terraform is also very streamlined and intuitive. So Ansible only gets a slight edge here.
As stated, these two tools are each suited best for different tasks. Both are fully featured and secure, so it really comes down to whether you need a tool that focuses on provisioning and orchestration or specific configuration management.