Hi Riccardo, I have also tried the ansible modules to boot resources in OpenStack and Amazon but IMHO terraform seems more powerful and easy to use (disclaimer: I haven only done small tests with both tools and not "big" deployments so I could be wrong or miss important details)
When you have some time I would suggest you check some youtube videos about "terraform intro" and then try the OpenStack/Terraform example here https://github.com/terraform-providers/terraform-provider-openstack/tree/master/examples/app-with-networking What I found quite convenient in Terraform is how easy it's to register everything from scratch. Trying that example in a "empty" openstack account just doing "terraform apply" you get ssh keys, network layout, firewall rules, floating ips and VMs. When you do "terraform destroy" everything is wiped out. In my experience doing this using ansible modules is more complex. For the elasticluster use case I could imagine maintaining some terraform config templates in elasticluster for AWS/GCE/OpenStack/Azure and fill up those templates based in the elasticluster options. Then run "terraform apply" to boot the cloud infrastructure and use ansible to configure it. To finish you only need to do "terraform destroy" and everything booted up by elasticluster/terraform is gone. Maybe an option could also be to tag all the resources booted with terraform and then use the ansible dynamic inventory to apply the config to resources tagged as X. I think ansible has dynamic inventories for AWS/GCE/OpenStack/Azure. Another nice detail to make the elasticluster/terraform integration easier is that it's a single golang binary so using it only requires to download and execute it. In any case, this is just a quick idea that came to my mind. I haven't spent enough time thinking about the technical details, possible problems or better approaches so don't take me too serious ;) Btw next Tuesday I will be in Zurich in your university. If you are around we can have a quick chat to discuss the topic :) regards, Pablo. On Wed, Mar 21, 2018 at 9:19 PM, Riccardo Murri <[email protected]> wrote: > Hi Pablo, all, > > > Maybe for the future you want to evaluate to option of delegating to > > terraform the communication with cloud apis and rely in ansible only for > > configuration. > > This is certainly a good suggestion, and an option I would like to > explore. Can we make an EnhanceR project out of it? :-) > > That said, I had been thinking of doing a similar thing but with > Ansible (which has a large number of modules dedicated to > provisioning), see: https://github.com/gc3-uzhent > -ch/elasticluster/issues/364 > From what I understand of the Terraform website (no direct > experience), this would be similar to writing a TF configuration and > then applying it. > > The idea has been actually already implemented in TmDeploy (see [1]), > a specialized deployment script that builds on ElastiCluster, and the > outcome is "mixed" in my opinion. > > On the good side, using Ansible allowed TmDeploy to easily implement > features that have been on my TO-DO list for a long time (e.g., > creating and attaching additional volumes to VMs). > > On the bad side, there are a few inconveniences: > > - Error reporting is *bad*: if something goes wrong, you're left with > an Ansible playbook failure which is typically very hard to debug > (say, the first step is extracting an actual error message from a JSON > dump...) Basically there's nothing that can be done here, since we're > just calling an external program. This means, ElastiCluster would > become even less user-friendly (if possible) and support requests > would increase... (but maybe TF is much better in this regard, I do > not know) > > - Infrastructure deployment is slow: by construction, Ansible > playbooks are executed sequentially so you wait for one VM to come up, > then start another, then another... There might be some tricks to > apply here but getting too smart makes error detection and reporting > even worse... (Again, it's quite possible that TF is better in this > respect since it apparently compiles a dependency graph and I presume > that it can effect independent changes concurrently.) > > Does anyone have other experiences? Suggestions? > > Ciao, > R > -- You received this message because you are subscribed to the Google Groups "elasticluster" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
