Ansible vs Fabric

Ben Sturmfels at 2017-05-08T07:24:25Z

I'm trying to love Ansible, but ansible-playbook -i inventory.ini --sudo -v certbot-renew.yml is just messy compared to say fab certbot-renew.

uıɐɾ ʞ ʇɐɯɐs likes this.

Show all 7 replies

>> Ben Sturmfels:

“>that I might only run now and again.”

Fair enough. In salt, you would put your host-specific states in top.sls. Then you can just run salt '*' state.highstate when you need to redeploy/update/whatever and forget about running any certbot-related commands, states or playbooks directly ever again. :)

Adam Bolte at 2017-05-08T08:06:50Z

If there's an "ansible.cfg" file in the current directory, you can put "inventory=inventory.ini" in the "[defaults]" section and not have to mention it on the command-line.

Instead of saying "--sudo", you can put "become: true" into your playbook file.

That makes the Ansible command-line a bit simpler, but still not quite as simple as Fabric.

In my experience, Ansible really shines when you have modular configuration, where these hosts need this subset of configuration applied to them, but those hosts need that overlapping-but-not-identical subset of configuration applied. Using Ansible for configuring a single thing on a single host is overkill for production, although it's a good way to learn about it.

Screwtape at 2017-05-08T08:45:09Z

Ben Sturmfels likes this.

Ansible's config system is also a turing tarpit, and the tarpit is getting deeper and stickier

Christopher Allan Webber at 2017-05-08T19:29:49Z

Ben Sturmfels, clacke@libranet.de ❌ likes this.

Thanks for these tips @Screwtape. I've now mostly switched across from Trisquel 8 to GuixSD for my daily work, so appreciating the newer version of Ansible with the features you mentioned (inventory=inventory.ini in ansible.cfg and become: true in playbook file).

Ben Sturmfels at 2017-10-30T00:17:27Z