re: How do you manage deployment configs? (Especially large scale cloud agnostic ones) VIEW POST

FULL DISCUSSION
 

Terraform + Ansible can handle anything. My suggestion is to write external Terraform providers to cover infrastructure pieces with whatever language your company uses (you said nodejs above), as that's a realistic expectation to have installed everywhere.

Ansible should be used to ease anything that requires a -> b -> c flow. Doing this with Terraform is possible, yet I find it's much more digestable at a glance with Ansible hence why I suggest using them side-by-side.

Think of Terraform as your environment builder, and Ansible as your task-runner to run things in said environment.

It's also important to have things structured well. My current position uses a Makefile across all Terraform projects with well defined plan/apply key-words that are applicable across them all. Terraform should also have a single "module repo" with nested modules accessed via:

source = "git@gitrepo.fqdn:org/project.git//path/to/thing?ref=commit_hash"
(don't forget to pin your modules!!)

I find that those two tools fill 95% of use-cases, and the other 5% are better served with one-off tools anyway.

code of conduct - report abuse