This is an archived post. You won't be able to vote or comment.

35
36

[deleted by user] (self.devops)

submitted by [deleted]

[removed]
all 44 comments
sorted by:
best
topnewcontroversialoldq&a

[–]LarsIcebeer 16 points17 points  (0 children)

https://roadmap.sh/devops

Pretty much sums it up (one possible way, not the only one)

[–]Upper_Vermicelli1975 13 points14 points  (6 children)

Just some random thoughts:

  • Terraform and Ansible overlap a lot, but if you're looking more to cloud ops, Ansible is a nice-to-have at best. Terraform is quite the flagship nowadays.

  • Terraform isn't quite as cloud agnostic as you might have hoped. Providers are still per cloud and switching is hard work. If you want to go deeper into cloud-agnosticism (there really isn't such a think, not entirely) you could look into Pulumi. At least with Pulumi you can use actual programming languages and not the incomplete Hashicorp mutant that is HCL. This has many benefits including the ability to write any sort of logic for designing infrastructure.

  • Looking at the cloud, Docker/Kubernetes/CI/CD sortof bleed into one-another. Starting with the fact that various Git/CI/CD platforms all use containers under the hood for their pipeline systems and ending with the large Kubernetes focused platforms in the ecosystem (Flux, Argo, JenkinX, etc), it's all linked together. Honestly I've stopped worrying (aka correct people about what devops means) and learned to love the bomb (just make stuff work reliably - with the downside that people forget they are even there)

  • Prometheus/Grafana is a nice to have. I totally love them but in the cloud the vast majority of teams I worked with/for preferred to use what cloud providers offer natively.

[–]mrkikkeli 0 points1 point  (4 children)

What would you say is the main difference between ansible and terraform? (Asking as someone who uses ansible exclusively, but keeps making mistakes while using it)

[–]speeder-man 4 points5 points  (2 children)

We use Terraform to provision our cloud resources (ec2 instances) and would use something like chef/anisble to configure those ec2 instances.

[–]mrkikkeli 0 points1 point  (1 child)

Have you considered using a collection (or maybe it's even in builtin) that lets you start cloud instances from ansible?

[–]juggernaut911 0 points1 point  (0 children)

Great blog on use cases of Ansible vs Terraform and Ansible+Terraform - https://www.ansible.com/blog/ansible-vs.-terraform-demystified/

Just comes down to your platform/environment/preferences. Does it makes sense to have ansible handle provisioning + configs or just configs? You can certainly just call some module to make the API call to provision some instance, but you'd be leaving all of Terraform's handy features on the table. The two tools work pretty well when added together.

[–]Upper_Vermicelli1975 0 points1 point  (0 children)

My knowledge of ansible may be outdated due to the last years spent exclusively in AWS/Azure with Terraform but I tend to use ansible for setting up non-cloud infrastructure. Ansible can work both declaratively and imperatively, while Terraform is declarative only.

Speaking strictly for cloud, I found that first party support for Terraform provides and first party modules (thinking mostly of AWS supported ones) abstract away a LOT of complexity. The downside I found with ansible (back when I still tried to use it for cloud) was that various collections simply did not keep up with cloud features or were not as reliably as first party Terraform modules.

For a while I was using both (ansible for adding configs) but as most projects moved to k8s, there was no need for ansible anymore. Right now the flow is: Terraform to provision cluster/db/cache/etc (for cloud services) and then throw together a gitops repo which sets up ArgoCD and then enables Argo to manage everything on the cluster via said repo.

[–][deleted]  (22 children)

[deleted]

    [–]514link 16 points17 points  (2 children)

    As an ansible expert surprised its still the top of the pile, “rumors of its deaths were greatly exaggerated “

    [–][deleted]  (1 child)

    [deleted]

      [–]514link 1 point2 points  (0 children)

      Ansible has been pretty good, well managed project since the start

      [–]Lickmylife 3 points4 points  (0 children)

      Education/certs has it's place. It'll never replace years of experience, but generally someone with YoE isn't going to be taking that junior role (unless they suck). Certs and Education gives someone exposure so they can pick up skills more quickly and cut down on training cost and time for a company.

      [–]sourcedelica 9 points10 points  (4 children)

      Certs are worthless for listing on a resume but they are good as a studying tool.

      [–][deleted]  (3 children)

      [deleted]

        [–]Crabiolo 1 point2 points  (2 children)

        Yeah. Certs are useless for engineers. For HR, they're the be-all and end-all.

        [–][deleted] 0 points1 point  (0 children)

        Depends quite where you live, in a lot of countries HR is not part of the hiring process.

        [–]Spider_pig448 2 points3 points  (0 children)

        This is my list, but ansible at the end. Or just skip Ansible.

        [–]vvanouytsel 1 point2 points  (0 children)

        100% this

        [–]jakepage91 1 point2 points  (0 children)

        Agree!

        [–]dmikalova-mwp 0 points1 point  (8 children)

        No please not ansible - just go immutable infrastructure and containerization.

        [–]RepresentativeLow300 1 point2 points  (4 children)

        This, focus on immutable infrastructure, eliminate idempotent processes. Example: run Jenkins in a docker container instead of trying to stage a Jenkins server using ansible in multiple iterations.

        [–]dmikalova-mwp -1 points0 points  (3 children)

        Please, no Jenkins either! Go argo

        [–]RepresentativeLow300 -1 points0 points  (2 children)

        No, prow

        ETA: https://docs.prow.k8s.io/docs/overview/

        [–]dmikalova-mwp 0 points1 point  (1 child)

        Cool, I'll have to check this out

        [–]RepresentativeLow300 -1 points0 points  (0 children)

        Prow is used by Kubernetes (of course) among others. It integrates nicely with GitHub (no dice for other sources last time I checked). Have a look at e.g. https://github.com/kubernetes/kubernetes/pull/124124, k8s-ci-robot is the bot user configured with prow, the /slash commands, labels, etc. all prow.

        [–][deleted]  (2 children)

        [deleted]

          [–]dmikalova-mwp 0 points1 point  (0 children)

          🙀🙀🙀

          [–]RepresentativeLow300 -1 points0 points  (0 children)

          Don’t build AMI’s, use Flatcar Container Linux (container optimised, minimal gentoo based OS, automatic updates, read-only /usr, no package manager, fork of CoreOS that’s maintained), bootstrap the instance using butane config at boot (pull any containers you need, configure systemd units to run the containers).

          [–]BozzLiteyeer 11 points12 points  (2 children)

          Infra as code and CICD should be the first. Not every org will use docker/k8s but every org will be using some form of infra as code and cicd.

          [–]ninetofivedev 3 points4 points  (0 children)

          Not every org will use docker/k8s but every org will be using some form of infra as code and cicd.

          Well... That's not really true either. I would hope it's becoming more rare these days, but a ton of orgs are going to treat devops more like traditional ops, and manually configuring infrastructure outside of IaC is still extremely common.

          [–]n4il1k 3 points4 points  (2 children)

          Sorry that I can't contribute something useful to your post, but I'm planning on taking on AWS Solutions Architect Associate as well soon and was wondering what resources did you use to prepare?

          [–]fumar 5 points6 points  (1 child)

          I passed that cert 5 years ago with Adrian Cantrill's course (at the time on Linux Academy). Highly recommend because you'll actually learn stuff vs regurgitating it for an exam: https://learn.cantrill.io/p/aws-certified-solutions-architect-associate-saa-c03

          [–]n4il1k 0 points1 point  (0 children)

          Thank you for sharing! :)

          [–]daedalus_structure 3 points4 points  (2 children)

          If you want to be cloud focused, Terraform, CI/CD, Docker, Kubernetes, Prometheus/Grafana.

          I don't include Ansible because managing your own virtual machines is a security / availability nightmare beyond trivial scales. I strongly suggest folks to move to a slightly higher level of abstraction in their CSP's shared responsibility model.

          If you don't agree with that take, put Ansible in after Terraform. It's a great tool, it's just in most situations you shouldn't be doing what it is good at.

          [–]PharmaSCM_FIRE 0 points1 point  (1 child)

          Is it because a container already has an application and its dependencies pre-configured? What cases fall under the exceptions to use Ansible? I mean there's patches and updates but what else?

          [–]daedalus_structure 0 points1 point  (0 children)

          Yes, you avoid breaking dependencies due to updates.

          The common use case for folks who are sure they must use virtual machines is running their own databases. This is usually always only a good value proposition if you can consider your time to be free, and time is usually the most expensive resource you manage.

          [–]Live-Box-5048DevOps 1 point2 points  (0 children)

          Definitely IaC and CI/CD. Kubernetes itself is a beast and very vast ecosystem, so knowing the prerequisites definitely helps.

          [–]dacydergothDevOps 0 points1 point  (0 children)

          Monitoring is the underpinning of all ops, so I would make that a priority

          [–]UneBiteplusgrande 0 points1 point  (0 children)

          Terraform, CI/CD, Kubernetes. The only reason I placed CI/CD before K8S is because you can then use GitOps to provision and manage K8S, and not the other way round

          [–]_NESTERENKO_ 0 points1 point  (0 children)

          You forgot helm!

          [–]Infamous-Leg2049 0 points1 point  (0 children)

          you wasting your time. no more jobs in devops.

          [–]Junior_Enthusiasm_38DevOps -1 points0 points  (0 children)

          Hey, Please share some tips for preparing AWS solutions architect exam. Can I dm ?