Mark StosbergAlright #DevOps tonight I'm starting a thread about trying out #Pulumi for the first time. This is an Infrastructure as Code tool with the pitch that you can write the code in the language of your choice ( https://www.pulumi.com/ ). I'll be comparing it to #Ansible which I have more experience with. I'll try porting a server I've defined with Ansible to Pulumi and see what my first impression is. First, I need to get installed and choose a language to code in. 🧵
I quickly checked out pulumictl but looks like I don't need it to get started with#pulumi
Scott Lowe@markstos (Disclaimer: former Pulumian here, still a user.) You’re right—Pulumi is far more targeted at cloud provisioning and not server/host configuration.
@scottslowe And is Pulumi usually used in a purely cloud-native way with managed k8s and containers or is often paired with a tool like Ansible to define servers?
viq@markstos @scottslowe in cloud environment there's also the idea of "golden image", which is not unlike containers in that you don't start with a bare Linux that you then do things to, but a ready platform that you just pass secrets to. And you don't reconfigure or upgrade it, but replace the whole VM with a fresh, updated image.
@viq @scottslowe I've used a couple variations of the golden image idea:
1. Creating Amazon AMIs to quickly duplicate a particular server profile
2. Creating our own Ansible "base" role with standardized hardening and configuration and then on top of that other Ansible roles for other kinds of standard server definitions.
The AMI approach would constantly get stale as security updates and standard maintenance was done, so we prefer #Ansible for now, while studying NixOS.
@markstos @scottslowe yeah, you'd need CI constantly building images, and keep rolling them out to your infra. Which is one of ways to do it 🤷
NixOS is kinda similar concept, but it does that to itself without replacing the whole instance.
I somewhat dislike Ansible. It's a pretty decent orchestration system, but not great for configuration management 🤷
NixOS is kinda similar concept, but it does that to itself without replacing the whole instance.
I somewhat dislike Ansible. It's a pretty decent orchestration system, but not great for configuration management 🤷
@viq @scottslowe What are your preferred tool(s) to replace Ansible?
@markstos
I'm a salt fanboi. Mgmt has potential. I think Choria has now configuration management, I need to go look at it One Dayâ„¢.
And, yes, parts of my personal infra are NixOS. Maybe some Talos in a while.
@scottslowe
I'm a salt fanboi. Mgmt has potential. I think Choria has now configuration management, I need to go look at it One Dayâ„¢.
And, yes, parts of my personal infra are NixOS. Maybe some Talos in a while.
@scottslowe
@viq @scottslowe I believe I looked at Salt when I was evaluating Ansible and preferred Ansible for being stateless (no server), but looks like Salt performs better.
That's the first I've heard of Choria.
@markstos
Salt performs better, has more capabilities, is much more pleasant and flexible to work with, and having a constantly connected communications channel allows for very interesting things.
@scottslowe
Salt performs better, has more capabilities, is much more pleasant and flexible to work with, and having a constantly connected communications channel allows for very interesting things.
@scottslowe
@markstos
If you heard of MCollective, Choria is done by the guy whom Puppetlabs bought it from, and then did nothing with.
@scottslowe
If you heard of MCollective, Choria is done by the guy whom Puppetlabs bought it from, and then did nothing with.
@scottslowe