I usually run my own infrastructure so I never really played with AWS until now. I mean I used the free tier a few times but rarely passed that stage. The Cloud system/orchestration/whatever I'm most familiar with is by far OpenStack. Having said that let's get to the bone of this post.

I have been written CloudFormation templates for medium size environments like as follows

  • 1 VPC spawning in 2 AZs
  • Between 1 and 3 ELB and AutoScale Groups
  • A bunch of standalone EC2 instances
  • RDS
  • ElastiCache
  • SecurityGroups
  • CloudFront
  • Between 1 and 3 Route53 zones

As writing templates by hand sucks and ideally I would like to reuse the templates with other Clouds I tried other alternatives like:

  • Ansible
  • Terraform

Of those 2 I liked more Ansible, even if it does not appear to be the right tool for the job it has suport to handle AWS and create resources on it Terraform on the other hand has been designed to do this tasks on a variety of platforms like OpenStack, AWS, VMWare (I think), etc.

Finally I set on CloudFormation for a couple of reasons

This is what I have to say about Ansible

  • Ansible is super cool, especially if you are going to provision Linux instances, its a pleasure to continue the provisioning of the instance from the same tool as you provision the infrastructure
  • YAML (Ansible) syntax is a lot nicer than JSON (CloudFormation)
  • Is hard to develop Ansible playbooks if you are not running Linux. OK, I know Windows people can do it but is not as simple as for Linux people.
  • There is no rollback capability included if an update fails
  • There are not modules for everything

And about Terraform

  • It can deploy changes to the infraestructure, but it does the other way around than CloudFormation , it destroy the old resources first then create new resources :(
  • You need to keep an state file, if you're working with a team this instantly becomes a pain point
  • I liked the syntax more than CloudFormation

About CloudFormation Templates

  • JSON is ugly but is well supported by many editors
  • VisualCode is great for Windows developers, it runs on Linux too
  • vim-json is great to write JSON in Vim, I can only say nice things about it Add this to your ~.vimrc to mark files .template as json

    au! BufRead,BufNewFile *.json set filetype=json " Probably not necessary but won't hurt.

    au! BufRead,BufNewFile *.template set filetype=json

  • I passed my first templates for underscore to make them Tidy, the end result was awful, I had to beg to get them reviewed by my teammates

  • Keep them tidy by yourself, your $EDITOR may help you a lot if you spend some time configuring it

The main problems I faced were the state file and the destruction of resources (Terraform) and the feeling I had all the time I spend with Ansible that it wasn't the right tool, that feeling ultimatelly made it dificult for me to "sell" it to my teammates.

I have a rant post about CloudFormation coming, but now is time to sleep...