Starting to post about AWS and CloudFormation


I usually run my own infrastructure so I never really played with AWS until now.
I mean I used the free tier a few times but never passed that stage.
The Cloud system/orchestration/whatever I'm most familiar with is OpenStack.
Having said that let's get to the meat of this post.

I have been written CloudFormation templates for medium size environments like this ones:

  • 1 VPC spawning in 2 AZs
  • Between 1 and 3 ELB and AutoScale Groups
  • A bunch of standalone EC2 instances
  • RDS
  • ElastiCache
  • SecurityGroups
  • CloudFront
  • Between 1 and 3 Route53 zones

As writing templates by hand sucks and ideally I would like to reuse the templates with other Clouds I tried other alternatives like:

  • Ansible
  • Terraform

Of those 2 I liked more Ansible, even if it does not appear to be the right tool for the job it has support to handle AWS and create resources on it Terraform on the other hand has been designed to do this tasks on a variety of platforms like OpenStack, AWS, VMWare (I think), etc.

I set on CloudFormation for a couple of reasons

Ansible:

  • Ansible is super cool, especially if you are going to provision Linux instances, its a pleasure to continue the provisioning of the instance from the same tool as you provision the infrastructure
  • YAML (Ansible) syntax is a lot nicer than JSON (CloudFormation)
  • Is hard to develop Ansible playbooks if you are not running Linux. OK, I know Windows people can do it but is not as simple as for Linux people.
  • There is no rollback capability included if an update fails
  • There are not modules for everything

Terraform

  • It can deploy changes to the infrastructure, but it does the other way around than CloudFormation , it destroy the old resources first then create new resources :(
  • You need to keep an state file, if you're working with a team this instantly becomes a pain point
  • I liked the syntax more than CloudFormation

About CloudFormation Templates

  • JSON is ugly but is well supported by many editors
  • VisualCode is great for Windows developers, it runs on Linux too
  • vim-json is great to write JSON in Vim, I can only say nice things about it Add this to your ~.vimrc to mark files .template as json

    au! BufRead,BufNewFile *.template set filetype=json

  • I passed my first templates for underscore-cli to make them Tidy, the end result was awful, I had to beg to get them reviewed by my teammates

  • Keep them tidy by yourself, your $EDITOR may help you a lot if you spend some time configuring it

The main problems I faced were the state file and the destruction of resources (Terraform) and the feeling I had all the time I spend with Ansible that it wasn't the right tool, that feeling ultimately made it difficult for me to "sell" it to my teammates.

I have a rant post about CloudFormation coming, but now is time to sleep...

2018 EDIT: I use Terraform now :) and I don't want ever to go back to CloudFormation.
I'm saving the state in S3 which is great, Terraform still destroys first old resources but I don't mind