Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Ansible isn't a gold standard for docs. The docs are updated and maintained, but the underlying interfaces aren't consistent and that leaks to the docs. One can only wonder why, maybe different developers with different ideas for conventions without a style guide.

Ansible is a wonderful tool though, if you can excuse these idiosyncrasies.



> Ansible is a wonderful tool though, if you can excuse these idiosyncrasies.

The only advantage Ansible has is how easy it is to start with it - you don't need to deploy agents or even understand a lot about how it works.

Trouble is, it doesn't really scale. It's pretty slow when running against a bunch of machines, and large configurations get unwieldily quickly (be it because of YAML when in large documents its impossible to orient/know what is where/at what level, or because of the structure of playbooks vs roles vs whatever, or because templating a whitespace-as-logic-"language" is just hell). It's also fun to debug "missing X at line A, but the error can be somewhere else". Cool, thanks for the tip.

So it's pretty great to get started with, or at a home lab. Big organisations struggling with it is a bit weird.


I've had the opposite experience. A bit hard to setup, with ssh-agent, inventories and understanding what each module does, and creating specialized roles. So for quick jobs, plain bash with ssh wins most of the time.

But once ansible is set, it's easy to achieve parallelism when provisioning multiple instances.

Problem is that it requires lots of back and forth over ssh, so the more latency you have between the control plane and the target hosts the slower it'll be.

And yeah... Debugging is a pain. I wish I could write ansible in an actual language instead of having to fight multiple layers of indirection with ansible, jinja2 and yaml.


Seems like the right answer is "bootstrap your daemon installs with Ansible and then use something that scales better that runs on those daemons."

What are the best practices along these lines? What's the "something better"?


Curious about this myself!


I tend to use Ansible to set up for Puppet.

There's an Ansible provider for Terraform so you can do the whole thing in there.


Chef is easy to run in solo mode too, but too many people just religiously hate Ruby and the flexibility of imperative configuration. CINC is the debranded libre version.


I found job slicing speeds up jobs dramatically. In a test I did recently it dropped the time from nearly 4 hours, down to 17 minutes, for an inventory of about 4500 hosts.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: