Ansible vs. Terraform vs. Vagrant: What's the difference?

What is Ansible?

Ansible is a Python-based IT system configuration automation tool. It has gained wide acceptance as a network automation system, due in part to its agentless architecture -- it doesn't require the use of an agent to automate the system. Other network automation systems, such as NAPALM, can easily integrate with Ansible, broadening vendor support and increasing its appeal.

Ansible's actions are configured using YAML-formatted files, called playbooks, which network engineers are often more comfortable using than programmatic automation frameworks, such as Nornir. Ansible has a large online community, and many resources are available to learn how to use it. Red Hat provides a commercially supported version called Ansible Tower.

Benefits of Ansible

Advantages of Ansible include the following:

• YAML-formatted playbook files. The human-readable format of a YAML file makes it easier to interpret compared to other programming languages and can easily be converted to other languages -- such as JSON and XML -- for use through other tools.
• Agentless operation. Network administrators typically prefer Ansible's agentless architecture, which simplifies deployment, reduces overhead and increases security.
• Multivendor capability. Because Ansible is open source, it can automate scripts from different platforms, which makes it useful to automate multivendor environments.
• Large community and vendor support. Ansible has a large, active online community of users, which speeds up the development of new processes, quickly identifies bugs and helps maintain the platform's efficiency and relevancy.

Disadvantages of Ansible

Challenges of Ansible include the following:

• Slow speeds. Ansible can be slow to collect a large volume of information.
• Specific use cases. Ansible's functions are tailored more to device-specific configuration.
• Limited UI. As a command-line interface, Ansible's capabilities are limited compared to other network automation tools, which makes it difficult to use to manage advanced, complex environments.

Ansible use cases

Ansible's primary use case is network automation, which means network administrators can use the tool to automate several areas of the network. Areas in which Ansible can help network professionals automate include the following:

• Network configuration management. Ansible enables network administrators to automate repetitive configuration management tasks, such as software deployment and device configuration. Automating network tasks reduces human error and downtime, which helps increase network reliability.
• Preexisting system configuration. Ansible's ability to automate network configuration enables network professionals to automate preexisting system configuration settings in the network, such as routing, switching and device settings.
• Software deployment. Network administrators use Ansible to install software, provision servers, offer continuous delivery and roll out updates. By automating these processes, Ansible enables network professionals to maintain software consistency across the network environment.
• Security and compliance. Network admins can use Ansible to automate security policies to ensure their networks remain in compliance. Furthermore, network pros can also ensure their Ansible playbooks remain in compliance by defining requirements and regularly monitoring and managing playbooks.

What is Terraform?

Terraform is an infrastructure as code (IaC) DevOps tool used to create, maintain and decommission large data center infrastructure. Terraform is a cloud infrastructure management tool that works across multiple cloud providers, which makes it ideal for the full lifecycle of data center infrastructure.

The configurations are specified in the declarative programming language of HashiCorp Configuration Language. The declarative nature of HCL requires practitioners to specify the change they want the code to make. As the configuration changes, Terraform determines the steps to transform an infrastructure into the new desired state.

Terraform doesn't have a GUI. This might be considered a liability, but it isn't. The declarative language is ideal for working in a code repository with version control, which is necessary for IaC. Having too many systems with GUIs could result in a complex maze of screens with choices and dialog boxes that could be accomplished with a few lines of configuration syntax.

Terraform's three-step workflow consists of the following phases:

1. Write. Network administrators write the Terraform configuration. The configuration, written in HCL, should define the desired state of the network and specify the resources.
2. Plan. Based on the written code, Terraform creates a plan for configuring the infrastructure. Here, Terraform can complete one of three actions: create, update or destroy.
3. Apply. On the network administrator's command, Terraform applies the configuration changes to the network.

The plan phase is one of Terraform's most helpful features because it shows the changes that would occur without performing them. It's essentially a test drive of a proposed change. The output enables teams to verify that the changes are what they intended to happen and that the desired end state is achieved.

Benefits of Terraform

Advantages of Terraform include the following:

• Infrastructure provisioning and management. Terraform can configure infrastructure and oversee lifecycle management, independent of a cloud provider.
• Cloud service and resource integration. Terraform can integrate cloud services with external functions, such as email and DNS.
• Visibility. The plan phase provides visibility into changes before applying them.
• Three-step workflow. Terraform's three-step workflow is integral to the tool's functionality. It creates a comprehensive IaC tool that facilitates and helps manage multi-cloud environments.

Disadvantages of Terraform

Challenges of Terraform include the following:

• Steep learning curve. Terraform can be difficult for network administrators without a background in IaC. In addition, HCL can be a barrier to adoption for network professionals who are more familiar with other programming languages, such as YAML.
• Complexity. Terraform is primarily suited to managing large and complex infrastructures, which can be difficult for network administrators to handle. In addition, the state files Terraform uses to track infrastructure can be complicated to manage.
• Troubleshooting challenges. It can be difficult to troubleshoot with Terraform due to the vague error messages that network administrators might find challenging to debug.

Terraform use cases

Although Terraform is primarily a DevOps IaC tool designed for cloud management and infrastructure provisioning, network administrators can use Terraform to support networking-specific applications and other automation tasks. Examples of Terraform use cases for network teams include the following:

• Software-defined networking. Terraform can work together with software-defined networks to automate configuration changes depending on the network's requirements.
• Multi-cloud environment management. Terraform's three-step workflow facilitates multi-cloud provisioning and management by providing a comprehensive and unified approach to manage resources across various cloud providers.
• Kubernetes deployment. Terraform's unified workflow and lifecycle management capabilities make it useful to deploy containerized applications with Kubernetes because administrators can provision apps from a centralized platform.
• Consistent environments. Terraform helps administrators with multiple environments ensure their configurations have the same level of uniformity.
• Infrastructure provisioning. Terraform can automate changes in larger infrastructures that contain multiple components.

What is Vagrant?

Vagrant is an open source platform used to deploy, manage and automate VM environments. Vagrant, also from HashiCorp, is primarily used to replicate a development environment among multiple developers who need to guarantee consistency. This is particularly important to ensure consistency in software library versions, environment variables and dependency versions.

Vagrant can incorporate other automation tools, such as Ansible, Puppet or Chef, to perform specific VM configuration tasks. Developers specify the software version and elements they want in the environment, and Vagrant performs the actions necessary to create a VM with that configuration. Other developers can use the same Vagrant configuration file to replicate the VM quickly.

Development environment consistency is critical for eliminating bugs related to differences between each software developer's environment. Vagrant is also valuable for quickly and consistently instantiating software test systems, which enables developers to easily fire up test systems when checking new features and bug fixes.

Benefits of Vagrant

Advantages of Vagrant include the following:

• Simplified development environments. Vagrant makes it easy for teams to configure and deploy standard environments for development and testing. This is especially useful to create consistent environments quickly and easily for testing without compromising the production environment.

• VM management. Although most administrators use Vagrant for development environments, Vagrant can also be used as a general VM management tool. Vagrant can abstract VMs, which enables administrators to create a consistent, exact replication of the environments they plan to reproduce.
• Widely used. Many software development organizations have adopted Vagrant, which makes it easier for teams to pick up. In addition, the breadth of information available on Vagrant, through official documentation or online communities, provides network admins with more support for the tool.
• Community resources. Because Vagrant is so commonly used, teams can also access a wide selection of resources made available online by community members.

Disadvantages of Vagrant

Challenges of Vagrant include the following:

• Unable to implement changes. Although Vagrant can show what changes would look like in a production environment, it's not designed to handle infrastructure changes.
• High resource consumption. Because Vagrant provisions multiple VMs -- which are resource-intensive -- it uses a large amount of memory and CPU, which increases complexity.
• Slower performance. Vagrant's resource-intensive nature means the platform also offers lower performance compared to other configuration management tools.

Vagrant use cases

Vagrant is primarily a DevOps tool for software testing and development, and it's most often used to create consistent development and testing VM environments. However, network admins can also take advantage of its capabilities and use it to help with networking-specific applications and purposes. Use cases for Vagrant include the following:

• Abstraction. Network administrators can use Vagrant to create abstractions and manage configurations, where they can test network connectivity options, such as connecting to a public network or creating a private network.
• Network simulation. Network administrators can use Vagrant to simulate a network to test network design changes or other changes to the network configuration.
• Interface management. Network admins can use Vagrant to configure network interfaces as either static or dynamic using Dynamic Host Configuration Protocol.

Choose between Ansible, Terraform and Vagrant

Ansible, Terraform and Vagrant each perform automation in some way, but their functionality is decidedly different. A single organization could likely use all three tools: Ansible for network configuration management, Terraform to manage cloud infrastructure across one or more cloud providers, and Vagrant for software development and test platform standardization.

As always, it is best to select the tool that matches your business requirements.

Editor's note: This article was originally written by Terry Slattery and expanded by Deanna Darah to add comparison information about the tools.

Terry Slattery is an independent consultant who specializes in network management and network automation. He founded Netcordia and invented NetMRI, a network analysis appliance that provides visibility into the issues and complexity of modern router- and switch-based IP networks.

Deanna Darah is site editor for Informa TechTarget's SearchNetworking site.