Hacker News new | past | comments | ask | show | jobs | submit login

The problem we have with ansible is not yaml related but the push based approach, even with awx/tower as soon as you’re running hundreds of machines of a given group it gets painful.

We are actually seriously considering a shift to salt atm...




The push versus pull difference between ansible versus salt is a worthwhile design choice. In my opinion, salt does start to make sense until about when you would outgrow ansible. That said having to replace all the playbooks and. Roles written in ansible.when you outgrow it is a bummer. I don't want ansible to move away from push, but it would be nice if there was a layer to let it work both ways.



likewise salt also has a way to push via salt-ssh which works just like ansible without a salt-minion.

so at this point both ansible and salt can go both directions, and i do infact myself make use of that. i use pull/minions on all servers in our network, and push to those servers outside our network, because they can't reach the master behind the firewall.

although zerotier has helped solve that problem, so i'll probably be able to stop using salt-ssh soon


There is this too:

https://docs.saltstack.com/en/latest/ref/modules/all/salt.mo...

You can reuse all the playbooks and start scaling with salt.


salt does start to make sense until about when you would outgrow ansible.

i read that as: by the time ylu outgrow ansible, salt doesn't make sense either. but the next sentence seems to suggests to switch to salt when you outgrow ansible.

i always assumed that ansible and salt solve the same problems and when you outgrow one, you'd outgrow the other too.


There was some talk about Salt not being very active as a community, I guess, that changed during the last 1-2 years? Ansible can be a lot faster/ efficient with Mitogen https://mitogen.networkgenomics.com/

E.g. seznam.cz (a Czech search engine) migrated from Salt to Ansible, they seem to cope ok. (There is a PDF from the LinuxDays talk last year.) Google Docs can translate PDFs even from Czech into English: https://pretalx.linuxdays.cz/media/Ansible.pdf


Salt states can very quickly/easily become unweildy as, unlike Ansibble, you can throw Jinja2 everywhere. It becomes far more tempting to create multiple states with a Jinja2 loop, or worse, macros, and before you know it you have a huge mess of what I like to call "spaghetti Jinja".

Templated YAML really isn't pretty to work with.


I can definitely recommend Salt. Has its bugs/warts like any other config management system. But it works fairly well/is extensible for the most part.


I like salt - doing 30s deploys on prod for python changes was great -- the big slowdown with pushing the entire site was frontend webpack builds...


I actually like this about it though? There are advantages and disadvantages to both approaches.


Have you looked into ansible pull mode?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: