Idea #21880
Updated by Peter Amstutz 6 months ago
The current stack of installer.sh + provision.sh + salt + stacks/pillars/formulas increasingly feels over complicated and brittle, in part due to concerns the the salt ecosystem doesn't really seem to be keeping up.
To start the discussion, here's a sketch:
* Run Terraform and capture the output state such that it can be used directly as input to Ansible
** Ideally the description of resources is somewhat independent of infrastructure and could be written by hand for fixed on-premises resources as well
** We want to tag resources with roles at this point
** Perhaps other cluster configuration could be declared as constants that pass from input to output, so we get one output state that has everything required to deploy the cluster?
* Run Ansible on the output state produced by Terraform
** Goes through each role and configures the machines that have that role by writing config files and installing packages
* When installation is done, also runs diagnostics automatically
FWIW, it seems integration can go various ways
* Terraform runs Ansible - https://github.com/ansible/terraform-provider-ansible
* Ansible runs Terraform
* Manually run Terraform and then Ansible
* Orchestrate them from a 3rd tool or script
(my feeling about the last two is "ugh" but included for completeness)
Also, since Terraform is under a "Business Software License" we should plan on migrating to OpenTofu https://opentofu.org/