Advantages of a deployment tool such as Ansible over shell

Jimmy picture Jimmy · Oct 31, 2013 · Viewed 7.4k times · Source

Currently I have all of my deployment scripts in shell, which installs about 10 programs and configures them. The way I see it shell is a fantastic tool for this:

Modular: Only one program per script, this way I can spread the programs across different servers.

Simple: Shell scripts are extremely simple and don't need any other software installed.

One-click: I only have to run the shell script once and everything is setup.

Agnostic: Most programmers can figure out shell and don't need to know how to use a specific program.

Versioning: Since my code is on GitHub a simple Git pull and restart all of supervisor will run my latest code.

With all of these advantages, why is it people are constantly telling me to use a tool such as Ansible or Chef, and not to use shell?

Answer

Faiz picture Faiz · Oct 31, 2013

Shell scripts aren't that bad, if you've got them working like you need to.

People recommend other tools (such as CFEngine, Puppet, Chef, Ansible, and whatever else) for various reasons, some of which are:

  1. The same set of reasons why people use tools like make instead of implementing build systems with scripts.
  2. Idempotency: The quality whereby the took ensures that it can be safely re-run any number of times, and at each run it will either come to the desired state, or remain there, or at least move closer to it in a //convergent// manner.

    Sure, you can write scripts so that the end results are idempotent:

     # Crude example
     grep myhost /etc/hosts || echo '1.2.3.4  myhost' >> /etc/hosts 
    

    But it's a lot nicer with idempotent tools.

  3. Shell scripts are imperative. Tools such as Chef/Ansible/Puppet are declarative. In general, declarative leads to better productivity given some threshold of scale.

  4. The DSL's take away some power but then they give you order, cleanliness and other kinds of power. I love shell scripting, but I love Ruby too, and the Puppet people love their language! If you still think shell is the way to go because you like it more, hey, you don't have a problem then.

  5. [ADDED] Re-distributable, re-usable packages. Ruby has gems, Perl has CPAN, Node has npm, Java has maven - and all languages these have their own conventions of how reusable source code must be packaged and shared with the world.

    Shell Scripts don't.

    Chef has cookbooks that follow conventions and can be imported much the same way you import a gem into your ruby application to give your application some new ability. Puppet has puppetforge and it's modules, Juju has charms (they are pretty close to shell scripts so you might be interested).

  6. The tools have actually helped them! I was a die-hard shell scripter, and still am, but using Chef lets me go home earlier, get a good night's sleep, stay in control, be portable across OS's, avoid confusion - tangible benefits I experienced after giving up large-scale server shell-scripting.