Infrastructure as code

Last Updated: 2023-01-08

A.k.a. DevOps config tools.

Exists even before the container era (i.e. work for bare metal machines and sVMs).

2 primary use cases: Provisioning and Config management.


  • HashiCorp / Terraform
  • AWS CloudFormation
  • Microsoft Azure ARM (Azure Resource Manager)
  • Google Cloud (Resource Manager)

Configuration management:

  • Google Anthos Config Management - Config Sync

Most popular tools :

  • Ansible (has the largest market share, owned by Redhat)
  • Chef
  • Puppet


The key difference / advantage is agent-less.

It also has a strong focus on security and reliability, featuring a minimum of moving parts, usage of OpenSSH for transport (with other transports and pull modes as alternatives), and a language that is designed around auditability by humans–even those not familiar with the program.

Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.

Ansible can be used to manage bare metal machines: configuring the machines, installing packages, and Kubernetes components.

Key features:

  • Agentless: SSH protocol is used to connect to servers and work on them instead of external agents; (Chef and Puppet follow master-agent or master-slave architecture.)
  • Idempotent: same operations provide the same result as many times as they are carried out;
  • Easy and expandable: Ansible is written in Python and uses YAML to write the commands. (Chef and Puppet use Ruby DSL.)