AWS CloudFormation vs Ansible vs Kubernetes

Our whole DevOps stack consists of the following tools:

• @{GitHub}|tool:27| (incl. @{GitHub Pages}|tool:683|/@{Markdown}|tool:1147| for Documentation, GettingStarted and HowTo's) for collaborative review and code management tool
• Respectively @{Git}|tool:1046| as revision control system
• @{SourceTree}|tool:1599| as @{Git}|tool:1046| GUI
• @{Visual Studio Code}|tool:4202| as IDE
• @{CircleCI}|tool:190| for continuous integration (automatize development process)
• @{Prettier}|tool:7035| / @{TSLint}|tool:5561| / @{ESLint}|tool:3337| as code linter
• @{SonarQube}|tool:2638| as quality gate
• @{Docker}|tool:586| as container management (incl. @{Docker Compose}|tool:3136| for multi-container application management)
• @{VirtualBox}|tool:774| for operating system simulation tests
• @{Kubernetes}|tool:1885| as cluster management for docker containers
• @{Heroku}|tool:133| for deploying in test environments
• @{nginx}|tool:1052| as web server (preferably used as facade server in production environment)
• @{SSLMate}|tool:2752| (using @{OpenSSL}|tool:3091|) for certificate management
• @{Amazon EC2}|tool:18| (incl. @{Amazon S3}|tool:25|) for deploying in stage (production-like) and production environments
• @{PostgreSQL}|tool:1028| as preferred database system
• @{Redis}|tool:1031| as preferred in-memory database/store (great for caching)

The main reason we have chosen Kubernetes over Docker Swarm is related to the following artifacts:

• Key features: Easy and flexible installation, Clear dashboard, Great scaling operations, Monitoring is an integral part, Great load balancing concepts, Monitors the condition and ensures compensation in the event of failure.
• Applications: An application can be deployed using a combination of pods, deployments, and services (or micro-services).
• Functionality: Kubernetes as a complex installation and setup process, but it not as limited as Docker Swarm.
• Monitoring: It supports multiple versions of logging and monitoring when the services are deployed within the cluster (Elasticsearch/Kibana (ELK), Heapster/Grafana, Sysdig cloud integration).
• Scalability: All-in-one framework for distributed systems.
• Other Benefits: Kubernetes is backed by the Cloud Native Computing Foundation (CNCF), huge community among container orchestration tools, it is an open source and modular tool that works with any OS.

I personally am not a huge fan of vendor lock in for multiple reasons:

• I've seen cost saving moves to the cloud end up costing a fortune and trapping companies due to over utilization of cloud specific features.
• I've seen S3 failures nearly take down half the internet.
• I've seen companies get stuck in the cloud because they aren't built cloud agnostic.

I choose to use terraform for my cloud provisioning for these reasons:

• It's cloud agnostic so I can use it no matter where I am.
• It isn't difficult to use and uses a relatively easy to read language.
• It tests infrastructure before running it, and enables me to see and keep changes up to date.
• It runs from the same CLI I do most of my CM work from.

Because Pulumi uses real programming languages, you can actually write abstractions for your infrastructure code, which is incredibly empowering. You still 'describe' your desired state, but by having a programming language at your fingers, you can factor out patterns, and package it up for easier consumption.