Ansible can very easily, and often does, end up in situations where two runs of the same playbook both have drastically different results. roles/playbooks slowly become Bash scripts written in a YAML layer parsed as a Jinja2 template.. and the project turns into a mess of many layers of indirection.
it attempts to and encourages declarative configuration, but is very hard to keep that way. it is difficult and requires determination to make Terraform do something in a non-declarative fashion.
the end result is that when I look at a Terraform configuration I can very easily tell what is going on, because the end result is exactly what I read. where with Ansible, it very much depends on understanding the current state of the server you are about to run this playbook on, and you just have to cross your fingers and hope for the best.
I have many Ansible roles that I trust to do the right thing over and over again. Though, I never use bash for scripting, and when I do shell out in Ansible I keep it extremely simple and always use a `when` or `creates` condition to keep it idempotent.
following best practices with C will get you code without memory leaks or overflow errors, yet here we are in 2019 still routinely dealing with those in mission critical software written by people who understand what they are doing.
Terraform is a tool designed to overcome the problems that "best practices" will supposedly prevent you from introducing in your Ansible playbook.
don't get me wrong. Ansible is a wonderful tool for certain applications (configuration management). I would just never use it to spin up infrastructure again.
it attempts to and encourages declarative configuration, but is very hard to keep that way. it is difficult and requires determination to make Terraform do something in a non-declarative fashion.
the end result is that when I look at a Terraform configuration I can very easily tell what is going on, because the end result is exactly what I read. where with Ansible, it very much depends on understanding the current state of the server you are about to run this playbook on, and you just have to cross your fingers and hope for the best.