diff --git a/index.html b/index.html index 69bfc34..930b510 100644 --- a/index.html +++ b/index.html @@ -526,54 +526,73 @@
-

HCL: HashiCorp Configuration Language.

-

Declarative, human-readable — and pure JSON works too.
- terraform plan previews  ·  terraform apply creates  ·  terraform destroy removes.

- +

HCL: HashiCorp Configuration Language

+

Declarative, human-readable — pure JSON works too.

+ + - - + + + - - - - HCL Code - - - + HCL Code + + + + + - plan - - - + plan + + + + + + + + review + + + + + - apply - - - + apply + + + + + - Resources - WRITE → PLAN → APPLY + Resources

Terraform remembers what it built.

-

The .tfstate file maps code to real-world resources. Store it remotely.
- Depending on what you manage, it can contain plaintext sensitive values — credentials, tokens, secrets.
- Handle it with care. Don't feed it to your LLM.

+ +

Handle it with care. Don't feed it to your LLM.

@@ -639,9 +658,11 @@

One tool. Every API.

-

1000+ providers: AWS, GCP, Azure, Cloudflare, GitHub, Kubernetes…
- Not just cloud — manage GitHub teams, Datadog monitors, PagerDuty schedules, DNS records.
- If it has an API, there's a Terraform provider for it.

+ +

If it has an API, there's a Terraform provider for it.

@@ -674,9 +695,11 @@ resource "ovh_domain_zone_record" "web" {

In 2023, HashiCorp changed Terraform's license.

-

BSL instead of MPL — no longer truly open-source.
- The community responded: OpenTofu, by the OpenTF Foundation, is the open-source fork.
- Drop-in replacement. Fully compatible. Community-driven.

+ +

Drop-in replacement. Fully compatible. Community-driven.

@@ -699,9 +722,11 @@ resource "ovh_domain_zone_record" "web" {

Push, not pull. SSH, not agents.

-

YAML playbooks run tasks in order, across any number of hosts.
- No daemon. No certificate authority. Just Python + SSH.
- Idempotent modules ensure the same playbook can run safely again and again.

+ @@ -770,16 +795,22 @@ resource "ovh_domain_zone_record" "web" {

Not just configuration. Operations.

-

Patch 200 servers tonight. Roll out a kernel upgrade with a canary strategy. Run a compliance audit across your whole fleet.
- Ansible is the tool you reach for when you need to do something — once, or every week.

+ +

Ansible is the tool you reach for when you need to do something — once, or every week.

The community does the heavy lifting.

-

Ansible Galaxy — 10,000+ ready-made roles and collections.
- Don't write a playbook to install Docker from scratch. Someone already did.
- Just ansible-galaxy install geerlingguy.docker.

+ +

Just ansible-galaxy install geerlingguy.docker.

@@ -802,8 +833,11 @@ resource "ovh_domain_zone_record" "web" {

Pull, not push. Agents, not SSH.

-

Every 30 minutes, each puppet-agent polls the Puppet Server, compiles a catalog, and enforces it.
- Drift is corrected automatically — without anyone lifting a finger.

+ +

Drift is corrected automatically — without anyone lifting a finger.

@@ -866,9 +900,11 @@ class webserver {

Someone SSH'd in and changed something.

-

Puppet noticed. Puppet fixed it.
- Continuous compliance — not just at deploy time. Every. 30. Minutes.
- No more gardening your servers by hand.

+ @@ -905,18 +941,22 @@ class webserver {

Puppet is for large fleets that can't afford drift.

-

Continuous compliance, auditability, and guaranteed state — at scale.
- Best suited for enterprises with hundreds or thousands of long-lived servers.
- Fewer friendly SaaS options than Terraform or Ansible.
- Puppet Enterprise and Foreman are self-hosted. No managed cloud offering.

+ +

Puppet Enterprise and Foreman are self-hosted. No managed cloud offering.

The ecosystem outlives the company.

-

Vox Pupuli — 100+ open-source Puppet modules, community-maintained.
- OpenVox — an emerging open-source fork of the Puppet core.
- The community is strong, with or without Puppet Inc.

+ +

The community is strong, with or without Puppet Inc.