Tech Lead @ OVHCloud
arnaud.premel-cabic@ovhcloud.com
Or: why doesn't it work here, when it works everywhere else?
Great.
@@ -169,7 +169,7 @@Still manageable… but every small change means 10 SSH sessions, 10 vim edits, 10 chances to make a mistake.
@@ -256,7 +256,7 @@Some 2 years old. Some a couple of months. Some freshly provisioned.
None of them are exactly alike.
Welcome to Snowflake Hell.
@@ -400,7 +400,7 @@ style="height:220px; margin-top:0.5em; border-radius:6px;">Prod breaks on a Tuesday. You can't reproduce the bug locally. You can't scale reliably. You can't onboard a new server without fear.
@@ -440,7 +440,7 @@Yes, even your AI assistant can write it*. But you still need to understand what it deploys.
@@ -471,7 +471,7 @@ *Like this presentation 🤖Managing infrastructure through machine-readable files, stored in version control.
@@ -513,7 +513,7 @@Puppet · Ansible · Terraform — each fights a different battle.
@@ -693,7 +693,33 @@ resource "ovh_domain_zone_record" "web" {$ terminal
+
+$ terraform init
+Initializing provider plugins...
+- Finding terraform-provider-openstack/openstack versions matching "~> 3.0"...
+- Finding ovh/ovh versions matching "~> 1.0"...
+- Installing terraform-provider-openstack/openstack v3.0.0...
+- Installing ovh/ovh v1.3.0...
+Terraform has been successfully initialized!
+
+$ terraform plan
+openstack_compute_instance_v2.web: Refreshing state...
+Plan: 2 to add, 0 to change, 0 to destroy.
+
+$ terraform apply
+openstack_compute_instance_v2.web: Creating...
+openstack_compute_instance_v2.web: Creation complete after 45s [id=abc-123]
+ovh_domain_zone_record.web: Creating...
+ovh_domain_zone_record.web: Creation complete after 3s [id=456]
+
+Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
+ Drop-in replacement. Fully compatible. Community-driven.
@@ -714,13 +740,13 @@ resource "ovh_domain_zone_record" "web" {
Your servers are provisioned. Now make them do something.
# playbook/webserver.yml
@@ -793,7 +819,32 @@ resource "ovh_domain_zone_record" "web" {
$ terminal
+
+$ ansible-playbook -i inventory playbook/webserver.yml
+
+PLAY [Configure web server] ***************************************************
+
+TASK [Gathering Facts] ********************************************************
+ok: [finistdevs-web]
+
+TASK [Install nginx] **********************************************************
+changed: [finistdevs-web]
+
+TASK [Deploy nginx config] ****************************************************
+changed: [finistdevs-web]
+
+RUNNING HANDLER [Restart nginx] ***********************************************
+changed: [finistdevs-web]
+
+PLAY RECAP ********************************************************************
+finistdevs-web : ok=4 changed=3 unreachable=0 failed=0 skipped=0
+ Ansible is the tool you reach for when you need to do something — once, or every week.
Just ansible-galaxy install geerlingguy.docker.
@@ -825,13 +876,13 @@ resource "ovh_domain_zone_record" "web" {
Your servers are configured. Now keep them that way.
# manifests/webserver.pp
@@ -898,7 +949,27 @@ class webserver {
$ terminal
+
+$ puppet agent -t
+Info: Using environment 'production'
+Info: Retrieving pluginfacts
+Info: Caching catalog for finistdevs-web.example.com
+Info: Applying configuration version '1713052408'
+
+Notice: /Stage[main]/Webserver/Package[nginx]/ensure: created
+Notice: /Stage[main]/Webserver/File[/etc/nginx/nginx.conf]/content:
+ --- /etc/nginx/nginx.conf
+ +++ /tmp/puppet-file20260413
+Notice: /Stage[main]/Webserver/Service[nginx]/ensure: started
+
+Notice: Applied catalog in 12.34 seconds
+ Puppet Enterprise and Foreman are self-hosted. No managed cloud offering.
The community is strong, with or without Puppet Inc.
Each one solves a different layer of the same problem.
@@ -997,7 +1068,7 @@ class webserver {