From f8dc80027feefce3170f9a56e85e34e4b4fa0edc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arnaud=20Pr=C3=A9mel-Cabic?= Date: Mon, 1 Jun 2026 10:37:33 +0200 Subject: [PATCH] feat: add speaker notes to all 40 slides Co-Authored-By: Claude Opus 4.8 (1M context) --- index.html | 270 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 270 insertions(+) diff --git a/index.html b/index.html index 0a1a032..0e215b3 100644 --- a/index.html +++ b/index.html @@ -129,6 +129,13 @@ Terraform Terraform
— What's the difference and when to use what? —

FinistDevs · 2026

+ @@ -136,18 +143,37 @@

Arnaud Prémel-Cabic

Tech Lead @ OVHCloud

arnaud.premel-cabic@ovhcloud.com

+

"It works on my server."

Why doesn't it work here when it works everywhere else?

+

You have a server. It works.

Great.

+ @@ -179,6 +205,12 @@
  • 10 manual edits
  • 10 chances to make a mistake
    • + @@ -269,6 +301,13 @@
  • Some 2 years old. Some a few months. Some brand new.
  • None of them are exactly alike.
    • + @@ -404,6 +443,13 @@

    Unique. Unreproducible. Undocumented.

    Welcome to Snowflake Hell.

    + This is fine @@ -418,6 +464,13 @@
  • Can't scale reliably
  • Can't onboard a new server without fear
    • + @@ -483,12 +536,26 @@ *Like this presentation 🤖 +

    Configuration as Code

    Machine-readable files. Version-controlled. Automated.

    + @@ -536,12 +603,25 @@ Terraform Terraform

    Each solves a different problem.

    +

    Terraform

    Start here. Before you configure a server, you need to have one.

    +
    @@ -554,12 +634,24 @@
  • Written in Go
  • BSL license since 2023 (was MPL)
    • +

    HCL: HashiCorp Configuration Language

    Declarative, human-readable — pure JSON works too.

    +
    @@ -571,6 +663,13 @@
  • terraform apply — create or update resources
  • terraform destroy — tear everything down
    • + @@ -630,6 +729,13 @@
  • May contain sensitive values: credentials, tokens, secrets

    • Handle with care.

    + @@ -700,6 +806,13 @@
  • Not just cloud — DNS, monitoring, CI/CD, anything with an API

    • If it has an API, there's a Terraform provider for it.

    + @@ -727,6 +840,13 @@ resource "ovh_domain_zone_record" "web" { target = openstack_compute_instance_v2.web.access_ip_v4 } + @@ -753,6 +873,13 @@ ovh_domain_zone_record.web: Creation complete after 3s [id=456] Apply complete! Resources: 2 added, 0 changed, 0 destroyed. + @@ -763,6 +890,13 @@ Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
  • The community responded: OpenTofu, by the OpenTF Foundation

    • Drop-in replacement. Fully compatible. Community-driven.

    + @@ -774,12 +908,25 @@ Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
  • Atlantis — open-source, plan & apply from pull requests
  • env0, Scalr — SaaS with policy & cost management
    • +

    Ansible

    Your servers are provisioned. Now make them do something.

    +
    @@ -792,6 +939,12 @@ Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
  • Acquired by Red Hat in 2015
  • Written in Python — Apache 2.0 license
    • + @@ -802,6 +955,13 @@ Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
  • Nothing to install on target servers — just Python + SSH
  • Idempotent modules — same playbook runs safely again and again
    • + @@ -865,6 +1025,13 @@ Apply complete! Resources: 2 added, 0 changed, 0 destroyed. name: nginx state: restarted + + @@ -890,6 +1057,13 @@ changed: [finistdevs-web] PLAY RECAP ******************************************************************** finistdevs-web : ok=4 changed=3 unreachable=0 failed=0 skipped=0 + @@ -901,6 +1075,13 @@ finistdevs-web : ok=4 changed=3 unreachable=0 failed=0 skipped=0
  • Run a compliance audit across your whole fleet

    • The go-to tool for one-off tasks and recurring operations.

    + @@ -911,6 +1092,13 @@ finistdevs-web : ok=4 changed=3 unreachable=0 failed=0 skipped=0
  • Don't write a playbook to install Docker from scratch — someone already did

    • Just ansible-galaxy install geerlingguy.docker.

    + @@ -922,12 +1110,25 @@ finistdevs-web : ok=4 changed=3 unreachable=0 failed=0 skipped=0
  • Semaphore — lightweight open-source alternative

    • Core engine remains Apache 2.0 — truly open-source.

    +

    Puppet

    Your servers are configured. Now keep them that way.

    +
    @@ -940,6 +1141,12 @@ finistdevs-web : ok=4 changed=3 unreachable=0 failed=0 skipped=0
  • Puppet Inc. acquired by Perforce in 2022
  • Written in Ruby and Clojure
    • + @@ -950,6 +1157,13 @@ finistdevs-web : ok=4 changed=3 unreachable=0 failed=0 skipped=0
  • Compiles a catalog and enforces it locally

    • Drift is corrected automatically.

    + @@ -1007,6 +1221,13 @@ class webserver { } } + + @@ -1027,6 +1248,13 @@ Notice: /Stage[main]/Webserver/Service[nginx]/ensure: started Notice: Applied catalog in 12.34 seconds + @@ -1037,6 +1265,13 @@ Notice: Applied catalog in 12.34 seconds
  • Continuous compliance — not just at deploy time. Every. 30. Minutes.
  • No manual remediation
    • + @@ -1079,6 +1314,13 @@ Notice: Applied catalog in 12.34 seconds
  • Fewer SaaS options than Terraform or Ansible

    • Puppet Enterprise and Foreman are self-hosted. No managed cloud offering.

    + @@ -1089,12 +1331,26 @@ Notice: Applied catalog in 12.34 seconds
  • OpenVox — an emerging open-source fork of the Puppet core

    • The community is strong, with or without Puppet Inc.

    +

    They're not competing. They're complementary.

    Each solves a different layer of the same problem.

    + @@ -1131,6 +1387,13 @@ Notice: Applied catalog in 12.34 seconds
  • Ansible configures it and deploys the app
  • Puppet continuously enforces compliance
    • +
    @@ -1142,6 +1405,13 @@ Notice: Applied catalog in 12.34 seconds Slides: ministicraft.pages.git.cloud.arnaud-pc.fr/finistdev-configuration-as-code/

    🤖 Made with Claude & GitHub Copilot

    +