Chef, Puppet or Ansible: easy server configuration management for infrastructure at any scale

With the increasing number of physical and virtual servers available for workloads, comes increasingly complex server management. Servers are grouped per workload and are deployed on local virtualisation infrastructure or in remote datacenters. No matter the size of your infrastructure, automation and orchestration generally make life easier. With these open source automation tools, server configuration can be written once, and servers can be deployed automatically. Which tool you need, depends on your requirements and your current environment.

Puppet: slower, but most widely used and support for multiple OSes

  • currently the most widely used tool in the industry, so it has the most community support. Puppet Labs provides paid enterprise support.
  • runs on Red Hat Enterprise Linux, CentOS, Debian, Ubuntu, Fedora, BSD, MacOS, Windows and others. Here's the full list.
  • uses its own "easy" syntax, the Puppet DSL or Domain Specific Language. Custom Ruby modules can be used too.
  • extensive reporting capabilities
  • large library of existing modules in the Puppet Forge. Modules are of mixed quality due to many changes to Puppet the past years.
  • web user interface is only available in the enterprise version
  • simple architecture: Puppet server and Puppet agents
  • slower performance
 

Chef: complex, but fast and powerful

  • extensive Ruby syntax for configuration "recipes": this brings a higher learning curve, but more power
  • web user interface is standard and free
  • architecture is more complex: you need a Chef server, Chef agents and a Chef workstation for configuration and management
  • large library of existing recipes of mixed quality
  • simple cross-platform and self-contained installation procedure
  • faster performance
 

Ansible: no Windows support but very easy, fast and light-weight

  • Ansible is Python-based
  • youngest of these three technologies, hence with the smallest community
  • works without agents, but has many python dependencies once you start with complex operations
  • simple architecture: all you need is an Ansible workstation and ssh servers. No agents and no server, but you have Python dependencies on client machines.
  • web user interface available, but with limited features since it's developed separately from the main project.
  • scripts and modules can be built in any language, a limited library is provided
  • no Windows support
  • easiest syntax and lowest learning curve
 

Ultimately, picking your favorite tool is somewhat like picking your favorite food. You need to try a few and see how they work for you. Picking one that is secure and reliable, and with a language that you can get along with is important. We have worked with all of them, so let us know if we can help.