In the world of IT, where more and more companies are migrating to the Cloud and expanding at global scales, configuration management (CM) tools have emerged as a critical part of any system deployment.
Designed to automate the configuration and maintenance of multiple networked systems, CM tools can help companies use recipes, playbooks, templates and other tools to simplify automation and coordination across an IT environment to provide a seamless deployment.
Companies looking to choose a CM solution should consider the following:
- The tool model – Some require a master-client model, which uses a central control point to communicate with distributed machines. Others operate on a local level with a server-based host.
- Environment – Consider the dominant language of your existing system and the institutional knowledge and skills of your team.
Root Level Technology (RLT) looked at the four top CM software tools; Ansible, Chef, Puppet and SaltStack, to determine which solution is the best fit for companies contemplating a CM deployment. Several years ago, Josh Dreyfuss, writing for the OverOps blog, compared these four CM solutions. His research contributed to our evaluation.
A simple solution that uses SSH, which offers several other services in addition to
configuration management, such as workflow monitoring, automated app deployment for
updates and more. Ansible, written in Python, has strong security features and focuses on five
foundational principles: A small learning curve; ease of use; automation for most elements;
efficiency and strong security.
Ansible is an open source program that is user-friendly for most developers and also offers an
enterprise version. With more than a quarter million downloads per month, Ansible is the most
popular open source automation tool on GitHub today.
No special coding skills are required to use Ansible, tasks are executed in order and it features an agentless architecture.
Ansible is used to deploy applications to remote nodes and servers in a repeatable way. It provides a common framework for pushing multi-tier applications and applications artifacts using a push model setup. It can be configured as a master-client system. Ansible is built on playbooks that can be applied to an extensive variety of systems.
When to use it: If time and simplicity matter most, Ansible is a sound solution. No need for agents on remote nodes or managed servers. If you are more focused on the system administrator side of the house, Ansible offers a streamlined solution.
- SSH-based, no need for agents or remote nodes
- Easy learning curve thanks to the use of YAML
- Playbook structure is simple and clearly structured
- Variable registration feature enables tasks to register variables for later tasks
- Much more streamlined code base than some other tools
- Less powerful than tools based in other programming languages
- Logic comes through its DSL, which requires frequent checking on documentation
- Variable registration is required for even basic functionality, which can make easier tasks more complicated
- Difficult to see the values of variables within the playbooks
- No consistency between formats of input, output, and config files
- Struggles with performance speed at times
Puppet Labs –
Starting out as a DevOps tool, Puppet has emerged as a viable CM tool as well.
Written in Ruby with both open source and paid enterprise versions available, Puppet requires
programmers with strong Ruby skills. Puppet works with a variety of platforms.
A long-standing tool in the CM space, Puppet has been tested and proven in some of the most
demanding environments. It uses a customized DSL, master-client setup and a model-driven
approach. Puppet code design works as a list of dependencies.
When to use it: Puppet is a good choice if stability and maturity are key factors. Good for large enterprises with a wide range of skills on the DevOps team.
- Well-established support community through Puppet Labs
- Mature interface and runs on nearly every OS
- Simple installation and initial setup
- Most complete Web UI in this space
- Strong reporting capabilities
- Ruby-based CLI
- Ruby support is declining
- Code base can become unwieldy, complex
- Model-driven approach means less control compared to code-driven approaches
Like Puppet, Chef is also available in an open source or paid enterprise version. It is also
written in Ruby and offers more than 800 different free modules. Programmers like the easy
installation and features such as text-based search and support for multiple environments.
Its command line interface, testing mode, and large database make it ideal for companies that
need large storage capacity. Chef is highly customizable, accommodating the installation or
even creation of different modules, making this one of the most adaptable CM solutions on the
Chef is nine years old, an ancient in software development. It uses a master-agent model and in addition to a master server, requires a workstation to control the master. A gents can be installed from the workstation using the “knife” tool that uses SSH for deployment, easing the installation burden. From there, managed nodes authenticate with the master through certificates.
The Chef design is transparent, based on instructions given. This requires instructions to be clear.
When to use it: Programmers familiar with Git and Ruby should consider Chef, since both are required for configuration. Chef is best suited for development-focused teams and environments looking for a more mature solution for a multi-tiered system.
- Rich collection of modules and configuration recipes
- Code-driven approach provides control and flexibility configurations
- Git foundations provides strong version control capabilities
- “Knife” tool eases installation burdens
- Steep learning curve for non-Ruby users
- Large code bases and complicated environments
- Does not support push functionality
Part of a larger application designed for enterprise-level operations, SaltStack uses minions – subprocesses that take commands from the main system – and reports results of
SaltStack has the capacity to support multiple hosts simultaneously and is adept at creating
configuration files. Salt, like Ansible, has a small learning curve and is a good choice for
companies with limited programming resources. It’s open source, which means it is easily
extended and customizable. Salt can accommodate any language to render configurations,
providing sufficient control over files.
SaltStack is CLI-based and can be configured as a master-client model or non-centralized model. Based in Python, SaltStack offers a push method and an SSH method of communication. Salt allows for grouping of clients and configuration templates to simplify environmental control.
When to use it: Systems requiring scalability and resiliency should consider SaltStack as a CM solution. It’s well-suited for system administrators thanks to its usability.
- Straightforward organization and usage
- Feature-rich DSL
- Consistent input, output and configs – all YAML
- Introspection is transparent
- Strong community support
- High scalability and resiliency master model with minions and hierarchical tiers.
- Challenging setup for new users
- Documentation somewhat complex at introductory level
- Web UI is newer and less complete than other tool’s Web UIs in the space
- Not great support for non-Linux Oss
Depending on the deployment and skills of staff, those looking for a CM solution could opt to
use any of these four to manage a deployment. RLT recommends Ansible as the best solution
due to its relatively easy learning curve, timely implementation and master less design, with
only SSH dependencies.