Götz Reinicke - IT Koordinator
2016-May-12  07:22 UTC
[CentOS] Suggestions for Config Management Tool
Hi, we see a growing need for a better Configuration management for our servers. Are there any known good resources for a comparison of e.g. Puppet, Chef, Ansible etc? What would you suggest and why? :) Thanks and Regards . G?tz
On 12 May 2016 at 08:22, G?tz Reinicke - IT Koordinator < goetz.reinicke at filmakademie.de> wrote:> Hi, > > we see a growing need for a better Configuration management for our > servers. > > Are there any known good resources for a comparison of e.g. Puppet, > Chef, Ansible etc? > > What would you suggest and why? :) > > >Puppet is great for central control with automatic runs making systems right and keeping them in line, it's not an orchestration tool though - however it's commonly supplemented with something like rundeck and/or mcollective to assist here. Chef is great for a ruby house - you'll need to brush up on your ruby as writing cookbooks is heavily tied to the language. Historically it was very debian focused with issues like selinux problems. I believe these have been generally resolved though. Ansible is a great orchestration tool and excellent for going from base to a configured system. It is less of a tool to keep things inline with a base however with no central automated runs (ignoring Tower which is not FOSS yet). Ansible is also much simpler to get into given the tasks are just like following through a script for defining how to make a system, as opposed to learning an actual DSL like required for understanding puppet modules. There's a growing pattern of using ansible for orchestration alongside puppet for definitions as well (there's a specific ansible module to carry out a puppet run). I've not looked at salt at all personally. Came across this article a while back: http://www.infoworld.com/article/2609482/data-center/data-center-review-puppet-vs-chef-vs-ansible-vs-salt.html
> > What would you suggest and why? :)Ansible is now owned by Redhat so I would expect its feature set to be specifically aligned towards the administration of RHEL type operating systems over time. We've previously been using Saltstack to great effect but we are gently sliding towards Ansible. Both are YAML defined and coded in python which makes life really easy. I believe Chef and Puppet to be demons incarnate. Only ruby mavens seems to be able to effect any kind of control on these beasts. Ruby is the work of satan. Cheers, Andrew
Personally, I think it is important to try one in a prototype mode. There are many changes to how you operate systems as you bring in configuration management that any of the packages you propose should be an improvement over running scripts or hand configuration. We chose Puppet around 3 years ago and have been very happy with it, managing 10,000s of machines with it. We?ve got over 200 people making regular changes to the configurations and a lot of good upstream modules in production. I don?t think there is one size fits all but the tools you suggest have all been used successfully. Tim On 12/05/16 12:56, "centos-bounces at centos.org on behalf of Andrew Holway" <centos-bounces at centos.org on behalf of andrew.holway at gmail.com> wrote:>> >> What would you suggest and why? :) > >
Hi, I've chosen ansible over the others for two particular reasons: - you can quickly dive into it. I think it's the easier to use at first being a complete beginner in config management tools. - no daemon server or client side. HTH, Laurent. Le 12 mai 2016 09:22:09 GMT+02:00, "G?tz Reinicke - IT Koordinator" <goetz.reinicke at filmakademie.de> a ?crit :>Hi, > >we see a growing need for a better Configuration management for our >servers. > >Are there any known good resources for a comparison of e.g. Puppet, >Chef, Ansible etc? > >What would you suggest and why? :) > > Thanks and Regards . G?tz > > > >------------------------------------------------------------------------ > >_______________________________________________ >CentOS mailing list >CentOS at centos.org >https://lists.centos.org/mailman/listinfo/centos-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
On 12/05/16 10:21, James Hogarth wrote:> On 12 May 2016 at 08:22, G?tz Reinicke - IT Koordinator < > goetz.reinicke at filmakademie.de> wrote: > >> Hi, >> >> we see a growing need for a better Configuration management for our >> servers. >> >> Are there any known good resources for a comparison of e.g. Puppet, >> Chef, Ansible etc? >> >> What would you suggest and why? :) >> >> >> > > Puppet is great for central control with automatic runs making systems > right and keeping them in line, it's not an orchestration tool though - > however it's commonly supplemented with something like rundeck and/or > mcollective to assist here. > > Chef is great for a ruby house - you'll need to brush up on your ruby as > writing cookbooks is heavily tied to the language. Historically it was very > debian focused with issues like selinux problems. I believe these have been > generally resolved though. > > Ansible is a great orchestration tool and excellent for going from base to > a configured system. It is less of a tool to keep things inline with a base > however with no central automated runs (ignoring Tower which is not FOSS > yet). > > Ansible is also much simpler to get into given the tasks are just like > following through a script for defining how to make a system, as opposed to > learning an actual DSL like required for understanding puppet modules. > > There's a growing pattern of using ansible for orchestration alongside > puppet for definitions as well (there's a specific ansible module to carry > out a puppet run). > > I've not looked at salt at all personally. > > Came across this article a while back: > http://www.infoworld.com/article/2609482/data-center/data-center-review-puppet-vs-chef-vs-ansible-vs-salt.html+1 on your comments around those ones. After that, it's up to the sysadmin (and also sharing with the group of colleagues working in the infra team) to test and see which one fits the bill. Some people really dislike ansible, while personally I like it more than puppet, but it's also a personal feeling with the tool : do you prefer green or red (and then someone will answer "blue" !) ? both are colors, but we have a preference. Same for cfgmgmt tools, assuming that they do what you want them to do too. -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20160512/36a482da/attachment-0001.sig>
On 05/12/2016 12:22 AM, G?tz Reinicke - IT Koordinator wrote:> Are there any known good resources for a comparison of e.g. Puppet, > Chef, Ansible etc?https://bitbucket.org/gordonmessmer/config-comparison/overview I wrote one for my current employer, when I started, in order to get consensus from my coworkers on which system to use. The comparison described a specific set of tasks that were common, under 5 config management systems. Obviously, I do not have extensive experience with all of the systems, and some of the solutions described may not be the solutions that an expert would provide. If anyone wants to submit changes, I'll add them. Also, the document is somewhat out of date. Since I wrote it, I've submitted a substantial number of fixes to bcfg2 to address almost all of the deficiencies that I identified. If I were in that position again, though, I think Ansible would be the easy choice. There are a whole lot of things I like about bcfg2, but development is mostly inactive.
On Thu, May 12, 2016 at 7:22 PM, G?tz Reinicke - IT Koordinator < goetz.reinicke at filmakademie.de> wrote:> Hi, > > we see a growing need for a better Configuration management for our > servers. > > Are there any known good resources for a comparison of e.g. Puppet, > Chef, Ansible etc? > > What would you suggest and why? :) > > Thanks and Regards . G?tz >Hi, As no one else seem to have mentioned it, I would highly recommend https://saltstack.com/community/ particularly in you have good in house python skills. It is easy to get started but also amazingly flexible. It has a helpful active community.