Printable-Puppet-Dinosaurs - Paging Supermom · Triceratops Puppet Stegosaurus Puppet
Puppet vs. Chef vs. Ansible vs. Salt - ness-tech.co.ilירועים 2015/DevOps... · •Automation...
Transcript of Puppet vs. Chef vs. Ansible vs. Salt - ness-tech.co.ilירועים 2015/DevOps... · •Automation...
Ninja, choose your weapon!
Puppet vs. Chef vs. Ansible vs. Salt
DevOps isn’t about Tools
DevOps is all about Tools
Or maybe:
"We shape our tools. And then our tools
shape us.”
Marshall McLuhan
Weapons of Mass
Configuration
• Manage configuration of thousands of
servers
• Automation and orchestration
• Infrastructure as Code
Tools vs. no Tools
vs.
The Good Tool
• One you’re comfortable with :)
• Flexible
• Extendable
• Scalable
• Community-supported
• Integrate-able
Puppet
Since: 2005
Written in: Ruby
Developed by: Puppetlabs
Configuration: Puppet-specific declarative
language (json-like). Model-driven.
Manages: > 10 mln nodes (acc. to Puppetlabs)
Puppet
Puppet master
agent agent agent
XMLRPC over HTTPS
Puppet Concepts
Resources: files, services, packages,
users…
Facts: managed system properties
Manifests: Puppet programs
Classes: collections of resource
definitions
Modules: classes + accompanying data
Puppetforge.com: 3326 community
modules
Puppet Features
• Configuration Management
• Automatic Discovery (MCollective)
• Orchestration (MCollective)
• Provisioning (w/Foreman or Razor)
Puppet Code:
class ntp {
case $operatingsystem {
centos, redhat: {
$service_name = 'ntpd'
$conf_file = 'ntp.conf.el'
}
debian, ubuntu: {
$service_name = 'ntp'
$conf_file = 'ntp.conf.debian'
}
}
package { 'ntp':
ensure => installed,
}
file { 'ntp.conf':
path => '/etc/ntp.conf',
ensure => file,
require => Package['ntp'],
source => "/root/examples/answers/${conf_file}"
}
service { 'ntp':
name => $service_name,
ensure => running,
enable => true,
subscribe => File['ntp.conf'],
}
}
Puppet Web UI Options
• Puppet Enterprise (commercial)
• Foreman
• PuppetBoard ( reporting only )
Puppet in a Nutshell
• The Most Mature (of the four reviewed)
• ‘Pull’ mode of operation, but push also
supported
• Enterprise Features (Event Inspection,
Automatic Discovery, Access Control)
• Largest Ecosystem (Foreman,
PuppetBoard)
• A Language of its Own
• Less flexible
• Easy to start with, gets complicated
further along.
Chef
Since: 2009
Written in: Ruby+Erlang
Developed by: Chef ( formerly Opscode )
Configuration: pure Ruby DSL - procedural
Chef
Chef Concepts
Resources: files, services, packages, users…
Recipes: Chef programs
Cookbooks: recipes + accompanying data
Databags: global variables
supermarket.chef.io: 2061 cookbooks
Chef Code
case platform
when "ubuntu","debian"
default[:ntp][:service] = "ntp"
when "redhat","centos","fedora","scientific"
default[:ntp][:service] = "ntpd"
end
package "ntp" do
action [:install]
end
template "/etc/ntp.conf" do
source "ntp.conf.erb"
variables( :ntp_server => "time.nist.gov" )
notifies :restart, "service[ntpd]"
end
service "ntpd" do
action [:enable,:start]
end
Chef Web UI Options
• OpenSource WebUI - deprecated
• Enterprise Chef - commercial, basic
Chef in a Nutshell
• Flexible, powerful
• Enterprise Features (HA, Analytics, etc)
• Pure Ruby DSL
• Steep learning curve
• Push feature still in beta
Ansible
Since: 2012
Written in: Python
Developed by: Ansible Works inc.
Configuration: yaml
Motto: Simple IT Automation
Ansible
Controlling
machine
node node node
json over ssh
Agentless!!!
Ansible Concepts
• Inventory: a list of hosts and host groups
• Ad-hoc commands: ansible all -a "/bin/echo
hello"
• Playbooks: configuration scenarios
• Modules: control system resources and
execute commands. Can be written in any
language!
• Roles: playbook and accompanying data
• ansible-galaxy.com: 3124 roles
Ansible Code
hosts: all
#ntp service name defined in ntp.yml
vars_files: ntp.yml
tasks:
- name: Install ntp package
yum: name=ntp state=latest
sudo: yes
- name: Starting ntp service
service: name={{ ntp_service_name }} state=started
sudo: yes
Ansible Web UI
• Ansible Tower (commercial)
Ansible in a Nutshell
• Simple
• Lightweight
• Agentless (SSH)
• Windows support still immature.
• yaml DSL can be tricky to use
• Not the best performance. (Slow)
Salt
Since: 2011
Written in: Python
Developed by: SaltStack inc.
Configuration: yaml (with jinja for logic)
Motto: Speed, scalability and flexibility
Salt
master
minion minion minion
ZeroMq
Can also be masterless!
Salt Concepts
• Commands: salt '*' disk.usage
• Modules: control system resources and
execute commands. Can be written in Python
or Cython
• States: configuration scenarios
• Grains: facts about the managed nodes
• Pillars: globally accessed data
• Community Modules and State Trees:
saltstarters.org
Salt Code
# Include :download:`map file <map.jinja>` of OS-specific
package names and
# file paths. Values can be overridden using Pillar.
{% from "ntp/map.jinja" import ntp with context %}
ntp:
pkg.installed:
- name: {{ ntp.client }}
{% set ntp_conf_src = salt['pillar.get']('ntp:ntp_conf') -%}
{% if ntp_conf_src %}
ntp_conf:
file.managed:
- name: {{ ntp.ntp_conf }}
- template: jinja
- source: {{ ntp_conf_src }}
- require:
- pkg: ntp
{% endif %}
Salt Web UI
• Halite: free, in pre-alpha
Salt in a Nutshell
• Fast
• Super-scalable
• Easily Extensible (renderers, returners, etc)
• Python API
• Push mode by default
• In Active Development
• Free (although raw) web ui
Summary
• Puppet: features, WebUI, maturity -
• better for devs
• Chef: flexibility, Ruby
• better for devs
• Ansible: simplicity, agentless
• better for ops
• Salt: scalability, flexibility, robustness, Python,
• better for ops
Thank you!
vs.