Configuration Management Tools (Continually Comparing and Contrasting Technical Aspects of The Big Four)

There are many different configuration management tools.  These programs promote the management of servers either through the release of code or through the deployment of infrastructure patches.  They can do more than that. Commonly their utilization facilitates the transfer of files as well as the modification of existing files.  Four of these configuration management (CM) tools that are very popular among modern enterprises include Puppet, Chef, Ansible, and SaltStack.  This post will briefly compare and contrast some aspects of the tools themselves.
Each application has a file that governs an operation of the CM tool.  A basic operation would be to transfer a file to a server.  A more complex operation would be to ensure certain conditions are met (certain files exist in certain locations).  CM tools can do other things like mount file systems or change file permissions.  Generically we will refer to the files that govern basic operations as template files.

CM tool                         Template file to govern a CM operation                Extension of such a template file
Ansible                                             playbook                                                                                .yml
Chef                                                  recipe                                                                                      .rb
Puppet                                             manifest                                                                                 .pp
SaltStack                                          state file                                                                                 .sls

 The language the above template files are written in are as follows:
CM Tool                    Language
Ansible                      YAML
Chef                           Recipe Domain Specific Language
Puppet                      Puppet Domain Specific Language
SaltStack                   YAML

CM Tool                    Name of main, central server                         Name of servers that are configured
Ansible                      Control server                                                   Managed node
Chef                           Chef server                                                        Chef client
Puppet                      Puppet Master                                                  Puppet Agent
SaltStack                   Master server                                                    Minion

The main file that the main servers use are as follows for each CM tool:
- The Ansible control server uses ansible.cfg.
- Chef Infra Server uses config_rb_server.
- The Puppet Master server uses puppet.conf.
- The Salt Master server uses a master file typically in /etc/salt/.

CM Tool                    Component That Can Store Encrypted Data
Ansible                                                  Ansible vault
Chef                                                       Data bag
Puppet                                                   Hiera           
SaltStack                                                Pillar   

CM Tool       Component to Collect Info* About A Node              

Ansible         Inventory script / Ansible setup module**                                     
Chef             Ohai                                                       
Puppet         Facter and External Node Classifier                                        
SaltStack      Grains                                                              

CM Tool       Test Suites              

Ansible         ansible-lint, Molecule (for Ansible roles)***                                     
Chef             Test Kitchen, ChefSpec                                                        
Puppet         Puppet Playground, RSPEC-PUPPET                                        
SaltStack      Kitchen Salt, miscellaneous others

A weakness of comparing these components is that it seems to equate them in terms of market adoption. For example, we do not think Puppet Playground has been adopted the way Chef Test Kitchen has.

* Information such as the hostname, IP address, operating system etc. of a given client server.

**  "Facts are automatically discovered by Ansible when running plays by executing the internal setup module on the remote nodes. You never have to call the setup module explicitly, it just runs..." taken from

*** To set it up, see this posting. To learn more, see the official site.

Configuration Management Dependency Resolution
Configuration Management promises to resolve dependencies in a systematic way that can be easily repeated on servers throughout your enterprise.  Here is an overview of four CM tools' dependency resolution components:

Berkshelf is a CLI tool that is part of the Chef development kit.  Berkshelf manages dependencies for Chef cookbook workflows.

Puppet manifests with the "require" keyword.  Puppet's DSL has a "require" key word which is an optional designation for a resource declaration.  It allows a "Package" resource to be declared.  Such a package could be something like an Apache web server installation.

Ansible roles are reusable packages.  They can be employed as dependencies in Ansible playbooks.  

Salt Package Manager uses pre-written Salt States (desired configurations) to resolve dependencies for ultimate configuration goals.

Use cases will be a big factor in determining which CM tool is best for you. License compatibility may be a consideration. Finally, when selecting a CM tool that your enterprise will use, the learning curve of your employees will also be a consideration.  The current institutional expertise related technologies may be a factor when determining a CM tool.  Inevitably problems occur, dependencies must be resolved, and customization of the CM tool may be a luxury or necessity.  Therefore the language the tool was written in may influence the decision makers when selecting this crucial tool for your business to adopt and leverage.

CM Tool                                  Language the tool was written in
Ansible                                       Python
Chef                                            Ruby (early versions of Chef) and Erlang (newer versions of Chef)
Puppet                                       Ruby
SaltStack                                    Python

n.b. Please note the following:
What is the benefit of comparing and contrasting the "big four" configuration management tools and their components? Businesses are not sure which to use.

What is a disadvantage of comparing and contrasting these CM tools? They are not analogous in how they work. Despite Puppet and Chef having a common origin, they are very different in how they work.

If you want to try out these CM tools, see the following postings on how to deploy each one (installation and configuration directions):

Ansible for RHEL
Ansible for SUSE
Puppet for RHEL
Puppet for SUSE
Puppet for Ubuntu

Maybe this isn't an Ansible question for a Chef Puppet, does he have any Salt?

Leave a comment

Your email address will not be published. Required fields are marked *