Ansible vs Chef vs Puppet

6 Comments / DevOps, Release and Operation / By

The configuration Management system is all about deploying the application into servers, Managing Servers and Configuring Servers. The most common and popular configuration tools available in the market are Ansible, Chef, and Puppet. In this article, we will see these tools and discuss the pros and cons of Ansible vs Chef vs Puppet so that we can choose the right configuration management tools for our need.

Table of Contents

Ansible

Ansible is the youngest among the other configuration management tools. The basic platform of the Ansible is written in python and the basic scripting can be written in YAML. Ansible is PUSH based configuration management tool which means it will send the configuration from workstation to the nodes using SSH or winRM connection. Let us see the simple architectural diagram of the ansible to understand working method.

Ansible needs a workstation where ansible scripts will get executed. So Ansible scripts will look for the inventory files which are having the list of hostnames or IP addresses of the target servers.

Ansible Architecture.

Roles and modules are the single or list of components and commands that need to be configured in the target system. When the Ansible script is executed, it will establish the SSH or WinRM connection with the target servers as per the inventory file and execute the roles and modules on the target servers. Let us see the Pros and Cons of ansible

Learn Ansible on Udemy with Offers

Learn how to use Ansible to automate local and cloud configuration management tasks on Udemy with Min 50% offer.

Get Offer

Pros

  • Ansible installation is very easy and configured easily.
  • Writing a script in the YAML file is very easy and powerful.
  • Executing the commands remotely makes the accessibility of the target system easy.
  • Ansible commands are executed in sequential order so that understanding of the script execution is easy.
  • Ansible can be executed N number of target servers as per the inventory file.
  • Shares facts between multiple servers, so they can query each other.
  • Agent-less deployment makes faster connections compared to an agent-based model.
  • Compared to the connection protocols of other tools, SSH and winRM connections are secured as compared to other models.

Cons

  • SSH communications are slow which may cause more downtime.
  • Compared to other tools limited features like monitoring, API availability.
  • The syntax for The Playbooks and Templates is different which may be a little difficult for beginners.

Chef

The Chef is the client-server architecture model configuration management tool. The scripting of this tool is written in Ruby DSL using imperative programming paradigm. The Chef is using the pull-based approach to send Configuration information to the target nodes. Chef uses the agent-based system where target servers are installed with an agent called chef-client which will poll the instruction from the master server that responds with SSH connection. Let us see the basic architecture of the chef.

Chef Architecture.

There are three important components are present in the chef architecture. Client Nodes are the nodes which need to be configured by installing agent application called chef-client. Chef Workstation is the authors working machine where the author writes the Ruby DSL called cookbook and test with the testing tool called Test Kitchen and communicate with the chef server using the command line or knife tools. Chef Server is a common server between workstation and chef-client. This server will keep the cookbook, policies, and metadata of the nodes or chef clients. Chef client will pull the recipes and templates and it will install in the node.

Learn Chef on Udemy with Offers

Learn Configuration Management with Chef to automate local and cloud tasks on Udemy with Min 50% offer.

Get Offer

Pros

  • Completely programmable, so that scope of handling and customization is very high
  • The chef is also executing commands in sequential order which is very easy to understand the flow.
  • Chef’s Community is very active and it has Strong documentation and support.
  • One of the most flexible solutions for OS and middleware management.
  • The chef is well matured and stable for large-scale deployment.
  • SaaS version of Chef is available which is very useful for analytics and reporting.

Cons

  • Beginners required huge learning and it is very difficult for them.
  • Configuring the chef and initial setups are complex.
  • The pull-based configuration will wait for the next scheduled polling to get the configuration from the server.

Puppet

Puppet is another opensource configuration management tool and vastly used by many teams. It is also using ruby declarative language (Ruby DSL) to configure the files. Puppet can either configured with a client-server (Agent-master) architecture model or stand-alone architecture model.

Agent/master architecture: Puppet-master will keep the configuration and controls it, Puppet agent nodes will request or pull the configuration information and configure the same on the node. A report will be sent to the puppet master once after the configuration is updated. Communication between master and agent will happen via an HTTPS connection.

Agent/Master Puppet Architecture

Stand-alone architecture: Every node will be installed with the puppet application. Each node will be carrying its own configuration information. By running Puppet apply command, the nodes will be configured according to the configuration information. Usually, this will happen in a scheduled job or with a Cron job.

Learn Puppet on Udemy with Offers

Learn Fundamentals of Puppet to automate local and cloud configuration management tasks on Udemy with Min 50% offer.

Get Offer

Pros

  • Initial setup and configuration is very easy
  • Web UI console will help us to take care of many configurations, reporting, and real-time node management tasks easily.
  • Puppet is very Robust and has native capability to work with shell-level constructs.
  • Very stable and matured system for the DevOps guys to manage large scale infrastructure
  • Puppets’ Community is also very active and it has Strong documentation and support.

Cons

  • Some times it is difficult for beginners to learn Puppet DSL or Ruby,
  • We need CLI for doing advanced tasks.
  • The Ruby DSL code can go big when we scale higher and it will become complicated.
  • As always, the pull-based system follows a scheduled job for tasks which will make us wait for configuration.
  • Puppet DSL is a little different than Ruby so that pure Ruby won’t work some times.

Selection of the right configuration management tool is relative to the situation and system. Comparing the pros and cons of each tool and understanding the architectural design will help us select the right tool for configuring our infrastructure.

Get more knowledge on DevOps from this [ebook]

Conclusion

In this article, we have discussed the pros and cons of Ansible vs Chef vs Puppet. Also, take a look at our discussion on Ansible Playbook and Ansible Inventory. We will discuss more these configuration tools in our future discussions and article. Stay tuned and subscribe DigitalVarys for more articles and study materials on DevOpsAgileDevSecOps, and App Development.


6 thoughts on “Ansible vs Chef vs Puppet”

  2. Vitalijs

    Have you ever used Ansible/puppet in production? From my point if view you are incorrect in some pros/cons
    1. Ansible
    1.1. root access – you could run ansible as non-root user. you will need root access for “root” operations(like for any other tool, like puppet or chef)
    1.2. limited features – exist Tower or AWX) to get api, monitoring and so on
    1.3. syntax for playbooks and templates – why this is cons ? for puppet, for example, you hsve the same “issue”.

    I will not through other tools..
    I think you should rewrite or delete this topic.

    Reply
    1. Prabhu Vignesh Kumar Rajagopal
      Prabhu Vignesh Kumar Rajagopal

      Thank you for your comment. I appreciate your effort to point the mistakes. I have made changes but I would like to give clarification on the points you mentioned.
      1.1 – root access – It was a big mistake and I have removed it – Thank you for pointing this out.
      1.2 – limited features – Of Course, we have Tower and many other tools but as compared to other tools, It is limited. Let me take this opportunity to explain this in another article. Stay tuned.
      1.3 – Syntax – Learning and working with both YAML and Jinja2 is a little difficult for beginners.

      Reply
      1. Vitalijs

        about 1.2: for example for puppet(in pros) –
        Web UI console will help us to take care of many configurations, reporting, and real-time node management…

        To get web UI you should install:
        1. paid version – Puppet Enterprise( it will be quite expensive but will add a lot of functionality)
        2. Foreman(or something similar) – you will need some time to setup it + you will need to setup PuppetDB and so on…

        As well, it is not so easy to setup, for example, mysql replication with puppet. Puppet holds state…

        To analyse this tools you should write a book 😉 Good luck my friend, contact me if you need my advice or help. I have used quite a lot Ansible and Puppet in production.

        Reply
        1. Prabhu Vignesh Kumar Rajagopal
          Prabhu Vignesh Kumar Rajagopal

          Great points. Thank you again. I will come up with detailed new articles on these tools.
          Also, this website is growing. A new feature for contribution will be added soon. Once added, please register yourself and contribute by correcting the articles or by writing your own.

          Aim of DigitalVarys.com is to discuss and share knowledge. Greetings to you.

          Reply

Leave a Reply