Upload
anton-weiss
View
192
Download
1
Embed Size (px)
Citation preview
Ninja, choose your weapon!
Puppet vs. Chef vs. Ansible vs. Salt
About me
Ant(on) Weiss DevOps Evangelist&Enabler, CI/CD/ALM Expert
[email protected] - twitter: @antweiss http://otomato.wordpress.com
DevOps isn’t about Tools
But they definitely help!
DevOps is all about Tools
"We shape our tools. And then our tools shape us.”
Marshall McLuhan
Weapons of Mass Configuration
• Manage configuration of thousands of servers
• Automation and orchestration
• Infrastructure as Code
Tools vs. no Tools
vs.
The Good Tool• One we are comfortable with
• Flexible
• Extendable
• Scalable
• Community-supported
• Integrate-able
PuppetSince: 2005
Written in: Ruby
Developed by: Puppetlabs
Configuration: Puppet-specific declarative language (Ruby-based) or pure Ruby. Model-driven.
Manages: > 10 mln nodes (acc. to Puppetlabs)
Puppet
Puppet master
agent agent agent
XMLRPC over HTTPS
reportreport
report
Puppet Concepts
Resources: files, services, packages, users…
Manifests: Puppet programs
Classes: collections of resource definitions
Modules: classes + accompanying data
Puppetforge.com: 3326 community modules
Puppet Features
• Configuration Management
• Automatic Discovery (MCollective)
• Orchestration (MCollective)
• Provisioning (w/Foreman or Razor)
Puppet Code: class ntp { case $operatingsystem { centos, redhat: { $service_name = 'ntpd' $conf_file = 'ntp.conf.el' } debian, ubuntu: { $service_name = 'ntp' $conf_file = 'ntp.conf.debian' } } package { 'ntp': ensure => installed, } file { 'ntp.conf': path => '/etc/ntp.conf', ensure => file, require => Package['ntp'], source => "/root/examples/answers/${conf_file}" } service { 'ntp': name => $service_name, ensure => running, enable => true, subscribe => File['ntp.conf'], } }
Puppet Web UI Options
• Puppet Enterprise (commercial for > 10 nodes)
• Foreman
• PuppetBoard ( reporting only )
Puppet in a Nutshell• The Most Mature (of the four reviewed)
• ‘Pull’ mode of operation, but push also supported
• Enterprise Features
• Largest Ecosystem (Foreman, PuppetBoard)
• A Language of its Own
• Less flexible
• Easy to start with, gets complicated further along.
Chef
Since: 2009
Written in: Ruby+Erlang
Developed by: Chef ( formerly Opscode )
Configuration: pure Ruby DSL - procedural
Chef
Chef Concepts
Resources: files, services, packages, users…
Recipes: Chef programs
Cookbooks: recipes + accompanying data
Databags: global variables
supermarket.chef.io: 2061 cookbooks
Chef Codecase platform
when "ubuntu","debian"
default[:ntp][:service] = "ntp"
when "redhat","centos","fedora","scientific"
default[:ntp][:service] = "ntpd"
end
package "ntp" do
action [:install]
end
template "/etc/ntp.conf" do
source "ntp.conf.erb"
variables( :ntp_server => "time.nist.gov" )
notifies :restart, "service[ntpd]"
end
service "ntpd" do
action [:enable,:start]
end
Chef Web UI Options
• OpenSource WebUI - deprecated
• Enterprise Chef - commercial, basic
Chef in a Nutshell• Flexible, powerful
• Enterprise Features (HA, Analytics)
• Pure Ruby DSL
• Steep learning curve
• Push feature still in beta
Ansible
Since: 2012
Written in: Python
Developed by: Ansible Works inc.
Configuration: yaml+jinja
Motto: Simple IT Automation
Ansible
Controlling machine
node node node
reportreport
json over ssh
Agentless!!!
Ansible Concepts• Inventory: a list of hosts and host groups
• Ad-hoc commands: ansible all -a "/bin/echo hello"
• Playbooks: configuration scenarios
• Modules: control system resources and execute commands. Can be written in any language!
• Roles: playbook and accompanying data
• ansible-galaxy.com: 3124 roles
Ansible Code hosts: all
#ntp service name defined in ntp.yml
vars_files: ntp.yml
tasks:
- name: Install ntp package
yum: name=ntp state=latest
sudo: yes
- name: Starting ntp service
service: name={{ ntp_service_name }} state=started
sudo: yes
Ansible Web UI
• Ansible Tower (commercial)
Ansible in a Nutshell• Simple
• Lightweight
• Agentless (SSH)
• Windows support still immature.
• yaml DSL can be tricky to use
• Not the best performance. (Slow)
Salt
Since: 2011
Written in: Python
Developed by: SaltStack inc.
Configuration: yaml+jinja
Motto: Speed, scalability and flexibility
Salt
master
minion minion minion
reportreport
ZeroMq
Can also be masterless!
Salt Concepts• Commands: salt '*' disk.usage
• Modules: control system resources and execute commands. Written in Python or Cython.
• States: configuration scenarios
• Grains: facts about the managed nodes
• Pillars: globally accessed data
• Community State Trees & Modules: saltstarters.org
Salt Code # Include :download:`map file <map.jinja>` of OS-specific package names and
# file paths. Values can be overridden using Pillar.
{% from "ntp/map.jinja" import ntp with context %}
ntp:
pkg.installed:
- name: {{ ntp.client }}
{% set ntp_conf_src = salt['pillar.get']('ntp:ntp_conf') -%}
{% if ntp_conf_src %}
ntp_conf:
file.managed:
- name: {{ ntp.ntp_conf }}
- template: jinja
- source: {{ ntp_conf_src }}
- require:
- pkg: ntp
{% endif %}
Salt Web UI
• Halite: free, in pre-alpha
Salt in a Nutshell• Fast
• Super-scalable
• Easily Extensible (renderers, returners, etc)
• Python API
• Push mode by default
• In Active Development
• Documentation Needs Improvement
Summary• Puppet: features, WebUI, maturity, ecosystem
• better for devs
• Chef: flexibility, Ruby
• better for devs
• Ansible: simplicity, agentless, yaml, Python
• better for ops
• Salt: scalability, flexibility, robustness, Python
• better for ops
Stop breaking your teeth!
vs.