Reputation: 2581
Package Management / automation - puppet vs landscape vs ansible etc
I'm trying to work out what tool would best fit managing my linux private cloud
The main purpose is to control
Package management, updates, install, removals
Script automation against all VM's
Security vulnerabilities
SSH Key access (possibly looking at keybox)
Currently have 2 clouds with over 100+ linux VM's in so we are at the stage where we want to commit to management solution but will so many on the market I'm not sure what to choose
You seem to have a number
Landscape
puppet enterprise
Chef enterprise
ansible tower
cfengine
foreman
Any guidance would be great?
Upvotes: 0
Views: 2900
Answers (1)
Reputation: 2057
There are many references to be found about the pro's and cons of a lot of tools. Each has there specific benefits. There is also to choose from: Enterprise version, open source version and masterless setups.
Landscape is primarly for ubuntu. Foreman i never researched.
puppet/chef/ansible/cfengine are more general configuration management tools that can be used on almost all linux os-es. Some can even be used on windows.
If you want to do the research yourself first read up on what others have done, for instance:
- http://www.infoworld.com/article/2609482/data-center/data-center-review-puppet-vs-chef-vs-ansible-vs-salt.html
What makes puppet/salt stand out is the approach that you do not tell them what to do, but you tell them what you want the end-result to be. IE: you tell them a user JOE needs to be present, and these tools make sure they exist. So if someone removes the user, it will be recreated next run.
Other tools will run scripts to create a user, and if someone removes that user, it will not be recreated.
Best suggestion is: you'll have to dive into one and really do the work to find out if it suits your needs. And they all have a learning curve.
The enterprise versions of the mentioned tools will make it much easier to setup and start using them. IE, puppet enterprise will be up and running in less than an hour. While the puppet normal version can take a day easily before you can get rolling.
Also, some big companies are using puppet masterless setup. They have some sort of repository, and login manually and execute the tool.
In summary: Pick a tool that you think might fit your needs. Try the enterprise version to see if it can handle your needs. Then decide if you want to pay for it and keep the setup. If not try to implement the open source version. If you have very little simultaneous groups execute changes, or if you have no extreme needs for security (like NSA or banks), than your done. Otherwise, think if master less setup might be better.
Upvotes: 3
Related Questions
- Puppet vs Ansible - why would organisation use both?
- How to automatically test configuration managing scripts?
- Does Docker reduce or mitigate the need for Puppet/Chef et al?
- How to integrate a deployment automation tool into puppet?
- Puppet for patching software
- Choosing a vagrant provisioner
- How to automate Puppet's modules install
- How can Puppet fit into a Continuous Delivery tool chain?
- How should I structure my puppet configurations for shared environment resources (packages, configurations, etc) when using Puppet?
- How to use puppetlabs/apt module?