These tools also help us deploy codes on to multiple servers in the network easily, or even it helps us deployment to be automated..
There are several good tools available today for this purpose.. We'll be looking into a few of them here.
- Ansible
- Chef
- Puppet
- Salt (SaltStack)
- CFEngine
- CDIST
- Spacewalk
Ansible
Ansible is a model driven configuration management tool which is written in Python, and can work on most of the popular platforms like – Linux, Unix, Windows, etc... It basically depends on SSH for security and ease of management. We may use bash scripts as well for node management and so does not require a Linux system admin to learn any new language to handle this tool.
Some of the advantages of using Ansible are as follows:
Ease of use – Does not require writing any scripts or use of any custom code
Low learning curve – for both admins and developers they don’t have to learn anything new other than what they already know (phyton, bash etc…)
Security – It is more secure as it does not require any agent to be installed or additional ports to be opened or even root access. Also Ansible has encryption enabled.
Comprehensive automation – It allows automation of almost anything and everything in the IT environment.
Efficiency – Ad it runs on OpenSSH it does not rely on memory or CPU of servers thereby increasing server efficiency.
Ansible runs on GPL license. The first Release was on 8th March 2012, and the latest stable version released is Ver – 1.8.0 (on 25th Nov 2014). Ansible works on AIX, BSD, HP-UX, Linux, Mac OS X, Solaris, Windows, and many other platforms…
Ansible also comes with a Web UI like other CMS tools, but only for the paid version – called Ansible Tower.
Chef
Chef is one of the popular Configuration management systems like Puppet which is written in Ruby. Chef is available as both an open source and enterprise product. Chef is a powerful tool for full IT infrastructure configuration management, which has flexibility and scalability and also which can integrate with leading cloud providers. It also has access to 800+ reusable cookbooks which can be used by admins.
Chef runs on Apache License. It requires an agent to be installed on the nodes to be managed. Chef was first released on 15th Jan 2009. The latest stable version is – Chef Server 12.0.1 released on 17th Dec 2014 and Chef Client 12.0.3 released on 16th Dec 2014.
Chef uses a pure Ruby domain specific language (DSL) for writing configuration "recipes". These recipes contain resources that should be put into the declared state. Chef can be used as a client–server tool, or used in "solo" mode (where everything is on a single server – Suitable for small biz houses). It also offers enterprise platform support, including Windows and Solaris, and allows you to create, bootstrap and manage OpenStack clouds. It has easy installation with 'one-click' Omnibus Installer, automatic system discovery with Ohai, text-based search capabilities and multiple environment support. Other features include the "Knife" command line interface, "Dry Run" mode for testing potential changes, and the ability to manage 10,000+ nodes on a single Chef server.
Features available only in the enterprise version of Chef include availability as a hosted service, enhanced management console, centralized and activity reporting, as well as "Push" command and control client runs. Multi-tenancy, role-based access control (RBAC), high availability installation support and verification, along with centralized authentication using LDAP or Active Directory are included with Chef Enterprise.
Puppet
Puppet is a very popular tools which is written in Ruby (like Chef). Puppet consists of a custom declarative language to describe system configuration, distributed using the client–server paradigm (using XML-RPC protocol in older versions, with a recent switch to REST), and a library to realize the configuration. The resource abstraction layer enables administrators to describe the configuration in high-level terms, such as users, services and packages. Puppet will then ensure the server's state matches the description. There was brief support in Puppet for using a pure Ruby DSL as an alternative configuration language starting at version 2.6.0. This feature was deprecated, however, beginning with version 3.1.
What started out as a popular DevOps tool has quickly become a movement.. Written in Ruby, like Chef, Puppet also comes in both an open source and enterprise version. However, where Chef has a healthy offering of features across both open source and enterprise versions, Puppet has placed the majority of its feature set into enterprise status. Features that the open source version comes with include provisioning (Amazon EC2, Google Compute Engine), configuration management (operating systems and applications) plus 2,000+ pre-built configurations on Puppet Forge. Considerably more features are available for the enterprise version, including the open source features plus graphical user interface, event inspector (visualize infrastructure changes), supported modules, and provisioning (VMware VMs). Configuration management (discovery, user accounts), orchestration, task automation, role-based access control (with external authentication support) are also included. Puppet enterprise has a unified cross-platform installer of all components and support.
Puppet runs on Apache License from Ver – 2.7.0, and before that it ran on GPL. It has encryption enabled into it. The first release was on 30th Aug 2005 and the latest version (Stable) was released on 4th Nov 2014 (Ver – 3.7.3). It also has a GUI from which nodes can be managed. Agent has to be installed on a node so that the node is manageable.
Salt (SaltStack)
SaltStack, popularly known as Salt, started out as a tool for remote server management. As its usage has grown, it has gained a number of extended features, including a more comprehensive mechanism for host configuration. This is a relatively new feature facilitated through the Salt States component. With the traction that Salt has gotten in the last bit, the support for more features and platforms might continue to grow
Salt runs on Apache License and is written in Python language. It has encryption built into it. It was first released on 17th March 2011 and the current latest stable verson (ver – 2014.7.0) was released on 3rd Nov 2014. It has both agent less version and the one which required agent installation, and also has a GUI available.
Salt support many of the popular platforms but works partially on some platforms like HP-UX and some others.
As part of a larger, enterprise ready application, the configuration management piece of Salt is as robust and feature-full as would be expected. Built upon the remote execution core, execution of the system occurs on "minions" which receives commands from the central Salt master and replies with the results of said commands. Salt support simultaneous configuration of tens of thousands of hosts. Based upon host "states", no programming is required to write the configuration files, which are small and easy to understand, that help identify the state of each host. Additionally, for those who do program, or admins who want to have more control and familiarity with their configuration files, any language can be used to render the configurations.
CFEngine
One of the earliest full-featured configuration management systems out there, CFEngine has gone through several iterations and maintained relevance as OS have gone from the local data center to the cloud. At the heart of the infrastructure automation framework, CFEngine is also a modeling and monitoring compliance engine, capable of sitting on a small footprint. As recommended by CFEngine, steps toward identifying an initial desired state include: 1) model the desired state of your environment; 2) simulate configuration changes before committing them; 3) confirm the desired state and set for automatic self-healing; 4) collect reports on the differences between actual and desired states. CFEngine has a library of reusable data-driven models that will help users model their desired states. These infrastructure patterns are designed to be reusable across the Entriprise.
CFEngine runs on GPL and COSL licenses, and is written in “C” language. The first version was released in 1993 and the latest stable version (ver- 3.6.3) was released on 5th Dec 2014. It requires no agent to be installed on the node to be managed. Encryption is built into it.
Agent system. Manages configuration of a large number of computers using the client–server paradigm or stand-alone. Any client state which is different from the policy description is reverted to the desired state. Configuration state is specified via a declarative language. CFEngine's paradigm is convergent "computer immunology”
cdist
cdist is a zero dependency configuration management system, written in Python. It requires only ssh on the target host, which is usually enabled on all Unix-like machines. Only the administration host needs to have Python 3.2 installed.
cdist runs on GPL license, and has encryption feature available in it. It was first released on 2010 and the latest stable version (ver – 2.0.12) was released on 5th June 2012.
cdist supports popular platforms like – BSD, Linux, Mac OS X, etc…
Spacewalk
Spacewalk is an open source Linux and Solaris systems management solution and is the upstream project for the source of Red Hat Network Satellite. Spacewalk works with RHEL, Fedora, and other RHEL derivative distributions like CentOS, Scientific Linux, etc. There are ongoing efforts on getting it packaged for inclusion in Fedora. Spacewalk provides systems inventory (hardware and software information, installation and updates of software, collection and distribution of custom software packages into manageable groups, provision systems, management and deployment of configuration files, system monitoring, virtual guest provisioning, starting/stopping/configuring virtual guests and delegating all of these actions to local or LDAP users and system entitlements).
Spacewalk was first released in June 2008 and it runs on GPL v2 license. It is written in Java (C,Perl, Python, PL/SQL). Has got encryption built into it and does require an agent to be installed on the managed node. The latest stable version of Spacewalk (ver – 2.0) was released on 19th Jul 2013. Spacewalk does not go well with many of the popular platforms, but works on popular operating systems like Linux, and Solaris.
The Satellite 5 and earlier series of server management technologies from Red Hat were largely based on the Spacewalk open-source project that Red Hat started in 2008. The new Satellite 6 release breaks from that path; it is not based on Spacewalk, but rather has its roots in multiple other open-source efforts, including Foreman, Pulp and Puppet.
