Results 1 to 3 of 3
Thread: CFengine or Puppet?
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Mar 2005
- San Diego, CA
CFengine or Puppet?
Any advice would be greatly appreciated. Thanks.
Sent from my DROID RAZR HD using Tapatalk
Here's a talk giving at SCALE that covers the topic.
>>> socallinuxexpo.org/scale11x/presentations/puppet-vs-cfengine-vs-chef-guide-stressed-developers]Puppet vs Cfengine vs Chef: A Guide for Stressed Developers | SCALE 11x <<<
At my last job we went with Puppet is was easier to get going with.
cfengine/puppet/chef/ansible are like programming languages.
There is no general "best".
It depends on your usecase, available people and their skillsets.
That said, here is a comparison
From personal experience:
We had three datacenters and a few hundred centos5 machines running with cfengine2 and subversion.
Overall, this was running quite well.
But with time the policies evolved and we hit some problems:
- Policies were copied to the nodes before executing them. Including passwords, password hashes, private keys.
Even if the particular node didnt need them.
- The runs were no longer idempotent. ie: multiple runs were neccessary to get a node into a desired state.
- The quoting and escaping that we had for certain actions were not only ugly, but made maintenance hard.
In other words: Time to start from scratch with either cfengine3 or puppet.
Being tired of cfengine2, we tried puppet first and stuck with it to rebuild the datacenters with puppet and debian.
This wasnt exactly a fair comparison.
So in your case: I would suggest to try a few tools for an isolated case and then decide, which syntax and approach you like the best.
As dns is part of the base infrastructure, this might be a good test: Install, configure and run a bind server for multiple environments (dev,staging,production).
Last edited by Irithori; 11-03-2013 at 04:14 PM.You must always face the curtain with a bow.