Blog Feed Post

Deploying at Scale: Chef, Puppet, Ansible, Fabric and SaltStack

The manageability, reliability and powerful technology of remote servers — cloud computing — allows IT managers to deploy hundreds, even thousands of machines. At the same time, the cloud creates a new challenge for sys admins and ops teams: how to maintain and configure all these machines. How do you apply patches, maintain updates and fix security gaps?

The answer is to use powerful tools like Chef, Puppet, Ansible, Fabric or SaltStack for managing Infrastructure As Code (IaC) automation. IaC means deploying and managing infrastructure for computing, including virtual servers and bare-metal servers. Definition files are used instead of physical hardware management. Here is a bit of the history, background, advantages and disadvantages for each of these infrastructure configuration management tools currently on the market.


Puppet was founded in 2005 by Luke Kanies, making it one of the earliest infrastructure configuration management tools. It is free software written in Ruby and made available under the Apache Software License 2.0, although it was released using the GNU General Public License up to version 2.7.0. It operates declaratively on Microsoft Windows and UNIX-based systems like AIX, Solaris and Mac OS X. Puppet uses a declarative language to define system configuration. To begin, you set up system resources and relevant state that are stored in files called Puppet Manifests. A resource abstraction layer then lets you use higher-level terms such as packages and services to define configuration.

Because Puppet is model driven, you don’t need an extensive programming background to use it. In a model-driven approach, you can set up how you want the infrastructure and applications to operate. With the model in place, you can then test and evaluate changes you want to deploy across the system. Constant reporting and feedback allows you to improve processes, show compliance and tweak the results as you go. Puppet is perhaps the most popular infrastructure configuration and management tool among those described here, used by a variety of organizations including:

  • Mozilla
  • PayPal
  • Spotify
  • Oracle
  • Rackspace
  • Wikimedia Foundation


Chef is a configuration management tool Adam Jacob developed to use in his consulting company. Seeing a broader use for managing Amazon Web Services operations, he joined with Nathan Haneysmith, Barry Steinglass and Joshua Timberman to found a firm called Chef to manage the tool.

Chef is based on “recipes” that describe how the software will configure and manage utilities and server apps like MySQL or Hadoop. These recipes can be combined to form a “cookbook.” Each recipe defines resources used in a state such as what services should be operating, what packages need to be installed and what files need to be created. The resources can be modified to make sure programs are installed in a specific order based on dependencies. Industry commenters often suggest that DevOps and developers usually choose Chef while SysAdmin’s prefer Puppet.

There are two versions of Chef: an open-source basic version and a premium enterprise edition. The enterprise offering has both on-premise and hosted versions. Open-source Chef is available at no charge but lacks many of the add-ons in the enterprise edition as well as ongoing support.

Chef began as a Linux product but later added support for Microsoft Windows. It runs on major platforms including

  • Solaris
  • Ubuntu
  • Microsoft Windows
  • FreeBSD

It is used by companies and websites such as:

  • Facebook
  • Airbnb
  • Expedia
  • Citi
  • Disney

Chef and Puppet are two of the largest infrastructure management tools available to you. They both continue to respond to the needs of enterprise companies by providing new features, and they are also busy creating partnerships with major vendors like Microsoft to better integrate with their platforms. Puppet has also aligned with software defined networking (SDN) vendors to stay in the forefront of that technology. Choosing between the two is a matter of determining the core advantages of each and figuring out which align with your requirements.


Ansible is an open-source software framework for managing and configuring infrastructure. It offers configuration management, software deployment for multiple nodes and ad hoc task execution. You can manage it using PowerShell or through a secure shell (SSH). This software framework was developed by Michael DeHaan, who was also one of the original developers over the Func framework used for administering systems remotely. Ansible is included in distributions of Fedora, and is also available if you use CentOS, Red Hat Enterprise Linux, Scientific Linux and other operating systems. A company of the same name was created to support the software product and help it grow in business markets. Red Hat acquired the company in 2015.

The name Ansible is derived from a communications system in “Ender’s Game,” a 1985 novel by Orson Scott Card. The fictional system was first invented for the 1966 novel “Rocannon’s World” by Ursula K. Le Guin.

Ansible controls two kinds of servers: nodes and controlling machines. The system is based on a single controlling machine, which configures and manages nodes using SSH. Modules are deployed over SSH to orchestrate notes, which then communicate to the controlling machine using a JSON protocol. Ansible is light on resources because when it is not managing nodes, it does not run any programs or daemons waiting for utilization.

Unlike Puppet and Chef, Ansible has an agentless architecture where nodes need a daemon to talk to the controlling machine. Under this system, nodes do not need to install and operate daemons in the background to communicate. This set-up significantly reduces network overhead because it stops nodes from constantly polling the controlling machine.

Ansible was designed with a minimalist approach, with a focus on making sure managing the system does not create additional dependencies on the system itself. It is secure because it requires OpenSSH. In addition, Ansible playbooks are written in an easy-to-learn, descriptive language. It is used in a variety of private and public clouds including:

  • Google Cloud Platform
  • OpenStack
  • SoftLayer
  • Amazon Web Services
  • XenServer

Ansible works well with Aerospike, Riak and Hadoop, monitoring resource consumption by every node while using few CPU and memory resources. Organizations and companies deploying Ansible include:

  • NASA
  • Weight Watchers
  • Juniper
  • Apple

Its agentless model makes it a popular choice for government divisions such as NASA because it is very secure, a quality highly valued in federal and state governments.


Fabric is an open-source command line tool and Python library used to smooth out SSH utilization for system administration and application deployment. It consists of a suite of operations for launching shell commands, either locally or remotely, via sudo or normally; downloading and uploading files; and asking for input from users, stopping execution and other auxiliary functions. While products like Puppet and Chef focus on organizing and handling system libraries and servers, Fabric is more concerned with deployment and other application-level functions.

Developers like Fabric because it is simple, easy to maintain and you can add any type of job quickly. You can execute Python functions using the command line, and launching shell commands on SSH is simplified due to the extensive library of subroutines. Companies using fabric include:

  • Snap
  • Coursera
  • Instagram
  • Sosh
  • FlightAware
  • The Orchard

Fabric development is managed by Jeff Forcier. He is assisted by open-source developers who add suggestions and patches through the Fabric mailing list, on IRC chats or via GitHub.


SaltStack is an open-source platform based on Python, and it is used for managing and configuring cloud infrastructure. It was developed by Thomas S. Hatch using ZeroMQ to create a better tool for collecting and executing data at high speeds. Initially released in 2011, Reliable Queuing Transport (RAET) was added in 2014. The project has subsequently been developed through a partnership that includes several large enterprises. SaltStack was built from the ground up to be highly modular and flexible, and able to adapt to diverse applications. It creates Python modules that each manage a different part of the Salt system. You can detach and modify the modules to fit the needs of your project. Each module is designed to handle a specific action. The six types of modules include:

  • Execution modules which offer functions for directly executing the remote execution engine as well as help manage portability and core API functions.
  • Grains detect system static information and keep it in RAM for fast access.
  • State modules represent the back end, executing code to configure or change a target system.
  • Renderer modules pass information to the state system.
  • Returners modules manage the return locations associated with remote execution calls.
  • Runners are convenience apps.

SaltStack created a buzz early on by capturing the 2014 InfoWorld Technology of the Year Award as well as the 2013 TechCrunch Award for Most Exciting Project. Organizations and companies using SaltStack include Adobe, Jobspring Partners, Dealertrack Holdings, JumpCloud and International Game Technology.

This article covered five of the top infrastructure configuration and management tools available. It’s a highly dynamic area of enterprise computing, with new tools constantly evolving to solve various challenges. Each of these solutions gives you lots of ways configure your infrastructure, allowing you to manage digital transformation at scale easily and efficiently.

Learn more

Find out more about our Infrastructure Monitoring tool.

The post Deploying at Scale: Chef, Puppet, Ansible, Fabric and SaltStack appeared first on Application Performance Monitoring Blog | AppDynamics.

Read the original blog entry...

More Stories By Jyoti Bansal

In high-production environments where release cycles are measured in hours or minutes — not days or weeks — there's little room for mistakes and no room for confusion. Everyone has to understand what's happening, in real time, and have the means to do whatever is necessary to keep applications up and running optimally.

DevOps is a high-stakes world, but done well, it delivers the agility and performance to significantly impact business competitiveness.

Latest Stories
China Unicom exhibit at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. China United Network Communications Group Co. Ltd ("China Unicom") was officially established in 2009 on the basis of the merger of former China Netcom and former China Unicom. China Unicom mainly operates a full range of telecommunications services including mobile broadband (GSM, WCDMA, LTE FDD, TD-LTE), fixed-line broadband, ICT, data communica...
Whether you like it or not, DevOps is on track for a remarkable alliance with security. The SEC didn’t approve the merger. And your boss hasn’t heard anything about it. Yet, this unruly triumvirate will soon dominate and deliver DevSecOps faster, cheaper, better, and on an unprecedented scale. In his session at DevOps Summit, Frank Bunger, VP of Customer Success at ScriptRock, discussed how this cathartic moment will propel the DevOps movement from such stuff as dreams are made on to a practic...
In their Live Hack” presentation at 17th Cloud Expo, Stephen Coty and Paul Fletcher, Chief Security Evangelists at Alert Logic, provided the audience with a chance to see a live demonstration of the common tools cyber attackers use to attack cloud and traditional IT systems. This “Live Hack” used open source attack tools that are free and available for download by anybody. Attendees learned where to find and how to operate these tools for the purpose of testing their own IT infrastructure. The...
SYS-CON Events announced today that CA Technologies has been named “Platinum Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business – from apparel to energy – is being rewritten by software. From ...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex softw...
SYS-CON Events announced today that Loom Systems will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Founded in 2015, Loom Systems delivers an advanced AI solution to predict and prevent problems in the digital business. Loom stands alone in the industry as an AI analysis platform requiring no prior math knowledge from operators, leveraging the existing staff to succeed in the digital era. With offices in S...
SYS-CON Events announced today that Cloud Academy will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud computing technologies. Ge...
Historically, some banking activities such as trading have been relying heavily on analytics and cutting edge algorithmic tools. The coming of age of powerful data analytics solutions combined with the development of intelligent algorithms have created new opportunities for financial institutions. In his session at 20th Cloud Expo, Sebastien Meunier, Head of Digital for North America at Chappuis Halder & Co., will discuss how these tools can be leveraged to develop a lasting competitive advanta...
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
With billions of sensors deployed worldwide, the amount of machine-generated data will soon exceed what our networks can handle. But consumers and businesses will expect seamless experiences and real-time responsiveness. What does this mean for IoT devices and the infrastructure that supports them? More of the data will need to be handled at - or closer to - the devices themselves.
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
My team embarked on building a data lake for our sales and marketing data to better understand customer journeys. This required building a hybrid data pipeline to connect our cloud CRM with the new Hadoop Data Lake. One challenge is that IT was not in a position to provide support until we proved value and marketing did not have the experience, so we embarked on the journey ourselves within the product marketing team for our line of business within Progress. In his session at @BigDataExpo, Sum...
The taxi industry never saw Uber coming. Startups are a threat to incumbents like never before, and a major enabler for startups is that they are instantly “cloud ready.” If innovation moves at the pace of IT, then your company is in trouble. Why? Because your data center will not keep up with frenetic pace AWS, Microsoft and Google are rolling out new capabilities In his session at 20th Cloud Expo, Don Browning, VP of Cloud Architecture at Turner, will posit that disruption is inevitable for c...
SYS-CON Events announced today that Telecom Reseller has been named “Media Sponsor” of SYS-CON's 20th International Cloud Expo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.