Chef, Puppet, Ansible
I’ve been using Chef for years. Since it was in 0.7 and very rough. Before Chef, I was using Puppet. Before Puppet, there was shell scripts.
I switched from Puppet for a few reasons (I’m not sure if they apply anymore though):
- In 2009, we built our own private cloud on some blades and at the time there was no nice way to create hosts automatically. But then knife came along and we fell in love with it. knife your_plugin_here could fire up and bootstrap a host. That simplified everything dramatically.
- Search - it made everything easier. You could fire up as many nodes as you wanted, not know anything about them, and be sure that they would be eventually consistent.
- The Puppet DSL just wasn’t flexible enough at the time. We were pretty much hamstrung by that for complex setups.
- Ordering - it was nice to have items run in the correct order without writing it explicitly.
Chef may still be the best of breed. It’s great for firing up hosts, configuring, searching, being eventually consistent. But it has a lot of irritating problems which end up wasting time.
- It has tons of cookbooks out there. Unfortunately, only some of them work. Half the time it’s faster to roll your own than do the debugging. 1
- It’s complex. At the end of the day, everyone has a job to do and chef makes life a bit harder than it should. Case in point, debugging. Forget the test writing, getting the correct dependencies, and all that. There’s a nice SDK for that. That is my point. To be good at writing and debugging chef code, you need a high level of skill. That type of skill is hard to find and hard to teach.
- Infrastructure as code. I really thought this was a great idea at the time, but the learning curve is too high. If you’re trying to teach and train a team, it becomes a difficult exercise, even if they are developers. There’s a whole bunch of best practices such as doing wrapper cookbooks, lwrp’s and dsl, roles vs recipes, arrangement of data bags, cookbook versioning, setting up environments, etc. If you already know and are setup, great. If not, well, it will take time to get chef working well.
I’ve been playing around with ansible for some local projects and it seems to do the trick. The next few posts I will be exploring if it can do everything that chef can do.
tl;dr - Chef is complex. Looking to see if something can do the same thing without the same headaches
- A bit of a digression here. The other day I wanted to install Hubot and do some flowdock integration. What happenned? First thing, go search and find two cookbooks . Download them. Install them on the chef server with berkshelf. I mean, a cookbook has 1.7 million downloads, that’s got to mean something, right? And here’s the thing, the cookbook looks great, but it just didn’t work. It failed because it has a dependency on the nodejs cookbook which changed the name the scripts the hubot cookbook was including. So I spent 30 minutes messing around with the hubot cookbook, followed by 30 minutes writing my own cookbook to do the same thing. [return]