[TriLUG] Curious

stephen at physics.unc.edu stephen at physics.unc.edu
Mon Oct 27 13:35:12 EDT 2014 

(Re-sending from the address which is actually subscribed to this list.)

Once you grow beyond a handful of systems, using *any* system configuration 
engine is usually a win. It's less important which one you choose now, than 
that you choose one and learn it well. It's also quite likely that should you 
choose one, you'll eventually find the warts and want to investigate the 
others.

That said, puppet is the new go-to tool that all the "cool kids"(tm) are using. 
It's object oriented, high level, and once you grok its syntax its possible to 
write some simple to medium complexity actions quickly. It's also a resource 
hog and requires you to install ruby on all your puppet managed boxes -- 
something you might not relish doing. When I last looked at it, I was also less 
than fond of its upgrade experiences (syntax surprises, ruby surprises, 
requirement to upgrade the puppetmaster before clients, ...)

I've used Cfengine for the past 15 years, and while it periodically pisses me 
off to the point that I look at the alternatives, I keep coming back to it. 
It's the grand-daddy of system config software, and it hits the requirements 
that I must have -- it's fast, easy on resources, and doesn't depend on ruby 
(or perl,python,ssh, etc) being installed everywhere. That said, its syntax is 
not as easy to learn as some alternatives and while it has notion of 
object-orientedness to it, it seems to be a "me too!" feature in most places. I 
also had to custom-write much of the logic for doing our batch software 
installs and managing the iptables firewall. But on the plus side, the language 
was up to the challenge.

As always, YMMV.

In conclusion, it's one thing to read others' opinions. It's quite another to 
develop your own. So I'd recommend you develop your must-have list, narrow your 
list of options, and try out the top two or three choices.

Oh, and my opinions are my own, not my employers.

Cheers,
Stephen

On Mon, 27 Oct 2014, Z-man wrote:

> Thank you all, this is excellent information.  We have multiple teams
> working with Java, .NET, cobol (yes cobol), etc and have a need to store
> their builds/code/etc in subversion (by management decree).  As such, we
> are looking to find that deployment package piece (known here as a
> librarian software) and are investigating many.  We did look at Chef but no
> one here knows Ruby.  As such we are just now starting down the road of
> Puppet investigation.  So anything you can offer is helpful.
> 
> On Sun, Oct 26, 2014 at 11:58 PM, Igor Partola <igor at igorpartola.com> wrote:
> 
>> Puppet being morse code centric sounds about right. It is its own
>> language, has its own client/server setup yet can be run without it, has a
>> specific file layout you have to follow... It is confusing and weird. I use
>> it because it gets the job done and because I have not yet figured out how
>> to use Ansible :)
>> 
>> There are some great things about puppet:
>>
>>  - Has basic built in types that are idempotent. This is huge. I don't
>> want to reinvent this, and here Puppet delivers.
>>
>>  - It supports the right built-in types: package, file, service, user,
>> crontab.
>>
>>  - Extensive library of good modules to control things like Postgres,
>> Redis, MySQL, MongoDB, etc.
>>
>>  - It works when done right.
>> 
>> The bad:
>>
>>  - The language is confusing. Includes, imports, etc. suck. Creating
>> dependence is confusing and can be repetitive.
>>
>>  - It is much too slow for what it does. Basic package installation is
>> done one at a time. Some really simple manifests that would take 5 seconds
>> to run by hand, take minutes.
>>
>>  - Too many obscure features. The docs literally have things like "we just
>> released this feature, but don't use it. It's a bad idea."
>>
>>  - Errors cascade, but there is now way to tell puppet to stop on errors.
>> This way if installing MySQL fails, it will attempt to do other unrelated
>> tasks instead of saying "ok fix the MySQL thing first ".
>> 
>> In conclusion, I am not converting any existing projects from Puppet to
>> anything else, but I am looking at alternatives.
>> 
>> Igor
>> --
>> This message was sent to: Drummer <czdrummer at gmail.com>
>> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
>> address.
>> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
>> Unsubscribe or edit options on the web  :
>> http://www.trilug.org/mailman/options/trilug/czdrummer%40gmail.com
>> Welcome to TriLUG: http://trilug.org/welcome
>> 
> 
> 
> 
> -- 
> Craig Zimmer
> ***********
> "Boldness of action is often wrongfully perceived as uneducated."
> --

More information about the TriLUG mailing list