Tag: CFEngine

Automation: CFEngine and Puppet

For a system administrator of Linux, he probably is interested in 2 powerful tools: CFENGINE and Puppet, besides popuplar Perl.

1. CFENGINE

CFEngine (http://cfengine.com/) is Configuration Management Software For Agile System Administrators. Its primary function is to provide automated configuration and maintenance of large-scale computer systems, including the unified management of servers, desktops, embedded networked devices, mobile smartphones, and tablet computers. CFEngine can be used in:

  • Configuration Management
  • Cloud Services
  • CMDB/CFDB
  • Monitoring & Performance
  • IT Compliance
  • Security
  • System Event Orchestration
  • Application Deployment

Suppose if making all the above automation, the administrator’s duty will be pretty easy and released.
I used some CFEngine codes before, it is some kind of Perl’s hash table, like this:

body common control
{
inputs => { "cfengine_stdlib.cf" };
bundlesequence => { "test" };
host_licenses_paid => "1";
}

2. Puppet

According to puppetlabs(http://puppetlabs.com/),
Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to patch management and compliance. Using Puppet, you can easily automate repetitive tasks, quickly deploy critical applications, and proactively manage change, scaling from 10s of servers to 1000s, on-premise or in the cloud.

Puppet uses a declarative, model-based approach to IT automation.

  1. Define the desired state of the infrastructure’s configuration using Puppet’s declarative configuration language.
  2. Simulate configuration changes before enforcing them.
  3. Enforce the deployed desired state automatically, correcting any configuration drift.
  4. Report on the differences between actual and desired states and any changes made enforcing the desired state.

Is Puppet the Next Generation CFEngine?

According to CFEngine’s Tech FAQ (http://cfengine.com/techFaq#puppet), the answer is No.
Although somewhat inspired by CFEngine, Puppet has taken a different approach to the problem, attempting to improve the ease of getting started for small networks where machines are mostly all identical. CFEngine 3 goes far beyond Puppet in its capabilities for both system modelling and system repair, while at the same time being a tenth of the size and up to 40 times more efficient (according to sources). Puppet is completely reliant on the network for operations, whereas CFEngine is fault tolerant and opportunistic with network resources.