Puppet and Ansible

While Puppet Enterprise, part of Puppet’s automation portfolio, and Ansible are often mentioned in the same sentence, they target different use cases. Puppet Enterprise is used to standardize the ongoing management of infrastructure, systems and applications, and includes task execution and orchestration. Ansible is primarily used for task execution and orchestration.

Puppet Enterprise’s combination of model-driven, state-based automation plus programmatic task execution gives you a unified solution and single source of truth for managing the entire lifecycle of your infrastructure.

See a side-by-side comparison of the two solutions

Puppet Enterprise is built to scale

Puppet Enterprise is built to scale your configuration management practices across multiple teams and to hundreds of thousands of resources so that you can meet business needs faster and more efficiently, with lower risk. Teams unify around a common language, a single set of processes, and a single source of truth.

Puppet’s model-driven approach means you define the ongoing desired state of your infrastructure — across your entire data center, in virtualized and cloud environments, and everything you’re running in containers — and Puppet takes care of the steps to get there.

Puppet Enterprise includes task management

Sometimes, rather than modeling how you manage your infrastructure, all you need to do is run a one-off command or an orchestrated set of tasks at a particular point in time. Puppet Enterprise Task Management executes such tasks in a scalable and secure way.

Part of the Puppet Tasks™ ecosystem, Task Management simplifies task automation. It’s easy to troubleshoot individual systems, deploy one-off changes to individual systems, and execute sequenced actions as part of an application deployment workflow.

Puppet Enterprise wraps Ansible modules

Tasks in Puppet Enterprise can be commands, bash scripts, Puppet modules and even Ansible’s 1200+ modules. Puppet Enterprise becomes the secure, scalable way to manage, version, delegate and execute all infrastructure-as-code content.

Why Puppet Enterprise

  • Gain all the benefits of task execution and orchestration with built-in scale, governance, flexibility and team-oriented workflows
  • Scale across your enterprise — and eliminate islands of automation
  • Detect out-of-process changes and automatically remediate them
  • Prove security and compliance enforcement with holistic infrastructure reporting
  • Support multiple use cases with a single automation platform
  • Automate a variety of technologies and platforms to maximize your investment
  • Rationalize your automation toolset with a more cost-effective solution than Ansible

Learn about the advantages of Puppet Enterprise

Only in Puppet Enterprise

Change simulation

Puppet’s model-driven approach means you can compare the actual state of your infrastructure to its desired state. In simulation mode, also called no-op, you can preview any changes your code will make without any actual impact to your systems. Simulation mode is native to Puppet’s operation, so all configurations that you define within your Puppet code can always be run in a simulation mode.

Desired state conflict detection

Puppet Enterprise understands the relationships between all configurations on a system, and generates a single model of your infrastructure. Using this model, Puppet can find conflicts in the desired configuration.

This means that if two different team members are writing Puppet code, Puppet will protect one person’s code from overwriting the other’s. As your automation contributors grow over time, this guarantees your systems are truly in the desired state.

Unmanaged configuration purging

Puppet Enterprise understands all system configurations, whether they’re being managed by Puppet or not, and can remove configurations that aren’t being managed by Puppet. Things like erroneous firewall rules, IIS sites, packages, SSH keys, certificates and more can be purged from the system so they do not represent a security risk.

Built-in intelligence

Puppet understands configuration dependencies, and handles configuration failures intelligently. If a failure occurs, Puppet Enterprise will skip configurations that are dependent on the failed configuration, and continue managing configurations that have no relationship to the failure.

The orchestration capabilities in Puppet Enterprise follow the same approach. Puppet knows the relationships between the web of services on your infrastructure and can automatically determine the order of operations and concurrency when delivering a change.

System introspection

Puppet Enterprise has the ability to introspect a system’s existing configuration to report on current configurations, even if they’re not managed by Puppet. You can use this information to inventory all the existing packages, users, SQL Server databases, firewall rules, etc. so you can quickly know what you need to automate.

Configuration settings management

Puppet Enterprise lets you assign default infrastructure configuration settings, such as NTP servers and database credentials, based on location, virtualization platform, infrastructure environments and more. You can also build hierarchies to override default settings when needed.

For more information, see the complete list of Puppet Enterprise capabilities.