Puppet and Chef

While Puppet and Chef may be used in similar ways, they have different approaches. Puppet's unique model-driven approach to automation lays the foundation for DevOps practices like continuous integration and delivery, discovery and insights — and lets you adopt new tech, like Docker and Kubernetes, faster.

For your company to remain relevant, you must be able to deliver great software, and a great experience, to your users. And in order to do so, you need to fundamentally improve the way you work. Puppet’s automation platform is the industry standard for automating the delivery and operation of the software that powers everything around us.

Puppet Enterprise is built to scale

Larger IT organizations often have many individual contributors and specialized teams that work together to manage infrastructure. Operating at scale is a challenge that will never go away, and the tools you choose can make the difference between working effectively as a team and perpetuating — or even causing — siloed thinking, turf wars, and disjointed processes.

Compare configuration management solutions

The tool you use needs to address several challenges

Detecting conflict

Any infrastructure tool needs to understand when multiple teams or contributors intend to manage the same configuration differently. This needs to be known prior to any work being done on the node.

Making dependencies transparent

Infrastructure configuration can often be complex, with layers of dependencies. It’s critical that a tool not only makes the order of operations clear, but also makes clear the dependencies that exist between multiple configurations.

Establishing a single source of truth

Many tools are good at managing parts of your infrastructure. IT teams will often use one set of tools for managing and orchestrating application deployments, and another set for enforcing core infrastructure and middleware. It’s important that your tools can never conflict, while simultaneously ensuring that all underlying infrastructure is in its intended state prior to deploying application services.

Learning curve

Unlike Chef, Puppet does not require any experience with Ruby. Puppet’s simple domain-specific language (DSL) was designed to be easy to read and write for people without a background in software development. Despite the language’s simplicity, it features all the necessary features for defining modern configuration models such as loops, templates, and data validation.

Intelligent orchestration

Puppet builds a model of every configuration on every node for an entire environment, plus every infrastructure service distributed across multiple nodes within an environment. The model is used to intelligently determine the correct order of operations, what information needs to be shared between different services (credentials, locations, ports, etc.), and can show how all of this will be done so you can review prior to the actual orchestration.

Environment and node modeling

When you’re managing hundreds or thousands of configurations on a single node, or managing hundreds of different services across a multitude of business applications, it’s paramount that you understand how all the pieces relate. Puppet gathers all the infrastructure code assigned to a node to generate a complete model for how the node should look. Puppet Enterprise shows you the resulting model in an interactive graph so you can see how each piece of infrastructure code contributes to a node’s desired state.

Continuous delivery

Puppet Pipelines™ for Applications and Puppet Pipelines™ for Containers unite infrastructure automation and deployment workflows into a single pipeline that can run anywhere. From on-prem, public or private clouds, and on containers, Puppet offers automation for fast, predictable and repeatable delivery. Puppet Enterprise enables the continuous integration for your infrastructure as code through orchestration and node and code management.

Orchestration control

Puppet Enterprise enables applications and services to be modeled and managed with the same Puppet code that’s used to model your underlying infrastructure. Puppet Enterprise compiles a holistic environment graph of every application and infrastructure service, which models their dependency relationships. Puppet Enterprise users can direct change to as broad or as targeted a portion of infrastructure as is required for that moment. Puppet Enterprise uses the environment model to automatically determine the order of operations and the information that needs to be passed between nodes. Puppet Enterprise can recognize and wait for a service to become healthy before continuing to the next step of the deployment.

Puppet Enterprise

Only in Puppet Enterprise

Model-driven and task automation in one place

Only Puppet Enterprise enables you to make one-off changes and model your infrastructure as code in one solution. Puppet’s built-in task automation capabilities make it simple to execute tasks an imperative way. It’s easy to troubleshoot systems and devices, deploy point-in-time changes, and execute ordered changes as part of a deployment workflow.

Change simulation

Puppet’s model-driven approach means you can compare the actual state of your infrastructure to its desired state. In simulation mode, also called no-op, you can preview any changes your code will make without any actual impact to your systems. Simulation mode is native to Puppet’s operation, so all configurations that you define within your Puppet code can always be run in a simulation mode.

Desired state conflict detection

Puppet understands the relationships between all configurations on a system, and generates a single model of your infrastructure. Using this model, Puppet can find conflicts in the desired configuration. This means that if two different team members are writing Puppet code, Puppet will protect one person’s code from overwriting the other’s. As your automation contributors grow over time, this guarantees your systems are truly in the desired state.

Unmanaged configuration purging

Puppet understands all system configurations, whether they’re being managed by Puppet or not, and can remove configurations that aren’t being managed by Puppet. Things like erroneous firewall rules, IIS sites, packages, SSH keys, certificates and more can be purged from the system so they do not represent a security risk.

Built-in intelligence

Puppet understands configuration dependencies, and handles configuration failures intelligently. If a failure occurs, Puppet will skip configurations that are dependent on the failed configuration, and continue managing configurations that have no relationship to the failure. The orchestration capabilities in Puppet Enterprise follow the same approach. Puppet knows the relationships between the web of services on your infrastructure and can automatically determine the order of operations and concurrency when delivering a change.

System introspection

Puppet has the ability to introspect a system’s existing configuration to report on current configurations, even if they’re not managed by Puppet. You can use this information to inventory all the existing packages, users, SQL Server databases, firewall rules, etc. so you can quickly know what you need to automate.

Configuration settings management

Puppet Enterprise lets you assign default infrastructure configuration settings, such as NTP servers and database credentials, based on location, virtualization platform, infrastructure environments and more. You can also build hierarchies to override default settings when needed.