Puppet and Ansible

While Puppet and Ansible are often mentioned in the same sentence, and are both regarded as configuration management tools, they target a different set of tasks. Puppet is focused on the holistic, ongoing management of your data center, systems, and applications. Ansible is primarily focused on task execution and orchestration. The right solution for your organization depends on what you want to achieve long-term.

Puppet Enterprise is built to scale

Unlike Ansible, Chef, BladeLogic and other solutions, Puppet Enterprise is built to scale your configuration management practices enterprise-wide so that you can meet business needs faster and more efficiently, with lower risk.  Teams unify around a common language, a single set of processes, and a single source of truth.

Puppet’s model-driven approach means you define the desired state of your infrastructure — across your entire data center; in virtualized and cloud environments; and everything you’re running in containers — and Puppet takes care of the steps to get there.

A tool like Ansible, following procedural instructions defined by the user, streamlines ad-hoc, event-based tasks. Its agentless approach makes it easy for small- and mid-size teams to get up and running quickly, at a certain scale.

For a single source of truth with holistic reporting across your entire infrastructure, agent-based automation with Puppet allows the greatest insight, control and flexibility.

Why Puppet Enterprise

  • Scale across your enterprise — and minimize silos
  • Detect out-of-process changes, and automatically remediate them
  • Achieve security and compliance with holistic infrastructure reporting
  • Wide platform support to maximize your investment
Puppet is built to scale
Schedule a consultation with a product expert
Learn about the advantages of Puppet Enterprise

Only in Puppet Enterprise

Change simulation

Puppet’s model-driven approach means you can compare the actual state of your infrastructure to its desired state. In simulation mode, also called no-op, you can preview any changes your code will make without any actual impact to your systems. Simulation mode is native to Puppet’s operation, so all configurations that you define within your Puppet code can always be run in a simulation mode.

Desired state conflict detection

Puppet understands the relationships between all configurations on a system, and generates a single model of your infrastructure. Using this model, Puppet can find conflicts in the desired configuration.

This means that if two different team members are writing Puppet code, Puppet will protect one person’s code from overwriting the other’s. As your automation contributors grow over time, this guarantees your systems are truly in the desired state.

Unmanaged configuration purging

Puppet understands all system configurations, whether they’re being managed by Puppet or not, and can remove configurations that aren’t being managed by Puppet. Things like erroneous firewall rules, IIS sites, packages, SSH keys, certificates and more can be purged from the system so they do not represent a security risk.

Built-in intelligence

Puppet understands configuration dependencies, and handles configuration failures intelligently. If a failure occurs, Puppet will skip configurations that are dependent on the failed configuration, and continue managing configurations that have no relationship to the failure.

The orchestration capabilities in Puppet Enterprise follow the same approach. Puppet knows the relationships between the web of services on your infrastructure and can automatically determine the order of operations and concurrency when delivering a change.

System introspection

Puppet has the ability to introspect a system’s existing configuration to report on current configurations, even if they’re not managed by Puppet. You can use this information to inventory all the existing packages, users, SQL Server databases, firewall rules, etc. so you can quickly know what you need to automate.

Configuration settings management

Puppet Enterprise lets you assign default infrastructure configuration settings, such as NTP servers and database credentials, based on location, virtualization platform, infrastructure environments and more. You can also build hierarchies to override default settings when needed.

Puppet capabilities