Configuration management: Puppet is worth it.
By gildor on Friday, October 19 2012, 18:54 - Permalink
Replying to an old blog post of Martin F. Krafft: Configuration management, I want to give my point of view.
The problems listed by madduck are quite common with Puppet, but I think Puppet is still worth, mostly because you can solve all these problems.
Let give you my opinion on the list:
- Non-Unix approach to everything (own transport, self-made PKI, non-intuitive configuration language, a faint attempt at versioning (bitbucket), and much much more…)
True. I think the approach of puppet is not really UNIXish. It is probably on purpose. The biggest issue is probably the PKI. It breaks frequently for unknown reason. The "non intuitive configuration language" is probably a matter of taste. I think the language is not very well designed and strange, but I can cope with that. The attempt to versioning -- if I understand correcly what it means -- refers to the fact that when Puppet replace a file it moves the old file to a bucket. This is not a good thing, but you can say "backup => '.puppet-bak'" and you get almost the same behavior as ".dpkg-old".
False debate. We can discuss for hours on Ruby, PHP, Java or whatever pet language people has invented. I am not a fan of Ruby but it is still nice as a general purpose language. To my mind, Ruby is still better to write daemon than bash.
- Abysmal slowness
info: Caching catalog for centi..... info: Applying configuration version '1350597216' notice: Finished catalog run in 3.08 seconds
The config of this node is not complex, but 3s is not that bad for something that runs every 30min. If you need sub-second speed for this kind of thing, maybe you are not looking for this kind of tool. Does 144s of server time per day is a big deal ?
With a lot more complex setup, I can reach 30s for a run, although this is the point where I manage a lot of thing with it.
- Lack of basic functionality (e.g. replace a line of text)
False and True. Augeas allows you to replace a single value (even more precise than a line). Just have a look at the augeas type. This is pretty nice and allow to do thing like replacing "Defaults env_reset" by "Defaults env_reset, !tty_tickets" in 4 lines of code. So this i not precisely "a single line of text", but there is other way to do it.
- Host management and configuration programming intertwined, lack of a high-level approach to defining functionality
False. Well if you organize your code with manifests/site.pp and manifests/classes/*.pp, it seems like there is a separation between the two. Next you can try inheritance and define to create specific high-level features.
- Horrific error messages
False-ish. Hey at least there are error message ;-) Now, most of the error that are related to the programming language are useless (at least as cryptic as a C++ error message). But as usual with error message in programming language
- Catastrophic upgrade paths
True. Multi versions installation is horrible and you have to fix a lot of stuff to manage a sane overall configuration.
- Lack of IPv6 support
Not sure to understand this point, I use puppet over IPv6...
To whoever is considering using puppet, this is worth a try. It is a nice system that really helps to maintain a decent configuration across nodes.