While I love spending every day messing with Chef and getting progressively better, I can't turn a blind eye to the other tools out there. One of the newer ones trending is the Ansible software suite. After playing with it for a bit, I have come to a few conclusions.
GOOD
It's learning curve is much easier to handle over Chef
I don't know if it is because I am used to config management principles more after Chef, but for me it
was a much shorter timeline for me to be functional with Ansible. Within a day of reading up on it I
was doing package installation and configuring services. This was a huge improvement over the several
week initial learning curve with Chef.
Agentless is great for a one time Deployment.
I am all about continued config management of servers, but the more i have messed with Chef, the more
I have realized my setups are very much a converge once and forget about it type of thing. This is
fine, but if a majority of what I am working on is only configured once, it seems to be a bit of
overkill have it constantly monitored with a server. Having Ansible for a one time convergence seems
to be a better option (especially over hosted Chef)
A plethora of modules
The last time I checked, there was over 200 modules being supported, with more being added to that
list every day. There were also separate third party modules that allow for more advanced
configuration and orchestration. All core modules are written in Python which has the potential for
in-depth adoption by openstack. Lots of potential for awesomeness there (ignoring the pain points of
openstack of course).
BAD
More advanced stuff is trickier
It may be just because I have a bias in terms of what I learned with Chef, but things that I take for
granted as simple in Chef have been a more arduous task with Ansible. One of the things that is easy
in Chef is creating Users and installing SSH keys. For me, this was a much more difficult task with
Ansible. While not that big of a deal, it is something that is worth noting.
Community modules are just as bad as community cookbooks are
This is just one example, but when I tried to use the Docker module to manage containers and images,
it was so much of a hassle that I gave up using Ansible for deploying Docker entirely. I thought
community coobooks were bad, but in this instance I actually found something worse. I am sure that
some of the public modules are fine, and the Docker one will get better, but in their current state
they are an imperfect system with which to install and maintain nodes. My immediate question was "why
try to learn two broken systems instead of figuring out all the workarounds in one?".
So in short, this is my conclusion
- Easy to learn basics on the front end, hard to do more advanced tasks
- Great for a one time deployment of basic packages and services, bad for continued state modification of applications
- Overall it does a lot of good things, but it still fits into the same problem of an imperfect config management system?
- If you are just starting out with these toys, I would start with Ansible. if you are trying to do advanced things and/or have already got your head wrapped around Chef, stick with Chef.