[xorcist]

Interesting! Ansible is great technology. Not as mature as Puppet or Chef, but it's getting there. However Red Hat is currently heavily pushing (what I understand to be) their own fork of Puppet inside Satellite 6. So quite a few RHEL customers in the process of rolling out the latest Satellite is probably going to want to hedge their investment in it. Perhaps there is some Red Hatter here who could comment?

[chr15p]

Its not a fork of Puppet, Satellite ships with its own copy of Puppet (3.6 iirc) which it integrates to provide the configuration management side of the product but its stock un-modified puppet.

In fact the puppet side of Satellite is built around Foreman (http://theforeman.org/) which is an open source project that isn;t Red Hat controlled so even if Red Hat wanted to move 100% to Ansible it would be very hard work for little gain. It would also be a really bad commercial idea Puppet is by far the market leader and most of their customers buy satellite precisely because it integrates with their existing puppet manifiests.

So I expect Puppet to stay as Red Hat's goto configuration management tool, and ansible to be used more for its ad-hoc remote execution capabilities where puppet is nowhere near as good. RH already uses ansible in the installer for Open Shift for example because it can set up multiple boxes without needing an agent pre-installed.

[xorcist]

Oh, I understand it's stock Puppet inside the thing. But much of the tooling around it (the Hiera syntax, the dashboard, the DB) acts as an alternative to the tooling around Puppet.

Satellite 6 and Puppet Enterprise are direct competitors, and there is not much further upstream development on Puppet 3.6, so I expect Red Hat to have to take on the necessary development work during the life time of the product.

So, in essence almost a fork already, and in the future much more so. You already have to choose, you have to port your old codebase and tooling to one or the other.

[eLobato]

Foreman is working on Puppet 4 support [1], and I'd say we'll try to push it forward sooner than later as soon as we complete the migration to Rails 4. Foreman is the upstream for Satellite 6.

[1] http://projects.theforeman.org/issues/8447

[atsaloli]

Speaking of mature, CFEngine has been around since 1993 and is now in its third generation. I just wish they would do a little marketing.

[INTPenis]

I think what makes a product like ansible catch on is its use of a simple scripting language like python. This makes project participation more accessible.

Ordinary sysadmins can write their own ansible modules with ease. It's possible that cfengine has that now but ask sendmail about repairing an old reputation.

[dsmithatx]

Actually I think it's more the YAML config files than the fact it's written in Python. I learned 80% of Ansible in probably 10 days of writing playbooks and going through the infrastructure at my new job.

Also I used to work with Puppet in an 8000 server environment and Ansible and Salt both are so much more fun and easy to use than Puppet. I hear the same thing over Chef too.

Last Ansible is the only one that doesn't require any agents installed and does everything via SSH. At first I didn't think I'd like that coming from Puppet but, I can do everything I need to without another daemon to worry about.

[INTPenis]

I also came from operating one puppet environment to using ansible, and just like you the major sales points were ease of configuration with YAML and agentless deployment.

But development of the project has been fueled by skyrocketing participation. Myself and a friend of mine have both contributed small bits of code to the project without being professional developers, and looking at the github contributors they are in the thousands for a 3 year old project. Compare that to cfengine's 73 contributors.

[Florin_Andrei]

My thoughts exactly on all points except the last one.

It's definitely good to not be forced to use agents everywhere + a dedicated "mothership" instance, but sometimes I do wish I had Ansible agents on my instances, just so I could "git push" the whole thing and forget about it.

Looking forward to Red Hat following on their good old habits and open-sourcing Tower.

[dsmithatx]

Well to be fair I use Codeship with Tower to do auto-deployments so, if I "git push" to dev I'm done.

[piffey]

Have you had to use CFEngine in production though? It's atrocious.

[atsaloli]

I use CFEngine 3 in production and the report collection and instant insight into infrastructure that it provides is quite elegant.

(E.g. http://www.slideshare.net/cfengine/15-nice-reports-with-cf-e...)

For example, I wrote a report to inventory which hosts are connected to Active Directory, and had a pretty pie chart for management in minutes (across 2K+ hosts).