With virtualization on the rise along with cloud computing breakthroughs, the standard On-premise services and infrastructure management has become highly scalable and simple. The need for managing large number of servers within or outside the organization has become the prime focus in recent times. This led to the concepts called data center orchestration and configuration management. When groups of identical servers, applications and services are managed on virtualization frameworks or are running on cloud instances, the ability to administer them in one go will always be time saving and efficient. This can range from managing installations that support large applications to maintaining a desired state of a vast number of servers.

Chef and Puppet are some of the most efficient configuration management tools built for this very reason, which are very prominent in the industry. Each has its own Pros and Cons depending on the goals of deployment and configuration. Let’s take a look at the design and purpose of both Chef and Puppet and review scenarios where they best fit in.


Chef is essentially a tool for automation, provisioning and configuration management. It follows the traditional client server architecture where a Chef Server acts as a centralized hub for storing system configuration information and policies (in Chef Terminology we call them recipes and cookbooks). Following are some of the significant components provided by the platform

Chef client is installed on every node that is being managed, which communicates with the Chef server to perform configuration tasks on the local machines. Workstation is where we test and maintain the cookbooks and then upload them to Chef Server. Chef Analytics provides platform for real-time reporting and notifications around Chef Automation activities. Chef Supermarket is the place where we can find large number of cookbooks contributed by the community for performing various management tasks. All we need to do is pick up the cookbook which satisfies most of our requirements, do the required changes and voila!


Puppet is operations and sysadmin-oriented tool which is essentially complete in terms of available actions, modules and user interfaces. It gives the whole picture of data center orchestration circumscribing almost every operating system. Initial setup is pretty straightforward, which includes installing a master server on one system and client agents on each system that needs to be managed. The command-line interface (CLI) allows module downloads and installing them via puppet command. The configuration files contain the required tasks which need to be executed and the clients which are configured to check with the master will execute those tasks when there is a push which triggers the modifications immediately.

Puppet Enterprise provides the most complete Web UI which helps real-time control of managed nodes using prebuilt modules present on the master puppet server and also contains reporting tools which give complete information about the agent behavior and the changes that have been carried out. It also has a community hub where we can find different modules for carrying out specific configuration tasks.


Ansible is a configuration management and provisioning tool which can carry out configuration management, application deployment, and task automation. It can also do IT orchestration, where we have to run tasks in sequence and create a chain of events which must happen on different servers or devices. Playbooks contain the configuration changes that need to be carried out which are handled using YAML syntax. Playbooks can also use templates to extend their functionality. It is a powerful open source tool with very simple setup. It doesn’t require any agents on target nodes or servers. Ansible can be useful if you want to perform operations quickly without worrying much about setting up master server and agents in the machines that need to be managed.

Chef/Puppet Vs Ansible

Compared to Puppet or Chef, Ansible is very fast because of the agent-less deployment and communication. It does not use an agent on the remote host. Instead Ansible uses SSH which is assumed to be installed on all the systems you want to manage. Ansible is built on Python, in contrast to the Ruby foundation of Puppet and Chef. Learning curve for Ansible is not as steep as Chef/Puppet because of excellent documentation. Playbooks are pretty straightforward and clearly structured which makes it easy to learn and understand. Ansible provides better security using SSH/SSH2 which is better in several ways than security provided by Chef/Puppet.

We can clearly say that Ansible will be the emerging configuration management and IT orchestration tool which has the capability to take over the leading tools such as Chef and Puppet due to its simplicity and agent-less nature. It is still in development phase for different operating systems such as Windows and Mac-OS as more modules keep getting added regularly. It is fully functional for Linux based systems though.