vendredi 18 décembre 2009

Bcfg2 V.S. Puppet

Bcfg2 and Puppets are two tools for system configuration management, where we want to install configuration files, packages and adjust permissions. It seems simple said like this, but it's near from trivial when the target machines are various operating system and versions.

Bcfg2 and Puppet, while they share the same goal, are completely different in terms of their concepts, how does the desired state is modeled. The fundamental concept here is more important than the actual implementation.

Puppet is like a programming language for system administration. It's another meta-language, with it's own syntax, to indicate what files, packages, users and such, should be present on a system. It's concepts are very close to Cfengine. Well, I used Cfengine a lot, even developing a small utility to automating the management of files under Subversion (svnengine). But, while using this tool, I really came to one simple conclusion : what a mess for so little! I ended up doing everything in scripts, which are copied by cfengine and run in a cron. Big deal.

Bcfg2 is not the same, because unlike Puppet, you don't program configuration elements, they are declared in XML document. The client, specific to a target, encapsulate actions on that target, their sequencing, error handling, etc. This model enables advanced behavior, because the model can be manipulated programmatically, which is not the case for Puppet. If you want to output a Puppet manifest, you have to output strings, which is a Middle Age practice!

Bcfg2 implementation itself has some glitches that must be fixed, but the concept behind it represents a building block for semantic system configuration management, which represent the future. Bcfg2 belongs to scientific field, while I think that Puppet has the exposure it has now because of marketing wave.

But, as the history reminds us, it's not always the best product or software that wins...

2 commentaires:

Kartar a dit…

Your statement about outputting Puppet as "strings" and being unable to manipulate it programmatically isn't quite correct.

You can manipulate Puppet manifests in a variety of ways, YAML and JSON for example, that are equally as powerful as XML. And IMHO far less hassle than mucking around with XML. :)

What version of Puppet are you looking at? Quite a lot has changed in the 0.25.x releases, including adding RESTful APIs for many things, that makes interacting with manifests and data even easier.

Look for rewrites of our event system and a far more "data" centric approach in our next major release too.

Unknown a dit…

Puppet's language was in no small part built as a response to the difficulty of managing Cfengine configurations. You won't need to write programs to manage your Puppet code, I promise you. :)

If you're assuming that Puppet == Cfengine, and choosing Bcfg as a result, I highly recommend you at least give Puppet a try. It's wicked easy, and you should know within mere hours whether it suffers the same problems.