I haven't set up and used Chef in probably a decade, but I'm starting to put together enough of these Raspberry Pi servers that it probably makes sense to do some kind of light configuration management with them.

Follow

Now a question is- do I want Chef or Ansible?

I used Chef, but it's been so long I might as well start from nothing. Ansible looks simpler, and by default is agent-less (while Chef requires some thinking if I want to use it agent-less). Sigh.

@genehack Do you use Salt or are you just pouring salt into the wound?

Also a wise bearded man once said "Just run Slackware, use cfengine and then write a ton of Perl scripts to template out the cfengine configs."

@emacsen we were on ...Red Hat? at that point, I think.

No, I was serious; haven't used Salt in anger myself but have a friend who works there and it looks like it would be worth checking out.

(Also, $work is starting to use it, but I'm not directly involved in that work day-to-day.)

@genehack Your original cfengine config was on Slackware. This work was on Suse, and then we transitioned to Puppet on CentOS.

That was genuinely some amazing work on your part- not just the technical achievement of moving such a large group forward, but your ability to coordinate the needs of what was essentially more than a dozen customers to agree to this transition plan.

I'm still in genuine awe of your ability to work with so many parties and get things moving forward.

@genehack As for Salt... The use case I have in mind is that I have servers essentially in four locations, with a multitude of OSes, many of which are nothing more than RasperryPi's.

I'd like to keep the configuration centralized, but not place high demands on it. Salt is Big Infrastructure where I'm looking for something far more scaled down.

Looking at Chef-Solo vs Ansible, I ultimately have chosen Ansible- three reasons:

(...to be continued)

@genehack

1. Chef has a weird license scheme now. I don't have time to start going through it to figure out what is what.

2. Ansible seems designed for exactly the kind of "light configuration management" I need, managing a small number (<100) servers.

3. Learning Chef is re-learning Ruby. I don't mind Ruby, but Ansible uses Yaml and the modules are mostly in Python, so building out new modules will be faster for me. YMMV if you're a Ruby person, but last time I did Ruby was at NCBI.

@emacsen I don't have experience with Chef, and no strong opinion. I've used Ansible for a few years now, and it's not horrific. It has a tendency to deprecate and break stuff faster than I like, but it's useable for me.

I'm not sure what a really good configuration management system would be like. It'd at least have a strong, static type system.

@liw The only statically-typed system configuration kit is probably propellor.branchable.com/ , or possibly something based on dhall-lang.org/ .

@emacsen

@clacke @emacsen Propellor would be a step in the direction I want to go, if I understood Haskell. But that kind of benefit can be had via other means.

@clacke @emacsen @liw there is Domtool used at HCoop.net: wiki.hcoop.net/DomTool

This is specifically designed to allow multiple users to configure their own domains in a shared web server, DNS, mail server etc., without the ability to mess things up for anyone else.

@i @emacsen
I second that, #NixOS is by far the best option I have worked with.

@emacsen chef-solo or chef-zero can be used to avoid needing to use the server. I don't have experience with Ansible but if you're thinking of starting from scratch I don't think I would recommend Chef anymore. they now have a red hat-like licensing model where you have to buy a license to use their package builds. I haven't yet seen anyone else that knows how to build Chef.

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!