Chef vs Puppet vs Ansible vs Saltstack

Chef vs Puppet vs Ansible vs Saltstack: Which Works Best For You?

Chef, Puppet, Ansible, and SaltStack are industry-wide used DevOps tools. They are all “configuration management” tools, which means they are designed to deploy, configure and manage servers. But do you know which among Chef vs Puppet vs Ansible vs Saltstack is the best tool for IT automation?

I have written this blog to let you know the pros and cons of each of these tools, after which you will be able to decide the most appropriate tool for your organization’s need and environment. These tools are very simple to use yet powerful enough to automate complex multi-tier IT application environments. Therefore, in this “Chef vs Puppet vs Ansible vs Saltstack” blog, I will answer many such questions for you.

You can go through the below table to get an overview of the metrics on which I will be comparing these tools.

Metrics	Chef	Puppet	Ansible	Saltstack
Availability	✔	✔	✔	✔
Ease of Setup	Not very easy	Not very easy	Easy	Not very easy
Management	Not very easy	Not very easy	Easy	Easy
Scalability	Highly Scalable	Highly Scalable	Highly Scalable	Highly Scalable
Configuration language	DSL(Ruby)	DSL(PuppetDSL)	YAML(Python)	YAML(Python)
Interoperability	High	High	High	High
Pricing (upto 100 nodes)	$13700	$11200-$19900	$10,000	$15,000(approx.)

These are many more factors on which you can compare these tools. Let’s dig deeper into each tool and understand the difference between Chef vs Puppet vs Ansible vs Saltstack.

Availability

Let me compare chef vs puppet vs ansible vs saltstack on the basis of availability. All the tools are highly available which means that there are multiple servers or multiple instance present. Say, if your main master or server goes down, there is always a backup server or the different master to take its place. Let us take a look at each tool one by one:

Chef – When there is a failure on the primary server i.e. chef server, it has a backup server to take the place of the primary server.

Puppet –  It has multi-master architecture, if the active master goes down, the other master takes the active master place.

Ansible – It runs with a single active node, called the Primary instance. If primary goes down, there is a Secondary instance to take its place.

Saltstack – It can have multiple masters configured. If one master is down, agents connect with the other master in the list. Therefore it has multiple masters to configure salt minions.

Ease of Setup

When I talk about ease of setup, let me add my personal experience because when I was installing chef, puppet and saltstack, I faced some issues but when I was installing Ansible, it was just like a cake walk. So let us focus on each tool one by one:

Chef – Chef has a master-agent architecture. Chef server runs on the master machine and Chef client runs as an agent on each client machine.  Also, there is an extra component called workstation, which contains all the configurations which are tested and then pushed to central chef server. Therefore, it is not that easy.

Puppet – Puppet also has a master-agent architecture. Puppet server runs on the master machine and Puppet clients runs as an agent on each client machine. After that, there is also a certificate signing between the agent and the master. Therefore, it is also not that easy.

Ansible – It has only master running on the server machine, but no agents running on the client machine. It uses ssh connection to login to client systems or the nodes you want to configure. Client machine VM requires no special setup, hence it is faster to setup!

Saltstack – Here Server is called as salt master and clients are called as salt minions which run as agents in the client machine.

Management

Before I explain the difference between these tools on the basis of management, let me tell you puppet and chef follows pull configurations & Ansible and Saltstack follows push configuration. You must be wondering what are these configurations? In push configuration, all the configurations present in the central server will be pushed to the nodes whereas, in the pull configuration, the slave nodes will automatically pull all the configurations from the central server without any commands. 

Chef – You need to be a programmer to manage the configurations as it offers configurations in Ruby DSL. Client pulls the configurations from the Server.

Puppet – Not very easy to manage the configurations as it uses its own language called Puppet DSL(Domain Specific Language). Client pulls the configurations from the Server. It is quite system-administrator oriented and there is non-immediate remote execution.

Ansible – Easy to learn to manage the configurations as it uses YAML i.e. Yet Another Markup Language which closely resembles English. Server pushes configurations to all the nodes. Good for real-time application and there is immediate remote execution.

Saltstack – Easy to learn to manage the configurations as it uses YAML as well. Server pushes configurations to all the clients. Immediate remote execution

Scalability

All the four tools are highly scalable. Suppose if you need to configure around 50 nodes today, and tomorrow say 500. Not a problem with these tools. It can handle large infrastructure, you just need to specify the IP address and the hostname of the nodes that you want to configure and rest of the task will be handled by these tools. Therefore, all these tools are highly scalable.

Configuration Language

Chef – Chef uses Ruby Domain Specific Language (Ruby DSL). It has a steep Learning Curve and its developer oriented.

Puppet – Puppet uses its own puppet Domain Specific Language (Puppet DSL). It is not very easy to learn and its system administrator oriented.

Ansible – Ansible uses YAML i.e Yet Another Markup Language (Python). It is quite easy to learn and its administrator oriented. Python is inbuilt into most Unix and Linux deployments nowadays, so setting the tool up and running is quicker.

Saltstack – Salstack also uses YAML (Python). It is again easy to learn and administrator oriented. 

Next, let us move forward and compare chef vs puppet vs ansible vs saltstack on the basis of interoperability.

Interoperability

In these tools, master or main server or you can also say control machine, has to be on Linux/Unix but their slaves or the nodes that they have to configure can be on windows. Let us have a look at each tool one by one:

Chef – Chef Server works only on Linux/Unix but Chef Client and Workstation can be on windows as well.

Puppet – Puppet Master works only on Linux/Unix but Puppet Agent also works on windows.

Ansible – Ansible supports windows machines as well but the Ansible server has to be on Linux/Unix machine.

Saltstack – Salt Master works only on Linux/Unix but Salt minions can work on windows as well.

Pricing

The enterprise cost for the configurations tools are as follows:

Chef – Chef Automate gives you everything you need to build, deploy in $137 node/ annual.

Puppet – Pricing for puppet ranges from $112 per node/year with a standard support plan to $199 per node/year with the premium plan.

Ansible – The pricing for Ansible Tower for standard IT operations up to 100 nodes is $10,000/year. This includes 8*5 support whereas premium offers 24*7 support for $14000/ year.

Saltstack – The cost for Saltstack Enterprise per 100 nodes is $15,00/ year(approx). You can contact the support for the current annual subscription price.

Now towards the end, I would like you to show the popularity of these tools i.e Chef vs Puppet vs Ansible vs Saltstack. Let’s have a look at the data trends in the image given below which shows how these tools have dominated the IT field for past 5 years.

As you can see above, puppet and chef are the old players whereas Ansible and saltstack are new players, and Ansible looks very promising with the growing trend. So, to conclude, all the four tools have their own advantages and categories in which they are better than the other.