Starting from scratch. Ansible or puppet? (especially as we will be using foreman)

We have ordered a 60 node cluster. We have PXE boot and OS updates sorted via foreman, and freeIPA on another server. I have used puppet a few times, and created my own test scripts, but only about 30 mins worth of work. However the wind seems to blowing towards Ansible. I read somewhere that formean is scaling back on certain aspects of puppet infrastructure. What would Jesus do if he was in my position.

Hey @Michael

I think that really depends on your own organization’s needs and if you are starting from scratch on a new cluster, it will be a judgement call on what is best for you.

If you have time to join us today for the Foreman Birthday Party 2020, @tbrisker is going to talk about Foreman’s journey to making Puppet optional. This was discussed at length on Discourse also: The Road to Making Puppet Optional

Today there’ll also be a session on Katello and Pulp 3. From an Ansible & Puppet perspective, the changes here might be of note for you also because Katello is migrating from Pulp 2 to Pulp 3 and Pulp 3 currently has no content plugin for Puppet. That might be something to consider if you plan to manage Puppet content with Foreman. There was a blog in May and a short discussion around it that might be of interest to you: Foreman :: Katello - Saying goodbye to Pulp 2

1 Like

I think Foreman will be able to support both workflows for the foreseeable future. Foreman is about choice and making Puppet optional is a logical step. It allows you to strip down to a smaller deployment if you don’t use it. We do want to be as close as possible to the upstream product’s workflow. With Puppet we historically had a few ways because Puppet lacked functionality. Key here is that Puppet over the years gained a lot of that functionality. That means we do want to clean up some old methods.

My recommendation is always that it depends on the team. How well are they able to express themselves in either language. The goal is to get things done. Your teams skills, experiences and preferences are as much a factor in this as Foreman’s abilities.

2 Likes

Thank you for your replies. I observed the birthday presentations and was impressed by the focus of the developers to improve the already great product.

I will be going for ansible now I have been told the best way to learn is to google “satellite ansible” rather than “foreman satellite” or even “fireman satellite” (as my auto correct keeps wanting me to search).

1 Like

If you could let me know what resources you find that were more useful than what is available in our https://theforeman.github.io/foreman-documentation/master/Managing_Hosts/index-foreman.html WIP guide, I can see what we can do to make it easier for future users.

I have never come across that document before. I find this somewhat surprising given all the googling I have done. It would have been very useful.

I prefer documentation like this “https://www.redhat.com/en/blog/getting-started-ansible-satellite” which gives step by step guide to setting up a basic task (anisible role + variables) Such tasks gives the reader an ability to see the procedure, get something working, and they can use this as a basis to increase their knowledge and understand the more technical aspects by adding more features to thier options (when it stops working, they know what they did and can “roll back” to what works, and works out where they went wrong).

The best documentation I ever saw was one where readers could add things at the bottom of page (an issue they overcame, next steps to try etc (but NOT questions or comments on the quality of the documentation)).

I don’t usually mention it, but now I find myself mentioning this twice… I am partially sighted and find the animated gifs section of the manual extremely difficult to follow (the good news is I may be the only one who finds this). https://www.theforeman.org/plugins/foreman_ansible/3.x/index.html (section 4)/

If you need a fireman for your infrastructure, that’s a bad sign. Is that called that a red field deployment?

2 Likes

We are trying hard not to be config-management-specific. For historical reasons, Puppet is baked in while all others are plugins. In the future, everything should be plugin. You make your pick or you can use both if you want.