Open source configuration management tools make managing servers at scale easier, less time-consuming and more repeatable.
Configuration management tools provide automation, cloud orchestration, and remote management and execution that give IT greater control over its entire infrastructure. Beyond standardizing configuration on servers, the tools can install and maintain packages, upgrade or deploy new servers and manage a cloud infrastructure.
Without configuration management tools, IT administrators would manually deploy each VM needed in an OpenStack, Amazon Web Services, VMware ESXi or other environment. Instead of logging into each server to manually patch it, a systems administrator can remotely patch thousands of servers at the same time. The same goes for removing a user from servers.
"All of your server configuration is going to stay the same and consistent across your environment," said Nitin Madhok, a systems developer and programmer on the infrastructure code team at Clemson University. "So, if you installed an application on one server, you could install that application on a dev, production, test or whatever environment it is in the same way, following the same steps."
Companies can immediately fix security vulnerabilities such as Heartbleed on thousands of user-facing servers in under five minutes. LinkedIn manages more than 70,000 servers and can make a change on all of them in under a minute.
Chef, Puppet, Ansible and Salt are four major open source configuration management tools -- each with distinct differences. Puppet and Chef are coded in Ruby, a less commonly known programming language among IT professionals. Salt and Ansible use the more common language, Python, and users only have to be familiar with YAML (yet another markup language) to operate them. Salt and Chef also use ZeroMQ protocol, which allows users to create complex communication systems with little effort.
Salt and Puppet use a daemon approach and must be installed on every server. This allows for a master-slave control architecture. Chef and Ansible are daemonless, so no software takes up resources on the VM to manage it. The open source tools do require open Port 22 on each VM, which could leave servers vulnerable to attack. Salt also has a Secure Socket Shell tool, called Salt SSH, which allows the user to configure it similarly to Ansible. Each of these open source configuration management tools also come in supported, purchased enterprise versions that offer additional modules or features.
With the advent of container-based virtualization, application-based configuration changes are abstracted into containers. Read on to see how open source container management is evolving.