A week with Puppet

Prior to the last week, I hadn’t done much with Puppet. Most of my config management experience is with Microsoft tools and Ansible.

Puppet was a contender the last time I was involved in picking a CM tool, but was ultimately ruled out. Compared to some of the newer CM tools, it felt clunky and, compared to Ansible specifically, the Puppet documentation sucks.

A week in, I can’t say that I’m a fan yet, but I’m starting to see some of Puppet’s strengths more clearly.

So far, the things I like:

Extensibility. It appears that you can integrate pretty much anything with Puppet (and that pretty much everything has been integrated with Puppet).

You don’t have to be a ruby expert to use it. Enough said.

Model-driven. This is personal preference. I get why people like procedural config, but I feel like I have to spend way more time figuring out what is going on in a Chef cookbook or SCCM/SCOM task sequence vs Puppet or Ansible.

ERB templates. None of the jinja2 crap that Ansible uses.

Some things I don’t like:

No stop on failure. If a step in your Ansible playbook throws an error, the whole playbook stops. I like this, it gives me more confidence that the end state has actually been achieved. I’m sure you can probably integrate something with Puppet to mirror this behavior, but straight out of the box if something errors, it just keeps rolling.

Random ordering. Ansible plays run from the top of the YAML doc down. Puppet just tries everything in random order unless you explicitly chain tasks together.

Sub-par cloud modules. Ansible’s modules for AWS and Azure are easier to use and seem more mature, which is odd considering how much older Puppet is. Defining and configuring a cloud stack in Ansible is more intuitive to me than what I’ve found with Puppet.

Sometimes hard to follow. As long as you’re just referencing facter data (Puppet’s inventory) or variables within Puppet manifests, it’s pretty simple to figure out what’s going on. Throw in Hiera, Puppet’s key/value DB, which may in turn be referencing other data sources and things start to get confusing.


If I was building something from scratch, I still think I’d use Ansible, but (again, only a week in) Puppet is starting to feel like a better option than it has in the past.

Reading things like Lyft’s experience with Puppet and moving away from it have dampened my expectations somewhat, but I’m hopeful I’ll find more to like than dislike as I get further along.

Originally published on BestTech.io