Chef IT infrastructure automation suites were developed by Chef Software in Seattle and acquired by Progress Software in September 2020. The Chef Enterprise Automation Stack is an integrated suite of automation technologies presented as a solution for delivering change quickly, repeatedly, and securely over every application's lifecycle. The Chef Effortless Infrastructure Suit is an integrated suite of automation technologies to codify infrastructure, security, and compliance, as well as…
N/A
Salt
Score 6.5 out of 10
N/A
Built on Python, Salt is an event-driven automation tool and framework to deploy, configure, and manage complex IT systems. Salt is used to automate common infrastructure administration tasks and ensure that all the components of infrastructure are operating in a consistent desired state.
Chef is a fantastic tool for automating software deployments that aren't able to be containerized. It's more developer-oriented than its other competitors and thus allows you to do more with it. The Chef Infra Server software is rock-solid and has been extremely stable in our experience. I would definitely recommend its use if you're looking for an automation framework. And it also offers InSpec which is a very good tool for testing your infrastructure to ensure it deployed as intended.
SaltStack is a very well architected toolset and framework for reliably managing distributed systems' complexity at varied scale. If the diversity of kind or number of assets is low, or the dependencies are bounded and simple, it might be overkill. Realization that you need SaltStack might come in the form of other tools, scripts, or jobs whose code has become difficult, unreliable, or unmaintainable. Rather than a native from-scratch SaltStack design, be aware that SaltStack can be added on to tools like Docker or Chef and optionally factor those tools out or other tools into the mix.
Targeting is easy and yet extremely granular - I can target machines by name, role, operating system, init system, distro, regex, or any combination of the above.
Abstraction of OS, package manager and package details is far advanced beyond any other CRM I have seen. The ability to set one configuration for a package across multiple distros, and have it apply correctly no matter the distrospecific naming convention or package installation procedure, is amazing.
Abstraction of environments is similarly valuable - I can set a firewall rule to allow ssh from "management", and have that be defined as a specific IP range per dev, test, and prod.
Chef could do a better job with integration with other DevOps tools. Our company relies on Jenkins and Ansible, which took some development and convincing for plug-ins to be created/available.
It would be nice if kitchen didn't only have a vagrant/virtual-box prerequisite. Our company one day stop allowing virtual-box to run without special privileges, and that caused a lot of issues for people trying to do kitchen tests.
Chef could use more practice materials for the advanced certification badges. There was not a lot of guidance in what to study or examples of certain topics.
The suite of tools is very powerful. The ability to create custom modules allows for unlimited potential for managing all aspects of a system. However, there is pretty significant learning curve with the toolset. It currently takes approx 3-4 months for new engineers to feel comfortable with our implementation
It loads quick enough for basically all our systems. Because we have this for local dev environments, speed isn't really a big issue here. Yes, depending on the system, sometimes it does take a relatively long time, but it's not an issue for me. One thing that is annoying is that if I want to make a small change to a cookbook and re-run the Chef client, I can't just make the change in the cache and run it. I have to do the whole process of updating the server.
Support for Chef is easily available for fee or through the open source community as most the issues you will face will have been addressed through the Chef developer community forums. The documentation for Chef is moderate to great and easily readable.
We haven't had to spend a lot of time talking to support, and we've only had one issue, which, when dealing with other vendors is actually not that bad of an experience.
We considered the three leading competitors in the field: Chef, Puppet and Ansible. Ansible is a very strong competitor and has a nice degree of flexibility in that it does not require a client install. Instead the configuration is delivered by SSH which is very simple. Puppet seems like it has fallen off the pace of the competition and lacked the strong community offered by Chef. We chose Chef because of the strong support by the company and the dynamic and deep community support.
We moved to SaltStack from Puppet about 3 years ago. Puppet just has too much of a learning curve and we inherited it from an old IT regime. We wanted something we could start fresh with. Our team has never looked back. SaltStack is so much easier for us to use and maintain.
The entire professional services team was great to work with. The curriculum was tailored to our specific use cases. The group we worked with were very responsive, listened to our feedback, was very easy to schedule and accommodate. I cannot say enough good things about our professional services experience
Chef is a good tool for baselining servers. It will be a good ROI when there are huge number of servers. For less number of servers maintaining a master will be an over head.
One good ROI will be that the Operations Team also gets into agile and DevOps methodologies. Operational teams can start writing scripts/automations to keep their infra more stable and their application stack more reliable.
Implementation of Chef eliminates the manual mode of doing things and everyone aligns to automation mind set. It helps in change of culture.
We manage two complex highly available self-healing (all infrastructure and systems) environments using SaltStack. Only one person is needed to run SaltStack. That is a HUGE return on investment.
Building tooling on top of SaltStack has allowed us to share administrative abilities by role - e.g. employee X can deploy software Y. No need to call a sysadmin and etc.
Recovery from problems, or time to stand-up new systems is now counted in minutes (usually under eight) rather than hours. This is a strategic advantage for rolling out new services.
