Puppet vs CFEngine
(Original article: https://www.scriptrock.com/blog/puppet-cfengine/)
While most people think of Puppet and Chef when they’re thinking about Configuration Management tools, other alternatives exist. One notable example is CFEngine. In this post, we’ll compare Puppet to this older, more established configuration management tool.
CFEngine is actually significantly older than Puppet or Chef, dating back to 1993. It was created by Mark Burgess and, like Puppet, started out as an open-source configuration management tool, not an an enterprise Configuration Management product. It wasn’t commercialized in 2008. CFEngine has been described as the grandfather of configuration management tools.
So how do CFEngine and Puppet differ from one another?
Complexity and Power
While Puppet is heralded to be more “Ops-friendly”, due to its model-driven approach and relatively small learning curve, CFEngine resides more in the “Dev-friendly” side of the spectrum.
CFEngine runs on C, as opposed to Puppet’s use of Ruby. C is the more low level of the two languages, and one of the main complaints regarding CFEngine is that the learning curve is very steep. It does mean though that CFEngine has a dramatically smaller memory footprint, it runs faster and has far fewer dependencies.
Puppet’s model-driven approach means a smaller learning curve, which makes it a preferred option for sysadmins with limited coding experience. The model-driven approach also takes on a lot of the responsibility for dependency management. Some argue that this can result in unexpected behaviour though and has its limits.
Puppet’s edge here is avoiding specific nuances across operating systems, which exist when using CFEngine. However, Puppet and CFEngine have excellent support across platforms.
Puppet and CFEngine both have strong user communities, as they are both mature tools. CFEngine has a strong international presence, headquartered in Oslo, with several US offices as well.
CFEngine’s site claims that they currently manage more than 10 million nodes. Puppet is less specific about exactly how many servers their software runs on, but they have an impressive list of customers.
Both Puppet and CFEngine have moved past early missteps (or lack of focus) on the documentation front. Both have online references available:
Whatever your choice it is always wise to look to third party reference material to get a full appreciation of the power and nuances of each tool.
Naturally, due to its open-source origins, CFEngine (like Puppet) has a free open-source version available. Puppet’s Enterprise edition provides 10 free nodes, and then charges $99 per node per year (with bulk discounts available). CFEngine’s pricing after the 25 free nodes is unspecified, they require you to contact a sales representative for more pricing information – they offer “promotional pricing” based off of a client’s particular needs.
One key benefit of CFEngine’s pricing model appears to be that its pricing is more customizable to a company’s specific needs. CFEngine also offers significantly more free nodes than does Puppet.
At a high level if coding and complexity doesn’t scare you, if small agent footprints and speed matter and you’ll take control and scale over simplicity then CFEngine may be for you. If the relatively smoother onboarding and simpler model driven approach is more attractive then Puppet may well be for you. As always, both tools are available to trial at no cost so if you have the time choose a representative (if modest) configuration to automate using each and compare and contrast. Nothing beats hands on experience.