The fact you are reading this means you are likely to have some level of interest and understanding about Infrastructure as Code (IaC) already.
It's a broad area with different IaC tools having strengths in different areas.
For the purposes of this review, the following provides a useful outline.
Infrastructure as Code is the process of using machine-readable definition files to manage your IT infrastructure. IaC automates the manual tasks usually associated with computing infrastructure configuration and implementation.
By doing this, IaC:
Speeds up configuration and implementation of new computing infrastructure;
It reduces the cost and resource needed to scale and manage large infrastructure;
It eliminates the inconsistencies that inevitably occur when multiple individuals manually configure new equipment or applications.
IaC is not limited to on-premise IT. It can also span hosted cloud, public cloud and even SaaS-based applications.
For companies with increasingly complex multi and hybrid cloud setups, being pushed to manage more with no increase in IT resources, IaC is a digital transformation enabler.
It's a crowded market, so how do you choose the right solution? With IaC, it's not a clear cut decision; the major players have different strengths and different approaches.
Here is our assessment of the leading IaC solution providers for 2020.
Red Hat Ansible Tower
Red Hat® Ansible® Tower is the supported version of this leading open-source IaC solution. It leans heavily on visuals with a graphical dashboard giving you a simple monitoring tool of your IT infrastructure. Red Hat has focused on making Ansible intuitive and easy to integrate across a wide variety of platforms.
Ansible is arguably the most intuitive and straightforward IaC tool to set up and use. It doesn't require coding skills, using a human-readable configuration language.
Because Ansible is rooted in open source, it has a large selection of "playbooks" that can be drawn on for pre-configured processes.
Despite being simple to use, Ansible is still a powerful solution, which enables processes to be automated for highly complex IT workflows.
Ansible is highly flexible and adaptable, enabling total orchestration of an entire application environment irrespective of where it has been deployed.
Agentless: no software, network configuration or management tools are required on the client systems where you want to automate workflows.
If you're looking for a powerful yet lightweight and simple platform for building infrastructure, deploying and configuring applications, and one that will seamlessly allow you to implement enterprise-wide automation, Ansible is the solution that you want.
Like Ansible, Chef is another popular IaC tool that is widely used to configure, deploy and manage infrastructure across the network, regardless of size. By using user-defined "recipes", which can be grouped as a "cookbook" (hence the name), you can ensure that every resource that you need is properly configured and in the desired state. It provides a central location where you can manage your infrastructure, security policies, and system dependencies to gain visibility, consistency, and repeatability into your systems.
Chef is supported on multiple platforms, including AIX, RHEL/CentOS, FreeBSD, OS X, Solaris, Microsoft Windows and Ubuntu. However, compared to other lightweight tools like Ansible, the architecture used by Chef is relatively complex.
Some of the key features of Chef include:
Cookbooks, combined with the fact that Chef uses Ruby DSL as its programming language means that while the learning curve for Chef may be more complicated than other tools, it can be applied to the most complex workflows;
Chef detects configuration inconsistency creep across infrastructure and automates the process of returning servers to an enterprise-wide consistent state; and
Chef is strong on security, embedding tests within the delivery process, also ensuring consistent security across heterogeneous infrastructure.
Puppet is yet another popular tool for configuration management that uses the IaC approach. Puppet has also been around for a long time and has achieved maturity in the market. Among the strengths of Puppet are that its purpose and construction architecture mimics the software development model, making it appealing to some developers. As it is built on the client/server model, Puppet requires the deployment of agents on target machines that are to be managed.
Just like many of the other open-source tools in our list, Puppet also benefits from continuous enhancements, innovation and support from the active community, which allows for faster development into the content market.
However, note that the complexity makes deployment using Puppet more challenging and time-consuming than some of the other tools we have mentioned, with considerable prior planning required.
Some of the key features that Puppet is noted for includes:
Strong security awareness, ensuring applications meet security compliance policies;
Pre-deployment assessment of the impact of code changes. Reducing the risk that new deployment configurations could cause problems or issues; and
Puppet has a healthy eco-system of developers that share knowledge and extend the capabilities of the solution with new modules.
SaltStack is a platform built on Python that allows you to automate the configuration and management of your infrastructure as well as the software installed on it.
SaltStack uses the server/client model and is designed to be scaleable. However, it also has SSH support which means that it can be used without an agent.
Among the biggest strengths of SaltStack are its speed and performance, made possible by the lightweight ZeroMQ messaging library that it uses. SaltStack can be used to automate and remotely manage thousands of systems, including containers, servers, networking devices and more, giving you granular control. There are enterprise options that allow you to control everything centrally through a GUI or API.
However, there's also a steep learning curve involved. You and your teams are required to learn new concepts, terms and terminologies to really get going with SaltStack.
Terraform is fast gaining traction in the enterprise sector as an agentless solution that allows for safe and convenient design, management and improvement for Infrastructure as Code. It can be used to help you provision any application that's written in any language to any infrastructure.
Among the most significant benefits that Terraform has to offer is portability, allowing you to use this one tool and only one simple language for defining any of your infrastructures while still providing the simplicity of full-stack deployment. While most IaC tools create mutable infrastructure, which means bugs and other issues are difficult to diagnose and correct after each change to the environment, Terraform’s ability to provision immutable infrastructure ensures better control as continuous changes are inevitably made.
One drawback is that this approach requires more resources and runs at a higher cost. Moreover, being a relatively new solution compared to other platforms like Ansible, Puppet or SaltStack, it was created solely with the cloud in mind, where the others could work just fine with bare metal servers. This means Terraform works best as an orchestration tool if you have specific use cases in mind.
Pulling this all together.
It's worth noting that these products can even co-exist. As an example, Hashicorp's Terraform is excellent for setting up cloud servers, but not so strong when it comes to configuring them. They partner together with Red Hat Ansible to create one solution that leverages the strengths of both solutions.
Hopefully, this article has given you a starting point in your journey to narrow down the IaC product or products that are most likely to fit your needs and existing skill sets.
But if you would like to find out more, Forrester released a report which evaluated some of the world’s most significant infrastructure automation platform providers. To find out how BMC Software, Chef Software, HashiCorp, Micro Focus, Microsoft, Northern.tech, Puppet, Red Hat, SaltStack, Turbonomic, and VMware’s solutions stack up against each other, download the Forrester report by clicking here.