I've been staying out of this thread for various reasons, but Rob's statement on "Puppet for CM and Ansible to Orchestrate it" resonates well with me.
One of the big benefits that I see with the Puppet DSL is the understandability of the language. I can show the DSL statements to most people and, when cleanly written (please don't be clever), I can communicate the intended state of the system in a relatively short timeframe to *non-technical* personnel. I can model business logic and I can present that business logic in an understandable fashion. When necessary, I can drop down into pure Ruby and do whatever I need to do. However, that capability is controlled behind a consistent API and provides a consistent and understood mechanism for controlling my systems. This means that I don't end up with 5 developers and 5 different styles across my Ruby space. This is *important* in multiple industries, particularly highly regulated industries. However, with the exception of the recent Orchestration capabilities that are 4.X only, use something else for Orchestration. MCollective, Ansible, whatever.... But, keep your business and security rules understandable and able to be maintained by someone other than you. I think that using 'puppet apply' in cloud environments hasn't been getting a lot of press, but it is very powerful when faced with writing loops in YAML. (You *can* write the YAML catalog by hand, but please don't). Finally, the SIMP project that I lead is a large infrastructure oriented project and we are, right now, going through the 3.X to 4.X migration phase. I wanted to chime into note that this has not been *hard* this has been *tedious* and required better testing in our modules. This is not a bad thing since we found bugs in our modules that we did not know existed previously. However, we are absolutely feeling the pain of the AIO installer and will be creating a mess of symlinks to ensure that upgrading existing systems works as expected. It's not a wonderful approach, but it should allow for rolling systems back and forth between 3.X and 4.X with impunity. Also, you still don't need PuppetDB if you don't want to use exported resources (we don't use them due to graph explosion if not carefully controlled) and, as pointed out in other threads, the API is standardized so you can use another solution as long as you implement the API. This, fundamentally, is one of the biggest advantages that I see to the 4.X ecosystem. The language was formalized and the APIs were standardized. To do this, some backward compatibility had to be broken, but (in theory) it was broken in the name of maintainability and stability over time. Full disclosure, my company is a services partner with Puppet Labs but, also full disclosure, we regularly review the automation space and will happily toss tools to the side if something more effective for our use cases and customers presents itself. Thanks, Trevor On Mon, Apr 11, 2016 at 12:30 PM, Rob Nelson <rnels...@gmail.com> wrote: > I think it's a great big programming anti-pattern, it's ugly as all hell, >> certainly nothing Apple would be seen dead near, and yet it's taking over. >> How? >> > > Everyone wants one tool to do everything. If you need Ansible because your > non-Nexus Cisco gear has no chef/puppet agent, why not just make the switch > everywhere? Yeah, you and I think that's a dumb reason, but people do > things for (or in spite of) dumb reasons all the time. Short of spending > all their time getting agents for every networking device out there, I > don't think there's much you can do to stop these kinds of migrations. And > do you really want to appeal to people who enjoy ssh for loops? The best > you can hope for is some synergy, which seems to happen when people > actually understand what their different tools are good for - Puppet for CM > and Ansible to Orchestrate it. > > >> Look, reach out to them. Somehow, I wish Puppet somehow could be more >> involved in the open source sites. I'm sure you know where they all are. >> Be available to them. >> > > I see PL employees on Reddit and SO and other sites all the time, and IRC > to boot. But those are sites I'm biased towards. What other sites do you > think are important and underserved? > > Rob Nelson > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-dev+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-dev/CAC76iT9m79fVxWYZE6q9ypnV1XmZWw1_6vMCMT_m_-DFftwfyQ%40mail.gmail.com > <https://groups.google.com/d/msgid/puppet-dev/CAC76iT9m79fVxWYZE6q9ypnV1XmZWw1_6vMCMT_m_-DFftwfyQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 -- This account not approved for unencrypted proprietary information -- -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/CANs%2BFoXmQPRnsxUgPWJa88uk08V_6h62iniBTRW6XfwNHpzOFQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
