Configuration Management Done 4 Ways

It’s extremely important to know your destination and the best route to get there. This applies perfectly to configuring distributed computer system architecture.

There’re no shortage of Configuration Management Tools (CMT) out there and knowing which to use for your use case is key and can save you a lot of headache and overhead down the line.

In it’s simplest form, a CMT is tasked with identifying a final condition desired, and then  and then configuring the process by which to achieve that condition. This process, known as convergence.

Current, popular configuration management tools include;

  • Chef
  • Ansible
  • Puppet
  • SaltStack

Each CMT has its own merits and limitations and the following summaries can begin to help you assess the best CMT for your architecture.


Chef is written in Ruby and performs system configuration through “recipes” that are applied to server nodes to automatically provision or configure servers.

A Chef recipe defines conditions for individual resources; packages we want installed, services to enable to startup or files needed to be deployed etc. and is the fundamental configuration element within the organisation. Recipes can be collected into a “cookbook” which is the fundamental unit of configuration and policy distribution.

Chef can run in client/server mode, allocating configuration tasks among distributed servers, or in a standalone configuration named “chef-solo.” Either way, it provides keen perspective about what’s running on your network.


Python-based and open-source, Ansible is a configuration management tool that is built on a completely agentless architecture, where nodes are not required to install and run background services constantly checkin-in with a control centre.

In agent-based architecture found in Chef and Puppet, nodes must have a locally installed daemon that checks-in with a control centre. This lighter-weight architecture removes network overhead by prohibiting nodes from polling a control centre.

It employs the “push” approach for multi-node software deployment and ad-hoc task execution using SSH (linux) and PowerShell (windows).

Ansible aims to be simple, minimal, secure, highly reliable and easy to learn.


Puppet is another CMT tool that uses Ruby. System resources and their such as packages, services, files, user are are described using a Puppet’s language or a Ruby DSL and stored in files called “manifests”.

These configurations are stored in modules and are applied to a targeted system via the client-server model. Puppet has a great resource abstraction layer which allows us to describe configuration in high-level terms (e.g., users, services, packages) without being contingent on specific OS commands (e.g., rpm, yum, apt).

This makes starting up with Puppet very easy with minimal requirements for programming prowess.


Another python-based tool, SaltStack or simply Salt not only serves as a configuration management tool but also as a remote execution engine. Salt’s event-driven design embraces high modularity, which can maintain remote nodes in defined states.

Salt is fast, easy to configure, exceedingly flexible and provides a single, remote-execution architecture that can manage the diverse requirements of any sized cloud-based computer system.

The power of Salt is available in both the traditional agent-based architecture or in agentless mode with Salt SSH.

CMTs are essential to performance optimisation in any distributed computer system. All four are compelling and learning more about them will help you choose the best for your use case.

At AltoStack, our experts can maintain your DevOps platform and be responsible for day-to-day operational issues, allowing you to develop and ship your product without the need for internal DevOps hires.