After trying to get Func running again recently at a new company, I got tired
of some SSL and DNS issues and decided to create something a bit simpler, taking
all of the good ideas from Func, and merging them with experience I learned from
working at Puppet Labs. I wanted something that was easy to pick up and was installable
without any bootstrapping, and didn't suffer from the "I don't want to learn X" mentality
that often impacted adoption of tools like Puppet and Chef among certain ops teams.
I also spent some time working with a couple of sites that needed to do large webapp deployments,
and noticed how complex various configuration management and deployment tools were to these
companies, compared with what they actually needed. Release processes were too complex
and needed something simple to straighten them out -- but I really didn't want to train
all the dev(ops) on Puppet or Chef, and they really didn't want to learn them either.
I kept thinking, is there a reason for these programs to be so large and complicated?
Well, systems management is a little complicated, but no. Not really.
Can I build something that a sysadmin can
figure out in 15 minutes and get going, and then extend in any language he knows?
That's how Ansible was born. It sheds 'best practices' for 'you know your infrastructure
best', and distills all of the ideas behind all of these other tools to the core.
Not only is Ansible very simple and easy to learn/extend, it's configuration management, deployment, and ad-hoc tasks all in one app. And I think that makes it pretty powerful. It hasn't really been done before.
I'd like to know what you think of it. Hop by the mailing list and say hi.
Comparisons
-----------
vs Func?
++++++++
Ansible uses SSH by default instead of SSL and custom daemons, and requires
no extra software to run on managed machines. You can also write modules
in any language as long as they return JSON. Ansible's API, of course, is
heavily inspired by Func. Some features, like delegation hierarchies, are
not supported, but Ansible does have an async mode. Ansible also adds
does not create its own programming language. What constructs Ansible does have should be enough to cover 80% or so of the cases of most Puppet users, and it should scale equally well (not having a server is
I also suspect some Ansible users will actually use Ansible to trigger Puppet -- using the git
module to checkout a Puppet module hierachy from source, and the command module to run
'puppet apply'. That's ok too, but you may find playbooks do all you need.
Ansible does support gathering variables from 'facter', if installed, and Ansible templates
in jinja2 in a way just like Puppet does with erb.
vs Chef?
++++++++
Much in the ways Ansible is different from Puppet. Chef is notoriously hard
to set up on the server, and requires that you know how to program in Ruby to
use the language. As such, it seems to have a pretty good following mainly
among Rails coders.
Like Chef (and unlike Puppet), Ansible executes configuration tasks in the order
given, rather than having to manually specify a dependency graph. Ansible extends
this though, by allowing triggered notifiers, so Apache can, be restarted if needed,
only once, at the end of a configuration run.
Unlike Chef, Ansible's playbooks are not a programming language. This means
that you can parse Ansible's playbooks and treat the instructions as data. It also
means working on your infrastructure is not a development task and testing is easier.
Ansible can be used regardless of your programming language experience. Both
Chef and Puppet are around 60k+ lines of code, while Ansible is a much simpler
program. I believe this strongly leads to more reliable software and a richer
open source community -- the code is kept simple so it is easy for anyone to
submit a patch or module.
Just like with puppet, some users may wish to use Ansible to trigger chef-solo to
avoid using the server, after checking out some chef content using Ansible's git
support.
Ansible does support gathering variables from 'ohai', if installed.
vs Capistrano/Fabric?
+++++++++++++++++++++
These tools aren't really well suited to doing idempotent configuration and are
typically about pushing software out for web deployment and automating steps.
Meanwhile Ansible is designed for other types of configuration management, and contains some
advanced scaling features.
The ansible playbook syntax is documented within a page of text and also has a MUCH lower learning curve. And because Ansible is designed for more than pushing webapps, it's more generally
useful for sysadmins (not just web developers), and can also be used for firing off ad-hoc tasks.
Other Questions
---------------
How does Ansible scale?
+++++++++++++++++++++++
Whether in single-execution mode or using ansible playbooks, ansible can
run multiple commands in seperate forks, thanks to the magic behind
Python's multiprocessing module.
If you need to address 500 machines you can decide if you want to try