[CentOS] Spacewalk or Puppet?

Wed Nov 4 14:18:53 UTC 2009
Marcus Moeller <mail at marcus-moeller.de>

Dear Karan,

>> I am personally not that big fan of Puppet, as things are getting quite
>> complex in large scenarios and as Puppet does not scale well (this has
>> been improved in the latest version if you are using passenger instead
>> of webrick).
>
> Puppet is actually easier to scale beyond a few nodes than spacewalk is.
> Remember that the client->server model for puppet is optional. eg. One
> set of people I introduced puppet to use git as a policy distribution
> layer and run ~ 12k instances using puppet, with average delivery time
> being less than 4 minutes from released, with less than 10 min
> guaranteed for role/policy implementation on the designated nodes ( its
> a large hosing setup, we did these calculations just last weekend ).

We had massive performance issues with Puppet  < 0.25 and Mogrel/Webrick.

>> If you are willed to set up complex configurations with depends and
>> variables, Puppet may be a good choice. In addition of Cobbler or
>> TheForeman you will get provisioning functionality, too. IMHO you should
>> also be familiar with Ruby, too.

Concerning Ruby you should at least be familiar with quoting/escaping
and scopes.

> I dont agree with either of the two, puppet is one package with ruby on
> the machine, how many dozens of thigns do you need to install for
> spacewalk ? What is the stability and maintenance loop like for each

There are not so may packages that needs to be installed on client
side (about 10) but in conclusion you will get functionalities like
remote-commands through osad and monitoring. The package upgrades
could be handled with errata and update management easily.

> component ? And how many hoops do you need to jump through in order to
> get your app rollout linked into state management with spacewalk ? Try
> the same for puppet or even bcfg2 /chef/cfengine - its just a case of
> comparing apples and oranges. They dont do the same thing and they are
> both good to have, you just need to make up your mind what level you
> want to abstract at and how you want to split roles. Eg. Spacewalks's
> config policy management capabilities are about 3 generations behind
> what puppet is able to give you today.

That's true. Config management should be extended and there are
already some good ideas out there, like depending remote commands.

Best Regards
Marcus

> PS: Your email client is broken. Its not preserving thread sanity.

Not a problem here.