DevOps software for a beginner

I'm tasked with administrating a network with about 70 linux servers, 50 windows servers, 20 esxi hosts, dozen physical windows servers clustered, sonicwalls routers, cisco/dell switches and some AWS instances. Many things are out of date and I'd like to change that but it seems like a steep hill to climb. I was looking into centrally managing and automating this network and looking at chef, puppet, saltstack, and fabric.

I'm much more of an administrator then a programmer which is kind of pushing me towards saltstack. I'd like to keep it fairly simple so others can manage it. For someone that's just starting out in devops which software would you suggest and why?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Kinet1c

There should be some relevant courses around puppet/chef/ansible on linuxacademy.com, nothing on saltstack though. There's a networking automation course out there for ansible too, a quick google and you should find it.

techfiend

I wouldn't mind looking into them after I'm done with aws certs. That's top priority as we are going live by February. In the meantime I'm looking for opinions to point me towards one or two of these. Chef and puppet seem to be the most marketable but appear to be more programming then scripting which I wouldn't enjoy. If I'm administering something I'd like to enjoy it.

This will hopefully make my job easier which might lead to reduced hours or even automate myself out of a job, unsure how to feel about that.

alias454

They will all take a bit to learn but I have been using SALT and have found it to be pretty easy to get going with.
You know how you eat an elephant? One bite at a time.

aschenbecher

What is this DevOps monster ?

I've heard a lot about it. Is it good to learn about it ?

I am at a starting level , should i level up before i wander out in search of it ?

DoubleNNs

I personally prefer SaltStack. I also use Salt at work.
However, since Salt isn't as "mainstream" as the other 3 alternatives (Chef, Puppet, Ansible), I'm not too sure I can suggest it. You might find it difficult to find resources when you have issues/questions.

So, Chef/Ansible might be your best bet.

Note: with Chef you CAN write pure Ruby code in it (more scripting than programming), but you don't have to. You can use it for simple declarative programming (same as the others). Eventually when you start to generalize your scripts/recipes/states/manifests/whathaveyou you might actually feel constrained by the templating/scripting abilities of the competitors.

Between Chef and Ansible, I think the best decision to decide which you want is the answer to the question: Python or Ruby?

Additionally, if you DO decide on Salt instead of the above, let me know. I can point you towards some resources to get you acquainted (unfortunately, mostly books/blogs/Slack groups) and give you some tips I've learned here and there. If you decide on another of them, I'd like to hear what helped you make your decision.

(I've heard of Fabric but never used it. Tried to use Puppet once, didn't like it. Converted maybe half a dozen Puppet manifests into Chef/Salt however, which was a lot easier than I thought it'd be)

Claire Agutter

@aschenbecher DevOps is a cultural movement that embraces agile ways of working, better communication and better relationships between Dev and Ops, as well as a big focus on more frequent releases and automation. The DevOps Institute have launched a DevOps Foundation course which will give you a good introduction to the ideas and history of DevOps, it might be a good starting point? There's a ton of free stuff you can read online too.

techfiend

Thanks for the insight DoubleNN. I have a few other projects at work first but really do plan on implementing something to orchestrate updates as well as handle vmware snapshots and report. Would performing these tasks require more than beginner knowledge in a scripting language and one of the aforementioned software?

I can do batch well, bash decently, powershell okay, perl little less than okay, python not very well and it didn't really interest me. No experience with ruby or other scripting languages. I've thought about using batch+psexec or powershell and wuinstall for windows and simple bash scripts for updating and powercli scripts for snapshot management but everything I've come up with seems to be a mess and extremely difficult to centrally manage.

DoubleNNs

To be honest, I don't really use those tools for stuff like that. Some of what you mention sounds like you could build scripts for it. Regardless of how difficult or long it takes to write them, once you have the script finished you should be able to just run them whenever you want.

For building new servers with the tools, you don't need to know any scripting, but do need to know how to use the tools.

install_applications:
  pkg.installed:
    - pkgs:
      - apache2
      - mysql
      - python3

make sure apache is running:
  service.running:
    - name: apache2
    - enable: True
    - require:
      - pkg: install_applications

The above Salt code installs 3 packages on your Linux server, starts the Apache service and sets it to auto-start on boot as long as Apache is already installed. If you run it on a system that already has mysql and python3 installed, it'd skip those w/o even trying to install them, essentially only running parts of the script that would make changes. Altho actual production use cases would look much more complex, you def don't need to know much programming/scripting (if any at all) to at least start get off the ground running. But once again, you do need to know how to use the tools.

Another cool thing about the configuration management tools is most of them allow for remote execution. You can query all the servers the tool is connected to and within seconds list what version of Apache is installed on each. You can also run single commands on your servers simultaneously, in parallel:

$ sudo salt '*' cmd.run "apt-get install --only-upgrade apache2"

One command and the apache installation on all your servers connected to the config management tool are upgraded, with a report shown upon completion. Using the same methodology, you could run your scripts across different groups of servers, say all your database servers, or all your file servers, without having to remote into any of them individually.

Most of the tools have some support for Windows as well, altho I don't have much experience in that domain. Additionally most of the tools can deploy new VMs on VMware and AWS EC2 and configure them for you, plus you should be able to hook into networking equipment too.

The tools themselves won't be able to do everything you're looking for -- some of those tasks might have to be standalone scripts or might need another application to manage the the task. But you still will probably get far in your central management goals just by implementing one of the configuration management tools.

Verities

You really can't go wrong with any of the listed config management programs listed. I prefer Chef as its super easy to learn and they have tutorials + labs you can do on their website. You don't need to do any complex programming as DoubleNNs said. Check out a thread I started a while back on automation for some more info and links:

http://www.techexams.net/forums/off-topic/113400-puppet-vs-chef-automation.html

techfiend

That looks pretty simple. After reading the aforementioned thread I think I've narrowed it down to Chef or Saltstack. Is one much easier to deploy then the other? How about removal if I don't like it? They both seem to use agents or minions.

DoubleNNs

Note: You can go agentless w/ Ansible and have Ansible connect to all the nodes using SSH.

Chef has most likely changed a lot since I looked at it, but I remember Chef being much harder to set up than Salt. The only thing is, since Chef is more popular, it's easier to find resources on them.

Have you played around with Vagrant? I'd suggest you create two separate 3 VM labs (via VMware, Vagrant/Virtualbox, or AWS) and play around with Chef and SaltStack to get a feel for each and make your decision. Best way to evaluate them is to get your hands dirty. Installing Apache is essentially the "Hello World!" of the configuration management world. Installing it, starting the service, configuring the application, and then reloading the config is essentially their FizzBuzz!

I suggest still thinking about whether you want to do Ruby (Chef) or Python (Salt) when making your decision. Whereas you won't need to use either scripting language with the tool at the beginning, one day you might feel the desire to.