This document discusses a company's migration from Puppet to Ansible for infrastructure automation. It provides an overview of the company's cloud platform and automation needs. It then compares Puppet and Ansible, noting Ansible's advantages for the company's use case such as its lower learning curve and more human-readable scripts. The document outlines the process used to develop Ansible scripts and notes improvements in results and future plans to enhance the automation roadmap.

1. A Tale in Automation
The Slow Roast of Puppet

2. Agenda
• Platform Overview
• Platform Details
• Puppet in our Environment
• Our Use Case
• Puppet vs Ansible
• Script Dev Process
• Results
• Future Enhancements

3. Platform Overview
Established Cloud platform
FedRAMP Moderate
Platform
(ALM, CI/CD, Scanning Capabilities)
Infrastructure
(VMs, Network, OS)
Source Code
Management
Continuous
Integration
Monitoring
Collaboration
Spaces
Automation
CSP
Scanning
Agile Tools
RE-USE
RE-USE
RE-USE
21 Different Web Sites
8 Database Servers, 10
Web Servers
- Prod Servers
- Staging Servers
- Test Integration
- Failover Environment
1 Billion Web Hits
17 Production Deployments per
month

4. Confluence
Code
Review*
Code
Visualizer
*
JIRA
(Agile Mgmt)
Code Quality*
Application Deployment Pipeline
Selenium
Jmeter*
HP Fortify
Functional Testing
Performance Testing
Static Security
Analysis
WebInspect
Dynamic Security
Analysis
aXe Accessiblity
Engine*
Git/Stash
(Source
Control)
NEXUS
(Artifact
Repository)
Bamboo &
Jenkins
(CI Server)
Build
Tool
Quality Testing
Usability Testing
IDE
Sonatype CLM
Supply Chain Security
Analysis
PIV/OMB MAX
(IDAM)
(Key Mgmt)*
(ISCM/CDM)*
SPLUNK
(Log Mgmt)
New Relic
(App Perf Mon.)
(Cloud Mgmt)*
OTRSS
(Asset Mgmt)
Ansible
(Config Mgmt)
Ansible
(Infra Auto)
Application
Version
Promotion
Change
Detection
Deployment Artifact
Archiving
Build
History
Documentatio
n
Check-
In
History
Code
Review
Source Code
Dependency
Management
Pull/Push
Legend
Knowledge Management
Agile Project Management
Code Review
Development
Continuous Integration
(CI)
Continuous Testing (CT)
Operational Monitoring
ISCM / Security
Infrastructure Mgmt
*Function not currently
deployed
On Demand Auto
Deployment
Automated
Deploy
Test Tools
Dev/Test Staging Production DR
Platform Details
Controlled Auto
Deploy

5. Puppet in Our Environment
Puppet used to handle some functionality in our environment,
such as –
• Management of certain configuration files
• Deploying database information to different websites

6. Our Use Case
Technical Rational • Different server types and configurations
• Various dependencies
• Tight deadline
Team Level Rational • Low learning curve
• Versioning and Configuration Management
The database layer is being re-architected, all new scripts are needed.
Should we continue to use Puppet or move to Ansible?

7. Puppet vs Ansible
Puppet Ansible
Requires an Agent Agent-Less
High Learning Curve Low Learning Curve
Limited Documentation Highly Documented
Low Team Experience with Puppet Python Experience
No Loop Functionality All the Loops, Procedural
Dependencies Not Standard to Linux Standard to Linux
Complicated Scripts Scripts are Human Readable
First Release 2005 First Release 2012

8. Script Comparison

9. Script Development Process
Infrastructure as Code
• Scripts are developed and maintained in Git
• Code Reviews to Refactor Playbooks

10. Results

11. Roadmap
A
Converted to Ansible
Automatically run security
scans
CodeDX
Quality and Visualization
Lint & Grapher
Auto-run Jmeter /
Selenium tests on
code merge
Testing
Better orchestration and
auditing
Ansible Tower
Use Ansible to build and
manage Docker
containers
Containerization
Integrate other Red hat
Products
OpenShift