The solution has really complex code, you have to understand the Ruby language and customized Domain Scripting Language (DSL). However, once you know the code then you can move ahead without any problems. To improve the Development learning curve, new Puppet Development Kit should maybe include a Development interface with preloaded DSL Dictionary.
The main thing that we noticed when we switched from the enterprise version to the community version was the difference in cost — the infrastructure is pretty expensive. We work in the education sector so we get really good discounts from vendors. Other universities, including Harvard, use a competing product called Ansible. The only reason they use Ansible is that they got it for a really good price. We tried to get an educator's discount with Puppet, but unfortunately, we couldn't reach an arrangement. That's why we had to switch to the community version.
Puppet may be already working on this, however, it would be helpful if they made the product agent-less or making an option for agent-less. They may offer that in Puppet Bolt. I haven't explored that much. The compliance side needs work. Puppet doesn't have much in terms of dealing with compliance. Chef has inSpec. On Red Hat, we are getting Insight so that we can run some standard templates for compliance, like CIS or DSR, PCI, or something of that nature. We can use those templates to harden the environments and perform a security checklist within those environments. There's a lot of scope for enhancement on the DevSecOps side. They should definitely include features for compliance, for both the Linux and Windows side of the devices, as well as for network devices. Compliance is something they need to work on. It would be great if there was integration with some InfoSec tools like Lenovo. The pricing of the solution is a bit high.
Co-Founder and Consulting Engineer at a tech services company with 1-10 employees
Real User
2018-09-25T09:23:00Z
Sep 25, 2018
We are constantly improving new features, like deploying. But also, I think that they're very strange. It is how the community contributes with the models that they have in Puppet first. But it's a continuous improvement process. We are always discovering new things.
Puppet Data Center Automation helps sysadmins automate configuration and management of machines and the software running on them. With our software, businesses can make rapid, repeatable changes and automatically enforce the consistency of systems and devices, across physical and virtual machines, on prem or in the cloud.
Puppet Enterprise should improve the general extensibility for places where they can't install it.
Puppet Enterprise is more complex and difficult to configure.
The solution has really complex code, you have to understand the Ruby language and customized Domain Scripting Language (DSL). However, once you know the code then you can move ahead without any problems. To improve the Development learning curve, new Puppet Development Kit should maybe include a Development interface with preloaded DSL Dictionary.
The main thing that we noticed when we switched from the enterprise version to the community version was the difference in cost — the infrastructure is pretty expensive. We work in the education sector so we get really good discounts from vendors. Other universities, including Harvard, use a competing product called Ansible. The only reason they use Ansible is that they got it for a really good price. We tried to get an educator's discount with Puppet, but unfortunately, we couldn't reach an arrangement. That's why we had to switch to the community version.
Puppet may be already working on this, however, it would be helpful if they made the product agent-less or making an option for agent-less. They may offer that in Puppet Bolt. I haven't explored that much. The compliance side needs work. Puppet doesn't have much in terms of dealing with compliance. Chef has inSpec. On Red Hat, we are getting Insight so that we can run some standard templates for compliance, like CIS or DSR, PCI, or something of that nature. We can use those templates to harden the environments and perform a security checklist within those environments. There's a lot of scope for enhancement on the DevSecOps side. They should definitely include features for compliance, for both the Linux and Windows side of the devices, as well as for network devices. Compliance is something they need to work on. It would be great if there was integration with some InfoSec tools like Lenovo. The pricing of the solution is a bit high.
We are constantly improving new features, like deploying. But also, I think that they're very strange. It is how the community contributes with the models that they have in Puppet first. But it's a continuous improvement process. We are always discovering new things.