December 12, 2008

Day 12: Capistrano or Puppet?

I'm compelled to write about this subject today because of having received this question multiple times since sysadvent began.

Capistrano or Puppet? Both.

Puppet provides you with a way to specify a state your system should be in. Puppet's features will help you keep a machine in the same state. If someone hand-edits an apache config, you can have puppet automatically replace it with the correct one and reload apache, for example. Puppet runs on each of your servers.

Capistrano lets you describe what to do to a system or set of systems: Upload a file, run a program, restart a service, etc. Capistrano runs from your workstation and does work for you on remote systems.

So, why both?

Puppet needs a source of state information, and that source has to come from somewhere. If you always run on the bleeding edge of your configurations, you can feed the puppet master with your revision control system and use the state described in the head revision. Bleeding edges tend to be bloody for a reason. You could feed puppet with data from a branch of your revision control, too, and both not need capistrano for the feeding and not run on the head revision. You could deploy new state to puppet with Capistrano on a planned release schedule.

Puppet lets you specify that the 'httpd' package should be installed, and even what version. If you maintain your own package repository, you can control what version is installed (which you should). To upgrade the 'httpd' package, you could use Capistrano to upload new packages to your package repository and to deploy puppet manifests to keep 'httpd' automatically updated to whatever version you decide.

As an example, here's how the state management with puppet and capistrano might look for your apache configuration:

  1. Modify httpd.conf in revision control, check it in.
  2. Use capistrano to push the new state to your puppet masters.
  3. Puppet will see the new state and apply necessary changes. [*]
[*] This will only occur automatically if you run puppet periodically (like through cron) rather than manually.

If the change was bad, you can revert the change in revision control and again use capistrano to push the new files.

You can use puppet and capistrano to do similar tasks, if you wish, but I find they are best suited to compliment each other. Let puppet focus on automated state maintenance and let capistrano help you do deployments of new packages and new configurations.

Further reading:


Anonymous said...

Thank you for the detailed comparison.

Anonymous said...

Just a point of clarification. The following snippet is not true: "Puppet lets you specify that the 'httpd' package should be installed, but not what version". You *can* specifiy with puppet what version with puppet, in many different ways:

package { httpd: ensure => "2.0.12-2" }
package { httpd: ensure => latest }

etc. Check out puppet's Type Reference documentation to see what values can be passed.

Jordan Sissel said...

@micah - Yeah, I learned about that a few days after writing the article, but never went back and updated it.

Fixed now.

Anonymous said...

I do think there are some use cases where Puppet and Capistrano have synergy, but the example you have is not really one of them.

The Puppetmaster should operate on version controlled files, both the Puppet manifests and the configs to be served. So then when the file (httpd.conf or whatever) is checked into the version control the puppetmaster just needs to update/pull.

To understand best where Puppet and Capistrano make sense together, it's worth talking about the purpose and background for each tool. I'm going to do a guest post on soon to explore this, but the short version is use Puppet to build and maintain your systems consistently and use capistrano for on demand application deployment (Capistrano is especially excellent for rails, depending on what you are doing you might checkout tools like ControlTier too).

In the future, Puppet's model will accommodate the on demand deployment work flows much better, but you have to get stuff done today.

Andrew Shafer

When all you have is a hammer, everything looks like an IT infrastructure. -- John M. Willis

Jordan Sissel said...

@stochasticresonance In hindsight, the example of using Capistrano and Puppet isn't the best. Still, hopefully the point remains that you can use both as they provide different features.