Luke Kanies is a 31 year old system administrator turned developer living in Nashville, Tennessee. He has been a Unix and Linux administrator for ten years, and has spent the last five years focused on developing automation frameworks. In 2003 he founded Reductive Labs to work on new open source automation and administration tools, and Puppet is its first major project. Kanies spoke with Computerworld about Puppet and what it offers IT administrators.
What do you think of the current systems management tools for Linux and Unix? Are they being utilized as much as they could and what value do they bring?
I think the current state is quite poor. Note, my goal is never to directly connect to any of my machines, and I am only interested in tools that allow me to repeatedly perform a given chunk of work, so tools like Webmin are outside my area of interest because you have to manage each machine individually.
There has been little to no evolution around managing software; cfengine is more than 10 years old and has changed little in those ten years, and until recently it had essentially no competitors. Even today there are more than ten times as many monitoring tools as management tools, which is pretty pathetic, and nearly all of the management tools have one developer doing almost all of the work.
The commercial space isn't much better. All you have are very complex and expensive applications that don't provide much in the way of higher-level modeling (which you'd kind of expect for $US100,000) and tend to be great marketing tools and poor sysadmin tools. There are really only two products in this space, and they're focused more on making "enterprisy" features than making sysadmin features. Neither of them makes a product I'd like to use as a sysadmin.
You mentioned you were inspired to develop Puppet because of cfengine. What shortcomings does cfengine have and what advancements does Puppet bring?
The biggest problem was that cfengine's author, Mark Burgess who is a friend of mine and for whom I have great respect, is uninterested in building an open community around cfengine. As a result, he has a tool that apparently works fine for his research but has serious shortcomings for its regular sysadmin users. Cfengine has only recently been put into a source control system, and no one besides the author has commit access, for instance, whereas seven people currently have commit access to Puppet's code, although I unfortunately still do the majority of the development.
This closed development community meant that very creative and motivated people were restricted to working outside of cfengine, and it showed. The most active and impressive cfengine community members, without exception, built some kind of elaborate system either to generate their cfengine code or to be called from cfengine, because they couldn't add the functionality they wanted to cfengine itself.
After too many clients complained about regressing bugs (this was before cfengine was in version control, and cfengine still has no unit tests) and I had more code outside of cfengine than in it, I decided I had to drop it. I tried working at one of the commercial shops, BladeLogic, but as I mentioned, they aren't making software I would choose as a sysadmin, so I didn't last long there.
I'd created a prototype for Puppet before going to work at BladeLogic, basing it on the external modules I'd developed for cfengine, so I decided to throw caution to the wind and change my company's focus from consulting to tool development, which is really where I'd wanted to be all along.