Oh look, everyone, it's Richto! Here to tell you that anything that doesn't put more money into Microsoft's coffers is inevitably bad! Of course, he hasn't the foggiest clue in hell what he's talking about - as usual - but he'll not let that stop him, will he? Charging valiantly onto the battlefield of a dead thread, Richto bravely explodes his heart upon heart upon any possibility of usefulness from a company that isn't Microsoft. Well, charging bravely between the hours of 9 and 5, Monday to Friday.
That said, yes Richto, Group Policy is indeed automation software. It is both configuration deployment and software deployment automation software. In fact, it is some of the most sophisticated configuration deployment software developed ever developed. It is why Microsoft slaughtered Novell at the turn of the millennium.
You are correct in that System Center Operations Manager provides [i]even more[/i] automation possibilities than Group Policy…but not by much. OpsMan mostly provides Agentful Monitoring and some integration with WSUS. Orchestrator extends even more configuration capabilities, and System Center Virtual Machine Manager would be required to fill our the rest of what Puppet can do.
That said, Puppet can indeed match GPOs, GPPs, SCOM, SCO, and SCVMM damned near feature-for-feature on the configuration automation front (not absolutely, no product is perfect,) while offering things that none of them can otherwise offer. Critical functionality that Microsoft’s offerings lack. Namely: cross platform support. Single-pane-of-glass configuration for multiple operating systems (and cloud services) where settings are the same. (Set NTP servers across all OSes from one place? De nada.)
Puppet is about automating configuration deployment. Which is pretty much [i]exactly[/i] what group policy was designed for. The fact that to meet Puppet’s full extent you need not one, but [i]three[/i] add on software packages from Microsoft - [i]and CALs[/i] – is the strongest advertisement for Puppet in a Microsoft shop there is.
But please do respond to this comment with alacrity. I do very much look forward to your very well researched, detailed and through analysis of exactly which elements of configuration automation that Puppet is missing, which Microsoft provides through their products. I am especially eager for you to explain – in detail – how those configuration items justify per-seat cost delta between all the MS CALs you’ll have to buy when compared to Puppet’s cost.
I’ll give you bonus points if you can do it without bringing systems monitoring into the conversation. Because we really don’t need to get into a catfight about “what Puppet can monitor versus what SCOM can monitor.” Real-time monitoring isn’t Puppet’s target, but it sure is making a heck of a lot of inroads into both monitoring [i]and[/i] configuration simulation.
Specifically, the integration work that has been done to tie it to Nagios has been extraordinary. And Nagios ****ing flattens SCOM for monitoring. Of course, if you hate Nagios, Puppet also has been made to work well with both Zenoss and icinga.
So please, Richto, if there are flaws in Puppet’s configuration automation as compared to Microsoft’s (very expensive) offerins, [i]do tell[/i]. I will be very happy to point the community at your response so they can promptly resolve the minor gaps in feature coverage.
Also, can you point me in the direction of Microsoft’s offerings which provide configuration automation for Linux, OSX, OpenStack, GCloud and EC2?
Answers on a postcard,
--Trevor.