Ansible vs Chef


Configuration management is the process of keeping computers, servers, and software in order and a consistent state. The process is used for ensuring that all systems are working as they are supposed to. Sometimes, if they are not doing so, then you have to make small modifications to the systems.

If modifications are performed on many systems and servers, without being documented, then the whole infrastructure can become unstable and inconsistent. Configuration management makes sure that none of these modifications go undetected. Tools, such as Ansible, Chef, and Puppet are used for configuration management.

What is Ansible?

Ansible is a simple open-source IT automation engine that has many modules for interacting with applications and services that a DevOps engineer needs. It can automate application deployment, intra-service orchestration, and the complete application lifecycle

It is easy to deploy Ansible as it does not use custom security infrastructure on the client-side. The modules are pushed to clients. After executing these modules locally on the client-side, the execution result is pushed back to the servers of Ansible. Connecting with clients with Ansible is simple as SSH keys are used. Client details, such as IP address and hostname are stored in inventory files that Ansible can use.

Playbooks are an important part of Ansible that is coded using a simple language called YAML. Tricky tasks are converted into repeatable playbooks to simplify the configuration. These playbooks can be easily understood and debugged if necessary

What is Chef?

Chef is another powerful configuration management tool that is used for infrastructure automation. It was developed by Adam Jacobs, founder of the software firm OpsCode. Whether you are working in a hybrid environment or the cloud, Chef will automate the infrastructure configuration, management, and deployment.

Chef helps companies become more efficient and faster by automating their application lifecycle. Repetitive configuration tasks can be automated using this software.

Chef is written using the Ruby programming language. And, it has a command-line interface that has a DSL-based on Ruby. It can be run on a client-server or as a standalone tool. Chef is open-source and can be used for cloud configuration. This tool can translate system administration tasks into definitions called recipes and cookbooks.

You can run Chef on a variety of platforms, such as Windows, Linux, FreeBSD, Solaris, Cisco IO, AIX, and Nexus. It is also compatible with a large number of cloud platforms like Google Cloud Platform, Amazon Web Services (AWS), OpenStack, Microsoft Azure, and IBM Bluemix. Using the knife utility, Chef can be integrated with several cloud platforms easily

Ansible vs Chef: (comparison)

he Ansible vs Chef comparison will be conducted based on the following parameters:

Installation and set up

For Ansible, no agents are executed on client machines. So, no client-server installation is needed. SSH connections are used for logging in a client’s computer and configuring the nodes. No special setup is required for the client’s virtual machine. Therefore, the installation is easy.

In Chef, the server will run on the master machine. And, the Chef client agent will run on every client machine. All tested configurations are stored in workstations that are pushed to the central server of Chef. So, setting all this up is a bit tricky.

Configuration management

Ansible uses YAML (Yet Another Markup Language) for managing its configurations. This language resembles the English language and is simple to understand. Using YAML, the configurations are pushed to the individual nodes.

In Chef, Ruby Domain Specific Language is used. This language pulls configurations from the server. So, you need to know Ruby well enough. This has a steeper learning curve than YAML.

Static/dynamic inventories

Ansible can use static and dynamic inventories, such as a flat INI file containing hosts divided into sections. This flexibility is not offered by Chef as you have to individually register hosts on the Chef server.

Source of truth

The source of truth is the authoritative configuration for a system. In Ansible, this can be the playbook being deployed. Source control systems, such as Git can be used as a source of truth.

In Chef, the Chef server acts as the source of truth. Here, you have to upload updated cookbooks, sometimes to multiple servers. It is difficult to maintain the consistency of cookbooks this way.


The chef is older, has better documentation, and can handle difficult tasks. But, it is trickier to install as compared to Ansible. Chef’s Ruby DSL is preferred by developers and DevOps engineers. But, it has a steep learning curve as compared to Ansible, which uses simple YAML.  In the Ansible vs Chef battle, the choice depends upon the requirements of the company

Leave a Comment