Study smarter with Fiveable
Get study guides, practice questions, and cheatsheets for all your subjects. Join 500,000+ students with a 96% pass rate.
Configuration management sits at the heart of modern DevOps practices—it's the discipline that ensures your infrastructure behaves predictably, scales reliably, and recovers gracefully. When you're tested on CI/CD concepts, you're really being evaluated on whether you understand infrastructure as code, declarative vs. imperative approaches, idempotency, and orchestration patterns. These tools aren't just software to memorize; they represent fundamentally different philosophies for solving the same problem: how do we make infrastructure reproducible and automated?
The tools in this guide fall into distinct categories based on their primary function and architectural approach. Some manage server configurations, others provision cloud infrastructure, and still others orchestrate containers at scale. Don't just memorize what each tool does—know why you'd choose one over another, what architectural trade-offs each makes, and how they fit together in a complete CI/CD pipeline. That's what separates surface-level recall from the deeper understanding exam questions target.
The fundamental architectural decision in configuration management is whether managed nodes need software installed on them. This choice affects security posture, network requirements, and operational complexity.
Compare: Ansible vs. Puppet—both achieve configuration consistency, but Ansible's agentless design simplifies initial setup while Puppet's persistent agents enable continuous compliance enforcement. If an exam question asks about security considerations or network requirements, this distinction is critical.
Infrastructure as Code treats infrastructure provisioning like software development—version controlled, tested, and reproducible. These tools focus on creating and managing cloud resources rather than configuring existing servers.
Compare: Terraform vs. Ansible—Terraform excels at provisioning new infrastructure (creating VMs, networks, databases), while Ansible excels at configuring existing infrastructure (installing packages, managing services). Many teams use both together in their pipelines.
Containers package applications with their dependencies into portable, isolated units. This approach solves the "works on my machine" problem and enables consistent deployment across environments.
Compare: Docker vs. Kubernetes—Docker creates and runs individual containers, while Kubernetes orchestrates many containers across multiple hosts. Think of Docker as the shipping container and Kubernetes as the shipping yard that manages container logistics at scale.
Continuous Integration and Continuous Delivery tools automate the build-test-deploy cycle. They connect code changes to production deployments through automated pipelines.
.gitlab-ci.yml configuration defines entire pipelines in a single file, reducing context-switching between toolsCompare: Jenkins vs. GitLab CI/CD—Jenkins offers maximum flexibility and plugin options but requires more configuration and maintenance. GitLab CI/CD provides a more integrated, opinionated experience with less setup. FRQ questions about tool selection often hinge on this flexibility-vs-simplicity trade-off.
| Concept | Best Examples |
|---|---|
| Agentless Configuration | Ansible |
| Agent-Based Configuration | Puppet, Chef, SaltStack |
| Infrastructure Provisioning (IaC) | Terraform, CFEngine |
| Declarative Configuration | Puppet, Terraform, Kubernetes |
| Container Runtime | Docker |
| Container Orchestration | Kubernetes |
| CI/CD Automation | Jenkins, GitLab CI/CD |
| Multi-Cloud Support | Terraform, Ansible |
Which two tools both use YAML for configuration but differ in their architecture (agentless vs. master-minion)? What are the practical implications of this difference?
If you needed to provision AWS EC2 instances and configure the software on them, which combination of tools would you use and why?
Compare and contrast Docker and Kubernetes: what problem does each solve, and why are they often used together rather than as alternatives?
A team wants continuous compliance enforcement where servers automatically correct configuration drift. Would you recommend Ansible or Puppet? Justify your answer based on their architectural differences.
An FRQ asks you to design a CI/CD pipeline for a microservices application. Which tools from this guide would you include at each stage (code commit → build → test → deploy → orchestrate), and what role would each play?