Innovate faster and cut risk with PHP experts from Zend Services.
See How Zend Helps Leading Hosting Providers Keep Their Managed Sites on Secure PHP
Learn PHP from PHP experts with free, on-demand, and instructor led courses.
Submit support requests and browse self-service resources.
PHP Configuration management can be a crucial part of ensuring consistency across multiple systems. But who should be using configuration management, and which configuration management tools are the best fit for PHP use cases?
In this blog, we dive in on configuration management, why it matters, how it’s used for PHP applications, and the top options available today.
Configuration Management is the process of maintaining IT systems, servers, and software in a consistent and consistently replicable state.
In the web application world, CM is the process in which we setup and maintain our stack. For example, installing and configuring MariaDB, Nginx, and PHP on a target system. One popular form of CM is Infrastructure as Code (IaC) which codifies this process. Writing CM as code allows the process to be version controlled and automated. For example, upon the acceptance of a pull request to a PHP web application, the IaC could be run to verify proper configuration of targets then deploy the source code to them.
Configuration Management, especially Infrastructure as Code, comes with many benefits and safety nets; make changes and deployments more quickly, remove the potential for human error, and create predictable and scalable system management. Most CM tools, like Puppet, even abstract away the operating system, meaning the system management can even be portable and OS agnostic.
With CM, teams can ensure a consistent and secure configuration across all target systems. This is especially necessary for Enterprise systems, where consistency and security are of utmost importance and a single misconfiguration could spell disaster. Writing your system management in code means that all changes, small or large, are (at the very least) documented through code. Simply by checking our CM source code, we can discern what target systems have what software and how that software is currently configured.
Essentially, CM is necessary to ensure consistency and security across all systems.
In an ideal world, once a PHP team is working with more than one server (Test and Production, for example) then it is time to setup and use Configuration Management. The main benefit of CM is simplifying and introducing consistency into the system management process across multiple systems, as discussed above. Does your PHP application depend on a new PHP Extension? Simply modify the CM source code to install and configure the new extension, run it, and now Test and Production match and have the new PHP Extension enabled.
Simply put, any team managing more than one system should consider Configuration Management and Infrastructure as Code.
When it comes to PHP configuration management tools, there are a few top options for teams to consider, including Puppet, Ansible, and Terraform.
Puppet is a mature and flexible infrastructure automation tool and language that has many uses for writing infrastructure as code. A typical Puppet setup has a primary Puppet Server node which manages the configuration information for a fleet of agent nodes. In other words, the Puppet Server keeps track of how a target server should be configured, and the Puppet Agent on the target server communicates with the Puppet Server to know how it should be configured. The key advantage of the Puppet Agent is that it maintains target system health. The agent will check the targets periodically for changes and fix any configuration drift.
There’s also Puppet Bolt, which is agentless and much easier to get started with. This is Puppet’s answer to other lightweight CM tools, like Ansible. It allows teams to write plans in Puppet or YAML and tasks in virtually any language. Tasks can even be wrapped in a plan, meaning teams can write their infrastructure in pretty much any language. It also means those existing scripts written in Shell, Python, and other languages can easily be turned into a Bolt Task.
The Puppet Forge is home to modules others have created, and most solutions can be found there. There’s a module for PHP, Apache, Nginx, and most any other software teams might need. Most, if not all, of these modules abstract the operating system, making them agnostic and simple to use. No more having to know apt or yum. Just define the software and its configuration, and Puppet will handle the rest.
With the maturity and breadth of coverage Puppet has, it can cover pretty much any system configuration out there, especially PHP stacks.
Ansible is a lightweight Configuration Management tool written in Python. It uses YAML to define configurations, deployment, and other workflows. Like most of these tools, it uses the Control Node and Managed Node(s) pattern. The control node has all the knowledge it needs from the YAML files to configure the managed nodes once called to do so.
As mentioned previously, Ansible is most like Puppet Bolt, in that Ansible has no agent. It won’t be checking nodes periodically for configuration drift and applying fixes. Ansible is more of a run once and be done type of CM tool.
Ansible doesn’t quite abstract away the operating system specific details, meaning that teams usually must write it in a way that is tailored to a specific OS. For example, instead of telling Ansible to install PHP and Ansible handling which Package Manager to use based on OS, teams will need to tell Ansible to install PHP through APT for Ubuntu.
Due to Ansible’s lightweight nature, it’s easy to get off the ground and start codifying your system management. The fact that it uses YAML adds to the simplicity, turning Infrastructure into an easy-to-understand markup language. This can be a double-edged sword, though, since YAML isn’t known for being an easy to debug language. The Puppet language, for a counter example, gives us verbosity and syntax errors, allowing teams to notice issues before even running the task.
Terraform lends itself to Cloud Management. It’s cloud-agnostic, like how Puppet is operating system agnostic. With Terraform, teams can manage multi-cloud environments using the same configuration language with ease. As a Hashicorp product, it uses the Hashicorp Language (HCL), a rich language designed to be relatively easy for humans to read and write.
Terraform is best used for maintaining cloud infrastructure, and not necessarily the system configuration itself. Think creating cloud instances, virtual private networks, storage blocks, security objects, network objects, managed databases, and other cloud resources. Terraform shines at creating cloud scaffolding, but not necessarily the system software configurations. There are methods to use Terraform in this way, for system configurations, but they’re bulky and far less efficient at this. This means teams may be better off using the other tools listed here (in conjunction with Terraform for cloud management) when they get to the point of system configuration, like installing and configuring PHP, Nginx, MariaDB, etc..
When it comes to managing cloud architecture, it’s hard to beat Terraform.
See our ZendPHP Terraform templates >>
Configuration management is key for teams who want to maintain consistency and remove risk as they deploy and scale multiple servers, software, or systems. Luckily, there are robust and mature tools like Puppet, Ansible, and Terraform that can help PHP teams do just that.
Stay tuned to the Zend blog for future articles detailing how ZendPHP can pair with Puppet, Ansible, and Terraform for easy-to-replicate and easy-to-scale PHP applications.
Need DevOps-Ready PHP? Zend provides the advanced observability and orchestration tooling teams need to confidently deploy and scale PHP applications. Learn more about our DevOps-ready PHP builds by visiting our ZendPHP solution page today. Learn More About ZendPHP
Zend provides the advanced observability and orchestration tooling teams need to confidently deploy and scale PHP applications. Learn more about our DevOps-ready PHP builds by visiting our ZendPHP solution page today.
Learn More About ZendPHP
Senior Solutions Architect, Perforce Software
Yeshua Hall is the Senior Solutions Architect at Perforce Software. Yeshua is passionate about helping customers overcome complex technical challenges to achieve their team and business goals.