Network Kings


$999 $499 only For All Access Pass Today! USE PROMO CODE : LIMITED

d :
h :

What are Configuration Management Tools?

configuration management tools

In this blog, you will learn about various configuration management tools which is included in CCNA course. Before we dig into the various types of configuration management tools, it is important to understand what is meant by these tools.

Note: If you have been following up with our new CCNA series, you might have come across the concept of wireless network security. If you haven’t, I recommend you do so before jumping on to this blog.

Imagine you are a network/system administrator and you manage hundreds of networks on various devices all by yourself. The main goal of your work will be to make sure that all the devices work by following the same network standards.

To ensure that, you will need a mapping system showing you all the networks, the interconnections, the interdependencies, and who is connected to whom. This is where the configuration management tools come in handy. They show you the complete picture of all the networks you’re monitoring.

So, in this guide, we will learn more about automation tools to ace the CCNA 200-301 exam. You will learn what is meant by configuration management tools, their purpose, and capabilities, why we use them, and the various configuration management tools that are used.

You will get introduced to the characteristics of the following configuration management tools:

  • Ansible
  • Puppet
  • Chef

The above-mentioned automation tools are suitable for any network. However, they are best suited for medium to large networks with thousands of connected devices.

Without further ado, let us now begin learning!

What is Meant By Configuration Management Tools?

A lot of people compare these tools to DevOps, however, DevOps is used to collaborate with people. Configuration management tools, on the other hand, are meant to automate the process of identifying, tracking, and noting down the changes in hardware, software, and devices in a network infrastructure.

In other words, these configuration management tools help to analyze the impact of change in any hardware or software on the whole system. This helps in reducing network disruption.

Therefore, configuration management tools can be defined as network automation tools that allow centralized control of a large number of network devices. Ansible, Puppet and Chef are the three most popular tools that you must be aware of.

Do you know that these tools were not specially built for network automation. However, these came into existence after the rise of virtual machines. Therefore, these tools have been used by system and network administrators to create, configure and remove virtual machines.

These configuration tools are now mostly used in managing network devices and to automate them. Ansible is the most popular configuration management tool of them all!

What are the Uses of the Configuration Management Tools?

These tools can be used to perform the following tasks:

  • These tools can be used to generate configurations for new devices on a very large scale.
  • These can be used to make configuration changes on devices present in a network or on a specific group of devices.
  • These tools can also be used to keep a check on device configurations to know if they function in tune with defined standards.
  • These tools can be used to compare configurations between devices and between various versions of configurations on the same device.

Why Do We Need Configuration Management Tools?

There are two major reasons why we need configuration management tools. These are:

  • Configuration Drift:

  • When we buy a new laptop, we change its wallpaper, font size and even change its configuration settings. This causes a drift/deviation in a device’s standard settings that are defined by a company.
  • This is known as configuration drift.
  • This can lead to future issues.
  • It is best to have standard configuration management practices even without automation tools.


  • Configuration Provisioning:

  • The way how configuration changes are applied to a device refers to configuration provisioning.
  • It is done by connecting to devices one-by-one through SSH. This is a traditional method.
  • However, this method is not suitable for large networks.
  • This is where the role of configuration management tools such as Ansible, Puppet, Chef, etc. comes into play.
  • They allow us to make changes to the devices on a large scale within a fraction of the time and effort.

What are the Basic Characteristics of Configuration Management Tools?

Let us now go over the fundamental features of each of the configuration management tools one by one:


  • Ansible is one of the most popular configuration management tools and is owned by Red Hat.
  • It has been coded in Python.
  • It does not need any special software to run on managed devices. Therefore, it is agentless.
  • It makes use of SSH to connect to devices, perform configuration changes and take out information, etc.
  • It follows a push model. The Ansible server pushes the configurations to managed devices.
  • Puppet and chef use a pull model.
  • The following text files have to be created after installing Ansible:
    • Playbooks: These are the overall blueprints of automation tasks. They contain the logic and action of each task. These are coded in YAML.
    • Inventory: These are the files that keep a record of all the devices that are managed by Ansible. These are written in INI, YAML, and many other formats.
    • Templates: These files showcase a device’s configuration files. These are written in  Jinja2 format.
    • Variables: These files contain variables along with their values. These are written in YAML format.


  • It is the second most popular configuration management tool.
  • It has been coded in Ruby.
  • It is agent-based.
  • It needs specific software to be run on managed devices.
  • You must note that not all Cisco devices support a Puppet agent.
  • You can run Puppet without the help of any agent. 
  • The proxy agent runs on an external host. It uses SSH to connect to managed devices.
  • The server of the Puppet management tool is called ‘Puppet Master’.
  • The client pulls the configurations from the Puppet Master. Therefore, Puppet runs on a pull model.
  • It makes use of a proprietary language instead of YAML.
  • The following text files are needed after installing Puppet:
    • Manifest: The desired configuration state of a network device is defined by Manifest.
    • Templates: These are quite similar to the templates of Ansible. These are used to build Manifest.


  • Like Puppet, it is also a management tool written in Ruby.
  • It is based on an agent. Therefore, it requires specific software to run on managed devices.
  • The Chef agent is not supported by all Cisco devices.
  • A Domain-Specific Language (DSL) is used by files that are based on the Ruby language.
  • The Chef uses the following text files:
    • Resources: These represent the configuration objects managed by Chef. 
    • Recipes: These represent ‘recipes’ in a cookbook. They consist of all the logic and actions for the task performed on resources.
    • Cookbook: These represent a group of recipes together.

It’s a Wrap!

In this blog, we discussed various configuration management tools such as Ansible, Puppet, and Chef. You learned the difference between the basic characteristics of these tools. 

You also learned why it is important for network devices to stay true to their standard configuration settings.

Happy learning!

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.