To achieve faster application delivery, the right tools must be used in DevOps environments. There is no single tool that fits all your needs such as server provisioning, configuration management, automated builds, code deployments, and monitoring. Many factors determine the use of a particular tool in your infrastructure.  In this article, we will look into core tools that can be used in a typical DevOps environment.

DevOps Tools for Infrastructure Automation

There are many tools available for infrastructure automation. Which tool to be used is decided by the architecture and needs of your infrastructure. We have listed a few great tools below which come under various categories like configuration management, orchestration, continuous integration, monitoring, etc,

We have categorized the toolsets into the following.

  1. Infrastructure as Code
  2. Continuous Integration/Deployment
  3. Config/Secret Management
  4. Monitoring

Infrastructure as Code

These tools can help you manage all infrastructure components like VPCs, instances, firewalls, managed services, etc as code. Once you have the infra code ready, you can use it to create the environment anytime you want without much manual intervention.

These tools can be used on any cloud or on-prem environment without a vendor lockin.


Terraform is an Infra provisioning tool which is cloud-agnostic. It is created by Hashicorp and written in Go. It supports all public and private cloud infrastructure provisioning. Unlike other configuration management tools, terraform does a great job in maintaining the state of your infrastructure using a concept called state files.

You can get started with Terraform in days as it is easy to understand. Terraform has its own DSL called HCL (Hashicorp configuration language). Also, you can write your own terraform plugin using Golang for your custom functionalities.

Note: If you a beginner, you can get started with Terraform using this book. It’s a great book for beginners & experienced users

You can find all the community developed terraform modules from terraform registry.


Ansible is agent-less configuration management as well as an orchestration tool. In Ansible, the configuration modules are called “Playbooks”. Playbooks are written in YAML format and it is relatively easy to write when compared to other configuration management tools. Like other tools, Ansible can be used for cloud provisioning. You can find all community playbooks from Ansible Galaxy


Chef is a ruby based configuration management tool. Chef has the concept of cookbooks where you code your infrastructure in DSL (domain-specific language) and with a little bit of programming. Chef provisions virtual machines and configures them according to the rules mentioned in the cookbooks.

An agent would be running on all the servers which have to be configured. The agent will pull the cookbooks from the chef master server and runs those configurations on the server to reach its desired state. You can find all the community cookbook from Chef Supermarket

You might like: How To Become a DevOps Engineer 


Puppet is also a ruby based configuration management tool like chef. The configuration code is written using puppet DSL’s and wrapped in modules. While chef cookbooks are more developer-centric while puppet is developed by keeping system administrators in mind.

Puppet runs a puppet agent on all servers to be configured and it pulls the compiled module from the puppet server and installs required software packages specified in the module. You can find all community Puppet Modules from Puppetforge


Saltstack is a python based opens configuration management tool. Unlike chef and puppet, Saltstack supports remote execution of commands. Normally in chef and puppet, the code for configuration will be pulled from the server while, in Saltstack, the code can be pushed to many nodes simultaneously. The compilation of code and configuration is very fast in Saltstack.

Note: The tool selection should be completely based on project requirements and the team’s ability to learn and use the tool. For example, You can use Ansible to create infrastructure components and to configure VM instances. So if you have a small team and environment, terraform is not required to manage the infrastructure separately. Again it depends on how the existing team can learn and manage the toolsets.

Continuous Integration/Deployment


Jenkins is a java based continuous integration tool for faster delivery of applications. Jenkins has to be associated with a version control system like GitHub or SVN. Whenever a new code is pushed to a code repository, the Jenkins server will build and test the new code and notifies the team for the results and changes.

You Might Like: Jenkins Tutorial For Beginners 

Jenkins is not just a CI tool anymore. Jenkins is been used as an orchestration tool by building pipelines for application provisioning and deployment. Its new pipeline as code functionality lets you keep the CI/CD pipelines as a complete code.


Vagrant is a great tool for configuring virtual machines for a development environment. Vagrant runs on top of VM solutions like VirtualBox, VMware, Hyper-V, etc. It uses a configuration file called Vagrantfile, which contains all the configurations needed for the VM.  Once a virtual machine is created, it can be shared with other developers to have the same development environment. vagrant has plugins for cloud provisioning, configuration management tools (chef, puppet, etc,) and  Docker.


If you want to follow VM based immutable infrastructure patters, the packer comes in handy to package all dependencies and build deployable VM images. It supports both private clouds and public cloud VM image management. You can also make Packer a stage in you CI pipeline to build a VM image as a deployable artifact.


Docker works on the concept of process-level virtualization. Docker creates isolated environments for applications called containers. These containers can be shipped to any other server without making changes to the application. Docker is considered to be the next step in virtualization. Docker has a huge developer community and it is gaining huge popularity among DevOps practitioners and pioneers in cloud computing.


Helm is a deployment manager for Kubernetes. You can deploy any complex application on a Kubernetes cluster using Helm Charts. It has great templating features that support templates for all kubernetes objects like deployments, pods, services, config maps, secrets, RBAC, PSP, etc.

Kubernetes Operators

If you using Kubernetes, the operator pattern is something you should really look at. It helps in automating and managing the Kubernetes application with custom user-defined logic. You can use GitOps methodologies to have a completely automated kubernetes deployments based on Git changes and verifications.

Config/Secret Management


Consul is an opensource highly-available key-value store. It is mainly used for service discovery purposes. If you have a use case to store and retrieve configurations in real-time, consul is the right fit.


etcd is another opensource key-value store created by the CoreOS team. It is one of the key components used in Kubernetes for storing the state of cluster operations and management.


Vault is an open-source tool for storing and retrieving secret data. It provides many functionalities to store your secret key in an encrypted way. You can create ACLs, policies, and roles to manage how the secrets will be accessed by end-users.


Prometheus & Alert Manager

Prometheus is an open-source monitoring system. It is very lightweight and specifically built for modern application monitoring. It supports Linux server and container monitoring.

It has out of the box support for Kubernetes and Openshift monitoring. The alert manager manages all the alerting set up for the monitoring metrics.

New Relic

New Relic is a cloud-based (SaaS) solution for application monitoring. It supports the monitoring of various applications like Php, Ruby, Java, NodeJS, etc. It gives you real-time insights about your running application. A new relic agent should be configured in your application to get real-time data. New relic uses various metrics to provide valuable insights about the application it is monitoring.


Sensu is an open source monitoring framework written in Ruby. Sensu is a monitoring tool specifically built for cloud environments. It can be easily deployed using tools like chef and puppet. It also has an enterprise edition for monitoring.


Datadog is also a cloud-based (Saas) application and server monitoring solution. You can monitor docker containers and other applications using Datadog.

Other tools worth considering,

  1. Riemann (Open Source Monitoring Tool)
  2. AppDynamics (For application monitoring)
  3. (For log analysis and management)
  4. ELK stack (Elasticsearch, Logstash, Kibana)
  5. Splunk (Log analysis and alerting)


Infrastructure automation is a requirement for every DevOps team. Usage and selection of a tool depend on factors like cost, skillset, functionality, etc.

Again one tool will not definitely fit your needs. The selection of toolsets should be based on the organization’s/team requirements rather than the functionality of the tool.

You can also check out this article on 90 devops tools list

So what tools are you using for infrastructure automation?

Infrastructure Automation for devops