Chef, the infrastructure automation platform, provides users with the ability to manage their server fleet no matter what the size. Offered both as an open source tool and as an enterprise edition, Chef’s primary Chef server — the master server from which users can work to create cookbooks — is available both as a hosted offering and as a tool available for download and configuration on your own servers.
It is the Chef server itself that can be privately- or Chef-hosted. Nodes will always be maintained on the user or company’s own infrastructure — whatever that infrastructure may be. The Chef server is what hosts cookbooks, roles, and node definitions.
But what are the overall differences between the two ways to manage the Chef server?
At the most basic level, the difference between a hosted Chef server and a private one is that Chef (the company) maintains the infrastructure behind the Chef server on hosted Chef, offering it as a SaaS product — or software as a service. Meaning that the Chef server is offered on a subscription basis and hosted centrally on Chef’s cloud. This offers the same positives and problems that any SaaS software provides:
Systems administrators cannot alter or otherwise manage the underlying server behind a hosted Chef server — the operating system, security, and management of the Chef server lies with Chef. While this removes technical overhead and very well may be the perfect solution for some companies, it can also cause some security issues in companies that have certain security requirements in terms of server location and other related limitations that come with not having access to the underlying system.
Hosted Chef is free for up to five nodes — ideal for testing — but has a minimum of 20 nodes for the paid service, with a current (as of 9/2016) cost of $72 per managed node.
Private Chef can be one of two Chef services: Basic — and free — open source Chef, and Chef Automate, which is Chef’s newest offering in the form of a continuous delivery platform that combines Chef with InSpec, Chef the company’s compliance software, and Habitat, their application deployment software. Private Chef allows users to ensure their Chef server infrastructure follows any security guidelines put in place by their company or government, although this also means that any outages, issues, or errors with the server are in the hands of the system administrators to fix. As with security, whether or not this is a concern for the company heavily depends on the company’s own personnel limitations and infrastructure goals.
Private Chef has the benefit of offering a completely free and open source option, so, unlike hosted Chef, never has to cost the user a dime, beyond the cost of running the server and nodes. Chef Automate, in contrast, costs $137 per node, but provides users with more features and 24/7 support (support plans can be purchased for Basic Chef users, however).
Overall, which Chef setup is ideal depends heavily on the user and company that wants to apply Chef to their infrastructure. Cost, security, node amounts, and maintenance time (on the part of the server) are all things that need to be considered when adopting Chef. But whether privately run or hosted by Chef, Chef provides users with options that suits a number of needs.