I tend to agree with Raspberry Fan. It is anything but a hack. In full transparency, I work for CFEngine, but would also go on to say I evaluated Puppet and other such recent technologies as part of my previous job at VMware.
The question to ask imho is not whether you should use Puppet or CFEngine or Ansible, but what it is you are trying to achieve.
CFEngine is robust technology, that is built on fundamentals of promise theory. Look it up and also look up autonomous automation.
On the practical side, its the most secure software in this category having no NIST vulnerabilities to date. Also it is much more scalable than the 200-300 servers/entities some of these other softwares can manage.
Lastly, if you are looking for a 'fire and forget' approach and believe system administration is about managing routine and mundane tasks day in and day out cfengine could do that very well. But then you must also believe systems are immutable as well a fallacy on which these fire and forget softwares are built.
But if you are looking for a truly autonomous sytem one that is lightweight, super scalabale (talking thousands of machines served by a policy master), secure, and has the capability to provide autonomic control in your infarastructure only CFEngine does it.
And lets dispel this myth. The power you get from spending some time with the CFEngine rewards you many times over. But if you want to take the easy approach there are enough useful abstractions in CFE as well to get you started.
So, there you go. It all depends on what you want to do and why you want to do so, before you choose how.
---------- Post updated at 04:30 PM ---------- Previous update was at 04:20 PM ----------
you may also find some of these thoughts interesting as you make your decision would be great to know what you find independently as we value your opinions and reasons for choosing or not choosing to go with CFEngine
I cant post URL's here and dont want to spam either so here are some resources for you to do independent study:
1. look for marco's blog and reasoning for "why i gave up puppet and chose cfengine"
edit by Scott: added link to blog post
2. there are other neat use cases (both routine and extreme in terms of scale/leveraging ec2 spot rates etc) that have been presented by LinkedIn, percolate... etc. look on youtube or the cfengine website
3. and as pointed out some of the largest fin-serv orgs are users of cfengine. JPMC being one of them and having inducted CFEngine into the hall of fame. search for it and you can see why managing directors on at JPMC they feel CFEngine is solid technology bar none when it comes to automation software
I doubt a software that is a "hack" would get this kind of credibility!!