If you don’t use the mysql root account very often and change passwords reasonably frequently you may (like me) find that you no longer know the mysql root password on a dev box.
Some thoughts - I’ve used puppet for a while and ansible more recently.
Ansible is easier to get started with
Puppet sequencing can be hard - and occasionally you get bugs appearing in odd places where there was a dependency that you hadn’t noticed - but things happened to work OK until some change
I’ve been using puppet and vagrant for a while, due to client choices we’re switching to ansible which I’m less familiar with - and Docker has been on my to learn list for a while.
I love vagrant - being able to bring up a VM locally that matches the production servers to a good degree is just brilliant, and being able to repeat deploys is invaluable in testing process.
The branching strategy I’ve found most effective and flexible is to use one branch per release version that is used for integration and feature branches off these for everything else.
It’s hard to visualise and I’ve tried drawing graphs but once I build in enough features to make the graph meaningful it is no longer easy to interpret.