Planet Puppet

Your source of Puppet technical information

10th July 2020: IAC Team Status Update

adrianiurca, 2 days | Source: Puppet IAC Team

This has been as short week for the IAC team and we mostly focused our attention on maintenance and support activities. We want to share with our community some of the most interesting things. Here’s a brief overview of what we’ve been up to:

Module Releases from IAC Team

Community Shoutouts for IAC

We appreciate our community contributors as they are always ready to help and they have excellent ideas. Here are some highlights of this week:

Thanks to Ben Ford for his great idea feature on community_management.

Thanks to Chris Denneen for the ...

[ Read More ]

User interface design and its importance in the user experience

Anonymous, 4 days, 5 hours | Source: Puppet

User interface design is more than simple aesthetics. It’s an essential part of the design process that drives positive user experiences.

[ Read More ]

3th July 2020: IAC Team Status Update

daianamezdrea, 1 week, 2 days | Source: Puppet IAC Team

The IAC team has been working on a lot of things over the past week. We want to share with our community some of the most interesting things. Here’s a brief overview of what we’ve been up to:

Module Releases from IAC Team

puppet_litmus 0.18.4 was released

We have released v0.18.4 of the [puppet_litmus gem][]. There were quite a number of fixes but a few highlights worth mentioning:

DavidS - Protect version reporting from undefined-ness: 312

lswith - Ignore stderr of serverspec commands by setting request pty to false 309

Community Shout ...

[ Read More ]

Apache MOD Test Maintenance

sanfrancrisko, 1 week, 2 days | Source: Puppet IAC Team

This week sees version v5.5.0 of the puppetlabs-apache module released. There are a lot of new features within this release - check out the CHANGELOG entry for this version to see what’s included.

The last release of this module was v5.4.0 on 2020-01-23, over 5 months ago. Currently the IAC Team is responsible for these supported modules and tools. As a small team we always continue to improve our processes to ensure we’re maximising our time and efforts. Still, the gap in time between the release of v5.4.0 and v5.5.0 of the puppetlabs-apache module was a concern for ...

[ Read More ]

Status Update

Anonymous, 1 week, 2 days | Source: Puppet IAC Team

layout: post title: “3th July 2020: IAC Team Status Update” author: daianamezdrea categories:

  • team
  • status tags:
  • releases
  • community_management
  • java_ks
  • tagmail
  • apache
  • ibm_installation_manager
  • litmus
  • shoutouts

The IAC team has been working on a lot of things over the past week. We want to share with our community some of the most interesting things. Here’s a brief overview of what we’ve been up to:

Module Releases from IAC Team

puppet_litmus 0.18.4 was released

We have released v0.18.4 of the [puppet_litmus gem][]. There were quite a number of fixes but a few highlights worth mentioning: ...

[ Read More ]

Power your Puppet reports with PowerBI in 10 minutes

Anonymous, 1 week, 2 days | Source: Puppet

This article provides a step-by-step guidance to connect PuppetDB to PowerBI to create interactive reports and dashboards in 10 minutes.

[ Read More ]

Announcing the Relay public beta

Anonymous, 2 weeks, 3 days | Source: Puppet

Explore how Relay by Puppet connects infrastructure/ops platforms, APIs, and tools together into an extensible, easy-to-automate tasks and events platform.

[ Read More ]

How one bank modernized their infrastructure and optimized costs

Anonymous, 3 weeks, 2 days | Source: Puppet

See how the Royal Bank of Scotland Group moved from physical servers and manual processes to VMs, the cloud and automation — and saved £7 million.

[ Read More ]

Puppet Tip 118 - Using EYAML-GPG to store secrets in Hiera

Anonymous, 1 month | Source: Example 42

There are situations when you want to store secrets like passwords, tokens or usernames in Hiera. The default way to do this is to use Hieras E(ncrypted)YAML implementation based on PKCS7. You can find out more about that at: Encrypt your secrets with Hiera eyaml Pros and cons of the two EYAML mechanisms EYAML EYAML uses a public/private keypair. The public key goes out to all users. They are able to encrypt content; then, the private key is stored somewhere safe and on the Puppetservers. This key is the only way to decrypt content. This is pretty easy to configure, ...

[ Read More ]

Gathering metrics with a new Dropsonde plugin

Anonymous, 1 month | Source:

I’ve been working on the Dropsonde telemetry framework for the Puppet ecosystem for a while. If you’ve followed any of its development, you likely already know that the main focus is on providing community value and maintaining privacy and transparency.

Along those lines, the data it generates is public and you’re invited to help implement the metrics, or even to use the framework to gather your own metrics as long as they fit within our privacy standards. For example, David could use this framework to identify how many people were using Slack or Rocket.Chat integrations with the Puppet Webhook Server ...

[ Read More ]

All the ways to manage files with Puppet

Raphaël Pinson, 1 month | Source: Camptocamp Blog

"Everything is a file" is a very famous Unix principle. And because of this, most of configuration management on Unix/Linux revolves around managing files.

Know your Tools

Puppet, as a configuration management tool, is no exception to this. As a consequence, there are many ways to manage configuration files with Puppet. They all have a reason to exist, and a purpose to fulfill.

Know your tools

Knowing your tools is the object of this blog post, with the following topics:

[ Read More ]

Getting Puppet Report Metrics from PuppetDB

Raphaël Pinson, 1 month, 1 week | Source: Camptocamp Blog

Puppet agent run reports contain useful metrics, such as the number of resources that were modified or failed to apply, or how much time each step of the run took.

The traditional way of retrieving these metrics is using a report processor on the Puppet master.

Since Prometheus is now a de facto standard in metrics collection, there exists a Prometheus reporter, maintained by the VoxPupuli community. However, it uses a dropzone directory of yaml files with a local node exporter, so it's not a very clean approach.

On top of this, reports and their metrics are already exported ...

[ Read More ]

Bitten by HA: PuppetDB & PostgreSQL

Raphaël Pinson, 1 month, 2 weeks | Source: Camptocamp Blog

Last Wednesday morning, a colleague informed me that our internal Puppet infrastructure was performing slowly. Looking at the Puppetboard, I quickly realized there was another issue: all the nodes were marked as unreported, with the last report dating from more than 24 hours in the past.

I checked the PuppetDB logs and saw that the reports were coming fine and being saved, so something else was wrong.

PuppetDB Upgrade

After a few hours of debugging, I still had no clue so I resorted to the option of upgrading the PuppetDB. I ideally wanted to stay with PuppetDB 5.x to avoid ...

[ Read More ]

Puppet Tip 117 - Managing extra repositories with Tiny Puppet

Anonymous, 1 month, 3 weeks | Source: Example 42

I’ve written recently a post about Tiny Puppet, which is a recommended reading if you want to understand some of its internals. Now, here, I want to talk about how you can use it to manage interesting and juicy extra packages repositories with it. Managing packages repositories with Tiny Puppet RedHat based repositories Ubuntu / Debian based repositories Adding custom repositories Managing packages repositories with Tiny Puppet I suppose everybody who works with RedHat Linux or derivatives is well aware of EPEL, a collection of packages, totally compatible with the default set of packages, shipped with RedHat Enterprise Linux (and ...

[ Read More ]

Taming Puppetserver 6 Pt II: Garbage Collection

Raphaël Pinson, 1 month, 3 weeks | Source: Camptocamp Blog

Now that our internal Puppet Infrastructure is migrated to Puppet 6 and tuned, it was time to switch a second infra to it.

Yesterday, I migrated our second infrastructure, and started seeing more issues. The rules-of-thumb from last post were useful, but I still needed to upgrade available memory to make up for a lack of computing power (probably to be imputed to the underlying IaaS throttling virtual CPUs).

And then, a Puppetserver crashed with a GC overhead limit exceeded error. This error happens when the CPU spends more than 98% performing garbage collection.

Analyzing Garbage Collection Data

Looking ...

[ Read More ]

Telemetry that doesn't suck

Anonymous, 1 month, 4 weeks | Source:

We both know that you hate telemetry as much as I do. We’ve all seen the dreadful rollouts of privacy invasions, the information leakage, and the abuse of private data. I have third-party cookies disabled in my browser the same as you. So when I started building Dropsonde, the upcoming metrics framework for Puppet infrastructures, privacy was my highest concern.

As a matter of fact, I have a firm rule that new features or metrics only get implemented if they meet four criteria:

  1. They provide real value to the end user (that’s you).
  2. They’re transparent about what data ...

[ Read More ]

Puppet Tip 116 - Puppet Control-Repo Workflow

Anonymous, 2 months, 1 week | Source: Example 42

When starting with Puppet you usually first create your Puppet GIT control-repository, a single place from where you can rebuild your whole Infrastructure with Puppet. Within this Puppet control repository you separate upstream library modules (forge modules) from your own code. Upstream libraries are added to Puppetfile (preferably specifying the version of each module). It is up to you, whether you just copy and adopt our Open Source Control-Repository or if you prefer to start with an empty repository. Each branch in the Puppet control repository will be deployed as a Puppet environment. In both cases you want to carefully ...

[ Read More ]

Downstream impact of pull requests

Anonymous, 2 months, 1 week | Source:

Accepting a pull request carries a certain amount of risk, especially if you have a lot of downstream users of your code. It’s not easy to know the potential impact of breakage that a PR might introduce to your carefully tested codebase.

A couple weeks ago I wrote about a tool that can show a pretty complete analysis of who’s using the different part of your Puppet modules. It can show which parts are heavily used, and which parts are less important. And it can even link you to the source repositories of those modules, if you’d like to help ...

[ Read More ]

Data consistency testing in Puppet, Part III: Direct data assertions

Alex Harvey, 2 months, 2 weeks | Source: Alex Harvey | Puppet

In this third and probably the last part of this series, I look at the method of using Rspec to make direct assertions about Hiera data. Usually, the purpose of these assertions is to work around design flaws in a code base that cannot be easily corrected.


In my experience of infrastructure-as-code solutions, whether written in Puppet or ...

[ Read More ]

Writing a great README

Anonymous, 2 months, 3 weeks | Source:

Surprisingly enough, it’s not really that hard to write a good README. The key is to remember who you’re writing for and why. See, it’s all about time and resource management—specifically, the time that a reader is willing to give you.

This is often overlooked because most people write READMEs to be informative, but they don’t take into account how much context is implied. Most people reading about your project for the first time are not yet invested in it. If your story isn’t immediately compelling, without all the implied context that you’ve got due to your involvement in the ...

[ Read More ]