Planet Puppet

Your source of Puppet technical information

29th May 2020: IAC Team Status Update

sanfrancrisko, 1 day, 12 hours | Source: Puppet IAC Team

Greetings from the IAC Team - here’s our status update for this week!

Module Releases from IAC Team

Here’s the new releases in the modules this week:

Module Releases from Puppet

Here’s some module releases from other teams in Puppet you may be interested in:

Gem Releases

We’re happy to announce a new version of Litmus has been released:

Community Contributions

The wonderful community members that continue to contribute to our modules have provided us ...

[ Read More ]

Are speed and security mutually exclusive?

Anonymous, 3 days, 20 hours | Source: Puppet

IT executives consistently identify cybersecurity and speed among their top priorities. But is it possible to move both faster and more securely?

[ Read More ]

Bitten by HA: PuppetDB & PostgreSQL

Raphaël Pinson, 1 week | Source: Camptocamp Blog

Last Wednesday morning, a colleague informed me that our internal Puppet infrastructure was performing slowly. Looking at the Puppetboard, I quickly realized there was another issue: all the nodes were marked as unreported, with the last report dating from more than 24 hours in the past.

I checked the PuppetDB logs and saw that the reports were coming fine and being saved, so something else was wrong.

PuppetDB Upgrade

After a few hours of debugging, I still had no clue so I resorted to the option of upgrading the PuppetDB. I ideally wanted to stay with PuppetDB 5.x to avoid ...

[ Read More ]

22nd May 2020: IAC Team Status Update

pmcmaw, 1 week, 1 day | Source: Puppet IAC Team

The IAC team has been working on a lot of new things over the past week. We want to share with our community some pretty interesting things. Here’s a brief overview of what we’ve been up to:

Daiana has been made permanent!

We are absolutely delighted to announce our current intern, Daiana, has recently been offered a permanent job role. Daiana has been a major influence on our community reporting tool for when we are triaging PRs and releasing modules. Some of the work Daiana has been carrying out can be viewed here. We are so excited that ...

[ Read More ]

Puppet Tip 117 - Managing extra repositories with Tiny Puppet

Anonymous, 1 week, 2 days | Source: Example 42

I’ve written recently a post about Tiny Puppet, which is a recommended reading if you want to understand some of its internals. Now, here, I want to talk about how you can use it to manage interesting and juicy extra packages repositories with it. Managing packages repositories with Tiny Puppet RedHat based repositories Ubuntu / Debian based repositories Adding custom repositories Managing packages repositories with Tiny Puppet I suppose everybody who works with RedHat Linux or derivatives is well aware of EPEL, a collection of packages, totally compatible with the default set of packages, shipped with RedHat Enterprise Linux (and ...

[ Read More ]

Use Onceover to start testing your Puppet control repository

Anonymous, 1 week, 2 days | Source: Puppet

Is there a simple way to quickly test your Puppet code? Yes! The answer is Onceover, and this blog post will show you how.

[ Read More ]

Enforcing CIS compliance with Puppet

Anonymous, 1 week, 5 days | Source: Puppet

Compliance is a big pain point for many companies — and one of the most important things to get right. See how our new CIS compliance service can help.

[ Read More ]

Taming Puppetserver 6 Pt II: Garbage Collection

Raphaël Pinson, 2 weeks, 1 day | Source: Camptocamp Blog

Now that our internal Puppet Infrastructure is migrated to Puppet 6 and tuned, it was time to switch a second infra to it.

Yesterday, I migrated our second infrastructure, and started seeing more issues. The rules-of-thumb from last post were useful, but I still needed to upgrade available memory to make up for a lack of computing power (probably to be imputed to the underlying IaaS throttling virtual CPUs).

And then, a Puppetserver crashed with a GC overhead limit exceeded error. This error happens when the CPU spends more than 98% performing garbage collection.

Analyzing Garbage Collection Data

Looking ...

[ Read More ]

15st May 2020: IAC Team Status Update

daianamezdrea, 2 weeks, 1 day | Source: Puppet IAC Team

The IAC team has been working on a lot of new things over the past week. We want to share with our community some pretty interesting things. Here’s a brief overview of what we’ve been up to:

COVID-19 who?

We don’t count anymore the days as a fully remote working team, but we count the days when we work hard and with all the energy we have for the best results! #unstoppableteam #workHard #staysafe #thinkpositive

Module Releases

Modules released this week:

PDK was released

Thanks to scotje for his help in getting this ...

[ Read More ]

Telemetry that doesn't suck

Anonymous, 2 weeks, 1 day | Source:

We both know that you hate telemetry as much as I do. We’ve all seen the dreadful rollouts of privacy invasions, the information leakage, and the abuse of private data. I have third-party cookies disabled in my browser the same as you. So when I started building Dropsonde, the upcoming metrics framework for Puppet infrastructures, privacy was my highest concern.

As a matter of fact, I have a firm rule that new features or metrics only get implemented if they meet four criteria:

  1. They provide real value to the end user (that’s you).
  2. They’re transparent about what data ...

[ Read More ]

Taming Puppetserver 6: a Grafana story

Raphaël Pinson, 2 weeks, 3 days | Source: Camptocamp Blog

After some time preparing for the migration, yesterday was finally the time to switch our first production Puppetserver to Puppet 6.

Everything was ready: we had been running both versions of the server alongside each other for some time, performing catalog diffs, and nothing seemed to be getting in the way as I went into ArgoCD and deployed the new version of the stack.

Deploying the Puppetserver in ArgoCD

The first 30 minutes went fine. But then catalogs started failing compilation, and other services colocated on the OpenShift cluster became slow.

The Problem

In retrospect, I should have known something was wrong. Two weeks ...

[ Read More ]

Configure and manage Oracle Cloud Infrastructure components with Puppet

Anonymous, 2 weeks, 3 days | Source: Puppet

Define and manage Oracle Cloud Infrastructure with your existing Puppet code using the new module from Enterprise Modules.

[ Read More ]

Keep an eye on your Terraform states

Raphaël Pinson, 3 weeks, 1 day | Source: Camptocamp Blog

This blog post was originally published on

About 4 years ago, we started using Terraform. Many things we were doing manually in the cloud at the time are now coded. As a result, our Terraform base code now contains over a hundred states.

Terraform everything!

A lot of those resources already existed before, some managed by CloudFormation, others manually. Being able to import resources has helped a lot to integrate new Terraform code with existing infrastructure. We now have a unified system to control them, and most importantly to know who created them, how and why. Collaboration was ...

[ Read More ]

8th May 2020: IAC Team Status Update

DavidS, 3 weeks, 1 day | Source: Puppet IAC Team

The IAC team has been working on a couple of interesting things in the past week. Here’s a brief overview of what we’ve been up to:

Module Releases

Modules released this week:

Modules released by other teams around the company:

Team Roster Changes

Michael Lombardi, our resident Windows and PowerShell expert, has announced great news and will not be available for the next while.

A big HORRAY!! and all the best from the team!

Virtual Puppet Camp Germany

Puppet Camp Berlin has come and gone. Paula ...

[ Read More ]

Puppet Tip 116 - Puppet Control-Repo Workflow

Anonymous, 3 weeks, 4 days | Source: Example 42

When starting with Puppet you usually first create your Puppet GIT control-repository, a single place from where you can rebuild your whole Infrastructure with Puppet. Within this Puppet control repository you separate upstream library modules (forge modules) from your own code. Upstream libraries are added to Puppetfile (preferably specifying the version of each module). It is up to you, whether you just copy and adopt our Open Source Control-Repository or if you prefer to start with an empty repository. Each branch in the Puppet control repository will be deployed as a Puppet environment. In both cases you want to carefully ...

[ Read More ]

Downstream impact of pull requests

Anonymous, 1 month | Source:

Accepting a pull request carries a certain amount of risk, especially if you have a lot of downstream users of your code. It’s not easy to know the potential impact of breakage that a PR might introduce to your carefully tested codebase.

A couple weeks ago I wrote about a tool that can show a pretty complete analysis of who’s using the different part of your Puppet modules. It can show which parts are heavily used, and which parts are less important. And it can even link you to the source repositories of those modules, if you’d like to help ...

[ Read More ]

Data consistency testing in Puppet, Part III: Direct data assertions

Alex Harvey, 1 month | Source: Alex Harvey | Puppet

In this third and probably the last part of this series, I look at the method of using Rspec to make direct assertions about Hiera data. Usually, the purpose of these assertions is to work around design flaws in a code base that cannot be easily corrected.


In my experience of infrastructure-as-code solutions, whether written in Puppet or ...

[ Read More ]

Writing a great README

Anonymous, 1 month, 1 week | Source:

Surprisingly enough, it’s not really that hard to write a good README. The key is to remember who you’re writing for and why. See, it’s all about time and resource management—specifically, the time that a reader is willing to give you.

This is often overlooked because most people write READMEs to be informative, but they don’t take into account how much context is implied. Most people reading about your project for the first time are not yet invested in it. If your story isn’t immediately compelling, without all the implied context that you’ve got due to your involvement in the ...

[ Read More ]

Puppet Tip 115 - Five Years of Tiny Puppet

Anonymous, 1 month, 1 week | Source: Example 42

When my colleague Martin Alfke suggested me to write a blog post about Tiny Puppet, I wondered what I could write about it that I haven’t written before. So I started to look at the past blog posts and I realized that more than five years have already passed since the first announcement, in January 2015. At those times Tiny Puppet came as a natural evolution of the first generation and the “NextGen” example42 Puppet modules: a large set of modules, now mostly deprecated, with a standard structure that became a pain to maintain for a single person. Tiny Puppet ...

[ Read More ]

Impact Analysis of Puppet Modules

Anonymous, 1 month, 3 weeks | Source:

Have you ever wondered who’s using your Puppet modules? Or have you hesitated before changing a class parameter because you don’t really know how many people will be affected downstream? Maybe you hesitated before deprecating a barely supported and almost certainly unused subclass because… well, you didn’t really know for sure that it was unused.

Rangefinder is the tool for you. Just run it on the source code you’re working on and it will tell you who might be affected.

[~/Projects/puppetlabs-concat]$ rangefinder manifests/fragment.pp
[concat::fragment] is a _type_
The enclosing module is declared in 173 of 575 indexed public Puppetfiles ...

[ Read More ]