Automating modern IT with Splunk & Puppet

Deepak Giridharagopal, 7 hours, 50 minutes | Source: Puppet Labs

[ Read More ]

Tip of the Week 39 - Secure data management with multiple eyaml keys

Anonymous, 1 day, 19 hours | Source: Example 42

With improved security implementations it is often required that keys must be separate among different infrastructure stages. This means that we have to deal with multiple eyaml keys for production-stage and ci- and development-stage. Nobody may have the private production key. Everybody should have access to the production public key (which is used for encryption). All other keys can be made available to everybody. First let’s set some top scope variable by analysing facts: # Set top scope variables # eyaml key selection based on existence of an external fact: # 'eyaml_private_base_path' # when fact is set, then we run on spec tests ...

[ Read More ]

Tune into All Day DevOps, the world’s largest DevOps event

Simone Van Cleve, 4 days, 4 hours | Source: Puppet Labs

[ Read More ]

Tests & vmpooler or: How I learned to stop worrying and make videos

Tiffany Longworth, 5 days, 4 hours | Source: Puppet Labs

[ Read More ]

Welcome to the Puppet family, Distelli!

Sanjay Mirchandani, 6 days, 5 hours | Source: Puppet Labs

[ Read More ]

Load testing Choria

R.I. Pienaar, 1 week | Source: R.I.Pienaar - www.devco.net

Overview

Many of you probably know I am working on a project called Choria that modernize MCollective which will eventually supersede MCollective (more on this later).

Given that Choria is heading down a path of being a rewrite in Go I am also taking the opportunity to look into much larger scale problems to meet some client needs.

In this and the following posts I’ll write about work I am doing to load test and validate Choria to 100s of thousands of nodes and what tooling I created to do that.

Middleware

Choria builds around the NATS middleware which ...

[ Read More ]

Tip of the Week 38 - When to place data in hiera

Anonymous, 1 week, 1 day | Source: Example 42

When Puppet Inc. released hiera, we gained the possibility to separate data from code. Prior hiera we used logic patterns like if and case to identify differences in our platform and configurations. With hiera we started using the hiera lookup function to fetch data based on a hierarchy where we specify differences of our platform. This lead to cleaner, better maintainable code. Now people started putting data no longer into their code, which lead to huge hiera data files and hard to maintain hierarchies. The biggest problem is to identify when to put data in hiera and when to keep ...

[ Read More ]

Tip of the Week 37 - Automated, reusable hiera eyaml setup

Anonymous, 2 weeks, 1 day | Source: Example 42

Many people prefer to have sensitive data not in plain text in hiera. Instead of plain text the eyaml - encrypted yaml - hiera extension is widely used. But how to deal with public/private key pair? Where to store them? Where to place them? Why do you want to store your keys? After bootstrapping your Puppet server and installing eyaml you usually run the eyaml createkeys command. This generates a private/public key pair. Now you start encrypting your data using eyaml encrypt. For encryption only the public key is required. Normally you will work with a larger group of people ...

[ Read More ]

Tip of the Week 36 - Testing any role on any OS with a PSICK control repo

Anonymous, 3 weeks, 1 day | Source: Example 42

Short version of the post: cd vagrant/environment/ostest ln -sf hieradata/role/${::role}.yaml hieradata/role/ostest.yaml vagrant up [vm] Long version of the post: PSICK explained, again :-) PSICK is the Puppet control repo of reference we use in example42 to bootstrap new projects and to test new modules and design patterns. It contains the evolving synthesis of our best practices and 10 years of Puppet experience, so it’s full of stuff, from tools to help with Puppet development, to CI for testing Puppet deployments, from a rich set of opinionated profiles to a solid and flexible ...

[ Read More ]

puppet network module 3.10.0

Michael Arnold, 1 month, 3 weeks | Source: The Razor's Edge

Today, I have released a large update to my Red Hat network Puppet module to the Puppet Forge.  Numerous pull requests were merged including: Added support for promiscuous interfaces. (Elyse Salberg) Added a parameter to disable restart of network service on change. (Evgeni Golov) Added support for netmask and broadcast parameters in alias range. (Nick […]

[ Read More ]

strict_variables and the RazorsEdge Puppet Modules

Michael Arnold, 2 months | Source: The Razor's Edge

Over the past month I have been adding much needed support for running Puppet with strict_variables = true to all of the RazorsEdge Puppet modules. Thanks to coreone, I finally had a solution that did not require tearing out the legacy global variable support. As much as I think that continued inclusion of global variable […]

[ Read More ]

Converting and Formatting Data Like a Pro With Puppet 4.5.0

Henrik Lindberg (noreply@blogger.com), 2 months, 3 weeks | Source: Puppet on the Edge

Before Puppet 4

Before Puppet 4.0.0 there was basically only the data types; String, Boolean, Array, Hash, and Undef. Most notably missing were numeric types (Numeric, Integer, and Float). In Puppet 4.0.0 those and many other types were defined and implemented in a proper type system. This was all good, but a few practical problems were not solved; namely data conversion. In Puppet 4.5.0 there is a new feature that will greatly help with this task. But first lets look at the state of what is available in prior versions.

Converting String to Number ...

[ Read More ]

Managing SSH server security with Puppet

rnelson0, 2 months, 3 weeks | Source: RNELSON0

Edit: In an earlier edition, I credited the wrong newsletter as the source. My apologies to R.I.Pienaar! In this past week’s DevCo Newsletter, I saw the Rebex SSH Check, which reminded me that I’ve locked down the SSH server security configuration at work, but not at home. Sounds like a good opportunity to blog about […]

[ Read More ]

Puppet 5 has arrived!

rnelson0, 2 months, 3 weeks | Source: RNELSON0

If you missed the news this past week, the Puppet 5 Platform was released! Read the announcement and the release notes for some great details. Congratulations to everyone at Puppet for getting this new release out the door. I’m looking forward to diving in with it as soon as a Puppet Enterprise release is out, […]

[ Read More ]

Where to store Puppet files and templates

rnelson0, 3 months | Source: RNELSON0

I haven’t written a blog post in a while because I’ve been bogged down in work and life and not had much time in the lab. To make sure I don’t get too out of practice, I’m going to try writing some shorter tips and tricks articles. Let me know what you think. A few […]

[ Read More ]

puppet snmp module 3.8.1

Michael Arnold, 3 months, 1 week | Source: The Razor's Edge

Recently, I have delivered several long-awaited releases of my Net-SNMP to the Puppet Forge. Included are numerous fixes from community members: Change so that service_config_perms parameter, network, and community can be arrays. (Jordan Wesolowski) Add OpenBSD to the supported operating systems, similar to FreeBSD support. (Sebastian Reitenbach) Update README.markdown. (Rémy Garrigue) Create Parameters for template […]

[ Read More ]

Testing multiple Puppet versions with TravicCI (and allowing failures)

Dean Wilson (dwilson@unixdaemon.net), 3 months, 3 weeks | Source: Dean Wilson@UnixDaemon

When it comes to running automated tests of my public Puppet code TravisCI has long been my favourite solution. It’s essentially a zero infrastructure, second pair of eyes, on all my changes. It also doesn’t have any of my local environment oddities and so provides a more realistic view of how my changes will impact users. I’ve had two Puppet testing scenarios pop up recently that were actually the same technical issue once you start exploring them, running tests against the Puppet version I use and support, and others I’m not so worried about.

This use ...

[ Read More ]

Announcing multi_epp - Puppet function

Dean Wilson (dwilson@unixdaemon.net), 3 months, 4 weeks | Source: Dean Wilson@UnixDaemon

As part of refreshing my old puppet modules I’ve started to convert some of my Puppet templates from the older ERB format to the newer, and hopefully safer, Embedded Puppet (EPP).

While it’s been a simple conversion in most cases, I did quickly find myself lacking the ability to select a template based on a hierarchy of facts, which I’ve previously used multitemplate to address. So I wrote a Puppet 4 version of multitemplate that wraps the native EPP function, adds matching lookup logic and then imaginatively called it multi_epp. You can see an example of it ...

[ Read More ]

Declarative vs. Imperative paradigms

purpleidea, 4 months, 3 weeks | Source: The Technical Blog of James

Recently, while operating two different remote-controlled appliances, I realized that it was high time for a discussion about declarative and imperative paradigms. Let’s start by looking at the two remotes:

At first glance you will notice that one of these remotes is dark, and the other is light. You might also notice that my photography skills are terrible. Neither of these facts is very important to the discussion at hand. Is there anything interesting that ...

[ Read More ]

Talk about Choria and NATS

R.I. Pienaar, 4 months, 3 weeks | Source: R.I.Pienaar - www.devco.net

Recently I was given the opportunity by the NATS.io folk to talk about Choria and NATS on one of their community events. The recording of the talk as well as the slide deck can be found below.

Thanks again for having me NATS.io team!

[ Read More ]