PuppetConf speaker Martin Alfke on DevOps, ChatOps and learning Puppet

Aliza Earnshaw, 2 days, 12 hours | Source: Puppet Labs

[ Read More ]

Better module search on the Puppet Forge

Jesse Scott, 2 days, 19 hours | Source: Puppet Labs

[ Read More ]

How to get started with Puppet Enterprise: an FAQ

Grace Andrews, 3 days, 18 hours | Source: Puppet Labs

[ Read More ]

Package management on Windows with Chocolatey & Puppet

Rob Reynolds, 5 days, 19 hours | Source: Puppet Labs

[ Read More ]

Puppet 4 Sensitive Data Types

R.I. Pienaar, 2 weeks, 6 days | Source: R.I.Pienaar - www.devco.net

You often need to handle sensitive data in manifests when using Puppet. Private keys, passwords, etc. There has not been a native way to deal with these and so a cottage industry of community tools have spring up.

To deal with data at rest various Hiera backends like the popular hiera-eyaml exist, to deal with data on nodes a rather interesting solution called binford2k-node_encrypt exist. There are many more but less is more, these are good and widely used.

The problem is data leaks all over the show in Puppet – diffs, logs, reports, catalogs, PuppetDB – it’s not uncommon for ...

[ Read More ]

Puppet Lint Plugins - 2.0 Upgrade and new repo

Dean Wilson (dwilson@unixdaemon.net), 1 month | Source: Dean Wilson@UnixDaemon

After the recent puppet-lint 2.0 release and the success of our puppet-lint 2.0 upgrade at work it felt like the right moment to claw some time back and update my own (11!) puppet-lint plugins to allow them to run on either puppet-lint 1 or 2. I’ve now completed this and pushed new versions of the gems to rubygems so if you’ve been waiting for version 2 compatible gems please feel free to test away.

Now I’ve realised exactly how many plugins I’ve ended up with I’ve created a new GitHub repo, unixdaemon-puppet-lint-plugins, that ...

[ Read More ]

Puppet Lint 2.0 Upgrade

Dean Wilson (dwilson@unixdaemon.net), 1 month, 3 weeks | Source: Dean Wilson@UnixDaemon

With the recent puppet-lint 2.0 release it seemed a good time to bump the version we use at $WORK and see what’d changed. In theory it was as simple as changing the version in our Gemfile and ideally everything should continue as normal, but in practise it was a little more work than that and in this post I’m going to explain what we found.

Firstly let’s cover a lovely, free, bonus. On our test codebase puppet-lint 1.0.1 took about 25 seconds to run on average. Immediately after the upgrade to 2.0.0 ...

[ Read More ]

A look at the Puppet 4 Application Orchestration feature

R.I. Pienaar, 1 month, 4 weeks | Source: R.I.Pienaar - www.devco.net

Puppet 4 got some new language constructs that let you model multi node applications and it assist with passing information between nodes for you. I recently wrote a open source orchestrator for this stuff which is part of my Choria suite, figured I’ll write up a bit about these multi node applications since they are now useable in open source.

The basic problem this feature solves is about passing details between modules. Lets say you have a LAMP stack, you’re going to have Web Apps that need access to a DB and that DB will have a IP ...

[ Read More ]

Deploy your #Puppet Enterprise license key with Puppet

rnelson0, 1 month, 4 weeks | Source: RNELSON0

Since I manage my Puppet infrastructure with Puppet itself, I am for full automation. For Puppet Enterprise, that includes deploying the license key file from the puppet fileserver (profile/files/master/license.key served as puppet:///modules/profile/master/license.key). When upgrading to the latest Puppet Enterprise version, 2016.2.0, I encountered a change that was tricky to resolve – the puppet_enterprise::license class accepted […]

[ Read More ]

Fixing the mcollective deployment story

R.I. Pienaar, 1 month, 4 weeks | Source: R.I.Pienaar - www.devco.net

Getting started with MCollective has always been an adventure, you have to learn a ton of new stuff like Middleware etc. And once you get that going the docs tend to present you with a vast array of options and choices including such arcane topics like which security plugin to use while the security model chosen is entirely unique to mcollective. To get a true feeling for the horror see the official deployment guide.

This is not really a pleasant experience and probably results in many insecure or half build deployments out there – and most people just not bothering. This ...

[ Read More ]

Upgrading to Puppet 4 at #PuppetConf 2016

rnelson0, 2 months | Source: RNELSON0

As I did last year, I submitted a proposal for PuppetConf 2016 and it was accepted! As I did last year, I am requesting your help with it. The talk,  Enjoying the Journey from Puppet 3.x to 4.x, will help attendees lay out a plan to get to Puppet 4. I will be sharing my […]

[ Read More ]

Interacting with the Puppet CA from Ruby

R.I. Pienaar, 2 months | Source: R.I.Pienaar - www.devco.net

I recently ran into a known bug with the puppet certificate generate command that made it useless to me for creating user certificates.

So I had to do the CSR dance from Ruby myself to work around it, it’s quite simple actually but as with all things in OpenSSL it’s weird and wonderful.

Since the Puppet Agent is written in Ruby and it can do this it means there’s a HTTP API somewhere, these are documented reasonably well – see /puppet-ca/v1/certificate_request/ and /puppet-ca/v1/certificate/. Not covered is how to make the CSRs and such.

First ...

[ Read More ]

Ten minute hacks: Hacking airplane headphones

purpleidea, 2 months, 1 week | Source: The Technical Blog of James

I was stuck on a 14 hour flight last week, and to my disappointment, only one of the two headphone speakers were working. The plane’s media centre has an audio connector that looks like this:

The hole to the left is smaller than a 3.5mm headphone jack, and designed for a proprietary headphone connector that I didn’t have, and the two holes to the right are part of a different proprietary connector which match with the cheap airline headphones to provide the left and right audio channels.

[ Read More ]

CloudForms the Swiss army knife of Hybrid Cloud Management

laurent, 2 months, 3 weeks | Source: Laurent Domb Blog

Today a dream came true for me by getting the honor to present at Red Hat Summit in SF 2016 “Automation and configuration management across hybrid clouds with CloudForms, Satellite6 and Ansible Tower“. When I joined Trivadis in 2006 Daniel Steiner who was a Senior Linux Engineer took me under his wings (He had earned a Red Hat Fedora when he passed his RHCE before 2006) I told him that one day I will be speaking at Red Hat Summit. So today is that day. My gratitude goes to him for inspiring me to go down this path.

I am ...

[ Read More ]

Specialising validate_re with wrapper functions in Puppet

Dean Wilson (dwilson@unixdaemon.net), 2 months, 4 weeks | Source: Dean Wilson@UnixDaemon

Once your puppet code base reaches a certain size you’ll often have a number of validate_ functions testing parameters and configuration values for compliance with local rules and requirements. These invocations often look like this:

validate_re($private_gpg_key_fingerprint, '^[[:alnum:]]{40}$', 'Must supply full GPG fingerprint')

Once you’ve spent a minute or two reading that you’ll probably be able to understand it; but wouldn’t it be nice to not have to care about the exact details and focus on what you’re actually testing? An approach I’ve been experimenting with on one larger code base is to ...

[ Read More ]

CloudForms Hybrid Cloud Sessions at Red Hat Summit SF 2016

laurent, 3 months | Source: Laurent Domb Blog

Please join us at Red Hat Summit in SF and attend the sessions below. Those sessions highlight how versatile CloudForms is and what problems it can solve for you.
Red Hat Summit pass discounted rate of $1,195: RHSRAF

Tuesday, 10:15am
Enabling digital transformation via the Red Hat management portfolio
Alessandro Perilli, Red Hat
Joe Fitzgerald, Red Hat
William Nix, Red Hat

Tuesday, 3:30pm
Red Hat Cloud roadmap

James Labocki, Red Hat
Rob Young – Principal Product Manager, Red Hat
Xavier Lecauchois, Red Hat

Tuesday, 3:30pm
Red Hat containers roadmap
Mike McGrath – Managing Architect, Platform, Red Hat
Xavier ...

[ Read More ]

Automatic clustering in mgmt

purpleidea, 3 months | Source: The Technical Blog of James

In mgmt, deploying and managing your clustered config management infrastructure needs to be as automatic as the infrastructure you’re using mgmt to manage. With mgmt, instead of a centralized data store, we function as a distributed system, built on top of etcd and the raft protocol.

In this article, I’ll cover how this feature works.

Foreword:

Mgmt is a next generation configuration management project. If you haven’t heard of it yet, or you don’t remember why we use a distributed database, start by reading the previous articles:

• Next generation config mgmt
• Automatic edges in mgmt
• Automatic ...

[ Read More ]

Upcoming speaking In Hong Kong and South Africa

purpleidea, 3 months, 1 week | Source: The Technical Blog of James

I’m thrilled to tell you that I’ll be speaking about mgmt in Hong Kong and South Africa. It will be my first time to both countries and my first time to Asia and Africa!

In Hong Kong I’ll be speaking at HKOSCon2016.

In South Africa I’ll be speaking at DebConf16.

I’m looking forward to meeting with many of the hard-working Debian hackers, and collaborating with them to build and promote excellent Free Software. The mgmt project considers both Fedora and Debian to be first class platforms, and parity is a primary design goal.

I’ll ...

[ Read More ]

Print the rspec-puppet catalog, courtesy of @willaerk

rnelson0, 3 months, 1 week | Source: RNELSON0

Sometimes, when you are writing an rspec-puppet test, you’re not sure exactly how the test should be written. You know that you want to test a resource with some extra attribute, but you may be describing the resource wrong, or using a bad regex to test the contents. Rspec-puppet will helpfully tell you when the […]

[ Read More ]

Rspec fixtures tip: symlink to other modules in your controlrepo

rnelson0, 3 months, 2 weeks | Source: RNELSON0

If you are writing rspec tests against your controlrepo, specifically your profile module, you need to set up your .fixtures.yml file to reference the other modules in your controlrepo. For example, here’s a list of the modules in the dist directory of a controlrepo: dist ├── eyaml ├── profile └── role If any of the […]

[ Read More ]