Planet Puppet

Your source of Puppet technical information

PuppetConf speaker Marc Cluet on DevOps, dynamic platforms and Puppet

Aliza Earnshaw, 2 days, 6 hours | Source: Puppet Labs

Marc Cluet has deep roots in DevOps and software development. At PuppetConf, he'll talk about service discovery and Puppet.

[ Read More ]

Deploying IIS and ASP.NET with Puppet

Ethan Brown, 3 days, 13 hours | Source: Puppet Labs

Learn how to quickly deploy IIS and ASP.NET to Windows Server with Puppet.

[ Read More ]

PuppetConf speaker Joshua Zimmerman on DevOps, optimism and re-learning Puppet

Aliza Earnshaw, 4 days, 6 hours | Source: Puppet Labs

Josh Zimmerman discusses DevOps as an ongoing evolution, and why tools can't fix a troubled organizational culture.

[ Read More ]

Handing over the reins

Luke Kanies, 5 days, 5 hours | Source: Puppet Labs

Puppet founder Luke Kanies hands over CEO reins to Sanjay Mirchandani, joins board of directors.

[ Read More ]

Register hosts to Satellite6 via CloudForms and Ansible Tower part 2

laurent, 1 week, 3 days | Source: Laurent Domb Blog

This post will show you how to add Ansible Tower as a provider in CloudForms, discover and create a catalog item out of a job template we’ve created and order the catalog item via self service portal.

If you followed part 1 you now have a fully functional Ansible Tower which we can add as a provider to Red Hat CloudForms.

Step 1 Login to CloudForms

Step 2 Go to Configuration -> Configuration Management

Step 3 Click on Configuration and add a new provider

Step 4 Fill in the following values (of course it needs to match your environment)
Now ...

[ Read More ]

Register hosts to Satellite6 via CloudForms and Ansible Tower part 1

laurent, 1 week, 4 days | Source: Laurent Domb Blog

CloudForms is the single pane of glass for virtual machines, cloud instances, and baremetal servers provisioned via Satellite 6. Since we added support for Ansible Tower we can do a lot of magic as we can now call Ansible Tower via CloudForms. What does that mean for operations and orchestration?

Let’s say we have the following use case:

We have a host or multiple hosts which need to be registered to Red Hat Satellite 6 and update to the latest errata. We also want to be able to choose if puppet should be used as a configuration management tool ...

[ Read More ]

Puppet 4 Sensitive Data Types

R.I. Pienaar, 3 weeks, 5 days | Source: R.I.Pienaar -

You often need to handle sensitive data in manifests when using Puppet. Private keys, passwords, etc. There has not been a native way to deal with these and so a cottage industry of community tools have spring up.

To deal with data at rest various Hiera backends like the popular hiera-eyaml exist, to deal with data on nodes a rather interesting solution called binford2k-node_encrypt exist. There are many more but less is more, these are good and widely used.

The problem is data leaks all over the show in Puppet – diffs, logs, reports, catalogs, PuppetDB – it’s not uncommon for ...

[ Read More ]

Puppet Lint Plugins - 2.0 Upgrade and new repo

Dean Wilson (, 1 month, 1 week | Source: Dean Wilson@UnixDaemon

After the recent puppet-lint 2.0 release and the success of our puppet-lint 2.0 upgrade at work it felt like the right moment to claw some time back and update my own (11!) puppet-lint plugins to allow them to run on either puppet-lint 1 or 2. I’ve now completed this and pushed new versions of the gems to rubygems so if you’ve been waiting for version 2 compatible gems please feel free to test away.

Now I’ve realised exactly how many plugins I’ve ended up with I’ve created a new GitHub repo, unixdaemon-puppet-lint-plugins, that ...

[ Read More ]

Puppet Lint 2.0 Upgrade

Dean Wilson (, 1 month, 4 weeks | Source: Dean Wilson@UnixDaemon

With the recent puppet-lint 2.0 release it seemed a good time to bump the version we use at $WORK and see what’d changed. In theory it was as simple as changing the version in our Gemfile and ideally everything should continue as normal, but in practise it was a little more work than that and in this post I’m going to explain what we found.

Firstly let’s cover a lovely, free, bonus. On our test codebase puppet-lint 1.0.1 took about 25 seconds to run on average. Immediately after the upgrade to 2.0.0 ...

[ Read More ]

A look at the Puppet 4 Application Orchestration feature

R.I. Pienaar, 2 months | Source: R.I.Pienaar -

Puppet 4 got some new language constructs that let you model multi node applications and it assist with passing information between nodes for you. I recently wrote a open source orchestrator for this stuff which is part of my Choria suite, figured I’ll write up a bit about these multi node applications since they are now useable in open source.

The basic problem this feature solves is about passing details between modules. Lets say you have a LAMP stack, you’re going to have Web Apps that need access to a DB and that DB will have a IP ...

[ Read More ]

Deploy your #Puppet Enterprise license key with Puppet

rnelson0, 2 months | Source: RNELSON0

Since I manage my Puppet infrastructure with Puppet itself, I am for full automation. For Puppet Enterprise, that includes deploying the license key file from the puppet fileserver (profile/files/master/license.key served as puppet:///modules/profile/master/license.key). When upgrading to the latest Puppet Enterprise version, 2016.2.0, I encountered a change that was tricky to resolve – the puppet_enterprise::license class accepted […]

[ Read More ]

Fixing the mcollective deployment story

R.I. Pienaar, 2 months | Source: R.I.Pienaar -

Getting started with MCollective has always been an adventure, you have to learn a ton of new stuff like Middleware etc. And once you get that going the docs tend to present you with a vast array of options and choices including such arcane topics like which security plugin to use while the security model chosen is entirely unique to mcollective. To get a true feeling for the horror see the official deployment guide.

This is not really a pleasant experience and probably results in many insecure or half build deployments out there – and most people just not bothering. This ...

[ Read More ]

Upgrading to Puppet 4 at #PuppetConf 2016

rnelson0, 2 months, 1 week | Source: RNELSON0

As I did last year, I submitted a proposal for PuppetConf 2016 and it was accepted! As I did last year, I am requesting your help with it. The talk,  Enjoying the Journey from Puppet 3.x to 4.x, will help attendees lay out a plan to get to Puppet 4. I will be sharing my […]

[ Read More ]

Interacting with the Puppet CA from Ruby

R.I. Pienaar, 2 months, 1 week | Source: R.I.Pienaar -

I recently ran into a known bug with the puppet certificate generate command that made it useless to me for creating user certificates.

So I had to do the CSR dance from Ruby myself to work around it, it’s quite simple actually but as with all things in OpenSSL it’s weird and wonderful.

Since the Puppet Agent is written in Ruby and it can do this it means there’s a HTTP API somewhere, these are documented reasonably well – see /puppet-ca/v1/certificate_request/ and /puppet-ca/v1/certificate/. Not covered is how to make the CSRs and such.

First ...

[ Read More ]

Ten minute hacks: Hacking airplane headphones

purpleidea, 2 months, 2 weeks | Source: The Technical Blog of James

I was stuck on a 14 hour flight last week, and to my disappointment, only one of the two headphone speakers were working. The plane’s media centre has an audio connector that looks like this:


Someone should consider probing this USB port.

The hole to the left is smaller than a 3.5mm headphone jack, and designed for a proprietary headphone connector that I didn’t have, and the two holes to the right are part of a different proprietary connector which match with the cheap airline headphones to provide the left and right audio channels.


Completely reversible, and ...

[ Read More ]

CloudForms the Swiss army knife of Hybrid Cloud Management

laurent, 3 months | Source: Laurent Domb Blog

Today a dream came true for me by getting the honor to present at Red Hat Summit in SF 2016 “Automation and configuration management across hybrid clouds with CloudForms, Satellite6 and Ansible Tower“. When I joined Trivadis in 2006 Daniel Steiner who was a Senior Linux Engineer took me under his wings (He had earned a Red Hat Fedora when he passed his RHCE before 2006) I told him that one day I will be speaking at Red Hat Summit. So today is that day. My gratitude goes to him for inspiring me to go down this path.

I am ...

[ Read More ]

Specialising validate_re with wrapper functions in Puppet

Dean Wilson (, 3 months | Source: Dean Wilson@UnixDaemon

Once your puppet code base reaches a certain size you’ll often have a number of validate_ functions testing parameters and configuration values for compliance with local rules and requirements. These invocations often look like this:

validate_re($private_gpg_key_fingerprint, '^[[:alnum:]]{40}$', 'Must supply full GPG fingerprint')

Once you’ve spent a minute or two reading that you’ll probably be able to understand it; but wouldn’t it be nice to not have to care about the exact details and focus on what you’re actually testing? An approach I’ve been experimenting with on one larger code base is to ...

[ Read More ]

CloudForms Hybrid Cloud Sessions at Red Hat Summit SF 2016

laurent, 3 months, 1 week | Source: Laurent Domb Blog

Please join us at Red Hat Summit in SF and attend the sessions below. Those sessions highlight how versatile CloudForms is and what problems it can solve for you.
Red Hat Summit pass discounted rate of $1,195: RHSRAF

Tuesday, 10:15am
Enabling digital transformation via the Red Hat management portfolio
Alessandro Perilli, Red Hat
Joe Fitzgerald, Red Hat
William Nix, Red Hat

Tuesday, 3:30pm
Red Hat Cloud roadmap

James Labocki, Red Hat
Rob Young – Principal Product Manager, Red Hat
Xavier Lecauchois, Red Hat

Tuesday, 3:30pm
Red Hat containers roadmap
Mike McGrath – Managing Architect, Platform, Red Hat
Xavier ...

[ Read More ]

Automatic clustering in mgmt

purpleidea, 3 months, 1 week | Source: The Technical Blog of James

In mgmt, deploying and managing your clustered config management infrastructure needs to be as automatic as the infrastructure you’re using mgmt to manage. With mgmt, instead of a centralized data store, we function as a distributed system, built on top of etcd and the raft protocol.

In this article, I’ll cover how this feature works.


Mgmt is a next generation configuration management project. If you haven’t heard of it yet, or you don’t remember why we use a distributed database, start by reading the previous articles:

[ Read More ]

Upcoming speaking In Hong Kong and South Africa

purpleidea, 3 months, 1 week | Source: The Technical Blog of James

I’m thrilled to tell you that I’ll be speaking about mgmt in Hong Kong and South Africa. It will be my first time to both countries and my first time to Asia and Africa!

In Hong Kong I’ll be speaking at HKOSCon2016.

In South Africa I’ll be speaking at DebConf16.

I’m looking forward to meeting with many of the hard-working Debian hackers, and collaborating with them to build and promote excellent Free Software. The mgmt project considers both Fedora and Debian to be first class platforms, and parity is a primary design goal.

I’ll ...

[ Read More ]