Your source of Puppet technical information
Martin Alfke, August 08, 2022 06:35 AM | Source: betadots
Within Puppet we use modules to describe specific technical components which we want to configure on a system.
This can by achieved either by upstream library modules (some refer to these as component modules) which can be found on Puppet Forge or by self written Puppet code which we usually refer to as technical implementation profiles.
Since Puppet is a client server model, the server must be aware of each node and must know which classes a node needs. This process is called node classification.
Within Puppet there are several ways how nodes can be classified.
This article describes the ...
Martin Alfke, August 08, 2022 06:34 AM | Source: betadots
Innerhalb von Puppet werden mit Hilfe von Modulen bestimmte technische Komponenten konfiguriert.
Module können Upstream entwickelt und auf der Puppet Forge zur Verfügung gestellt werden. Diese Module nennen wir gerne Bibliotheken oder Komponenten Module.
Alternativ handelt es sich um selbst geschriebene Technische Implementierungs-Profile.
Da es sich bei Puppet um ein Client-Server Modell handelt, muss der Server wissen, welche Module auf einem System zum Einsatz kommen sollen. Diesen Vorgang nennt man Node Klassifizierung.
Innerhalb von Puppet stehen unterschiedliche Varianten für die Node Klassifizierung zur Verfügung.
Dieser Artikel beschreibt die klassische Node Klassifizierung und ihre Einschränkungen und geht danach auf flexiblere, Hiera ...
Anonymous, August 03, 2022 02:00 PM | Source: Puppet
Some functions are better left to runtime. Learn how to defer execution to the agent and recent Puppet improvements that make this easier to do.
Anonymous, July 28, 2022 02:00 PM | Source: Puppet
Self-healing infrastructure enables businesses to deliver quality infrastructure while developing new and innovative solutions.
Anonymous, July 26, 2022 02:00 PM | Source: Puppet
Do you dread patching? Learn how Puppet Enterprise can help you easily automate patching across a variety of complex operating systems.
Anonymous, July 20, 2022 06:06 PM | Source: Puppet
Learn why autonomous compliance is critical to your business and your digital infrastructure environment in the new IDC PeerScape report.
Hugo Bollon, July 04, 2022 02:19 PM | Source: Camptocamp Blog
At Camptocamp, we're using multiple Blackbox Exporters hosted in a few different cloud providers and world regions. We're using them to monitor availability and ssl certificate validity and expiration of many websites.
They were all deployed inside Linux VMs provisioned by Terraform and configured by our Puppet infrastructure. However, in order to achieve more simplicity and high availability, we wanted to deploy containers instead of these VMs.
AWS ECS (Elastic Container Service) is a fully managed, highly scalable and docker compatible container orchestration service.
It is widely used to host microservice ...
Martin Alfke, July 04, 2022 09:48 AM | Source: betadots
Puppet encrypts connections using a self-signed OpenSSL based CA.
Usually a Puppet CA has a validity of 5 years. At initial Installation one can configure the ca_ttl setting:
puppet config set --section server ca_ttl 10y
Existing installations can extend the CA e.g. by using the following script which has been made public by Neeloy on Puppet Community Slack channel:
cd /etc/puppetlabs/puppet/ssl/ca
(openssl rsa -noout -modulus -in ca_key.pem 2> /dev/null | openssl md5 ; openssl x509 -noout -modulus -in ca_crt.pem 2> /dev/null | openssl md5 )
# Generate new CSR
openssl x509 -x509toreq -in ca_crt.pem -signkey ca_key.pem -out ca_csr.pem
# Sign ...
Anonymous, June 22, 2022 12:00 AM | Source: Example 42
IT conferences are main attractions in our jobs with machines, the occasions to meet again remote friends you’ve known for years, know people with whom you have something in common and stay updated on vendors’ products. After the last two years I guess many of us are looking forward to attend some good in presence conference, hence my decision to plan a road trip, from Italy to Amsterdam, take the occasion to meet business partners, old friends and, first time for me, jump into an HashiCorp conference. How tp always matters I didn’t came to the party without anything, I ...Anonymous, May 23, 2022 12:00 AM | Source: Example 42
Psick (Puppet Systems Infrastructure Construction Kit) is a project that aims to provide a top of the notch Puppet infrastructure in a quick and easy way. It’s composed by: The Psick Control-repo featuring useful features like Vagrant and CI integrations The Psick Module with a set of reusable profiles for the most common sysadmin activities Version 1 of the psick module, after years of lazy developments and a recent and abundant code-rush, is going to be released soon, and there are really a lot of new things which are worth some explanations. This is the reason of this post. What ...Anonymous, April 13, 2022 12:00 AM | Source: Example 42
On April 11th, 2022 Puppet’s CEO Yvonne Wassenaar announced the acquisition from Perforce. Interesting and, for me, unexpected news. Only time will tell us how much this is going to impact Puppet’s product and the nature of its community. Do we still need Puppet? In these times where serverless, containers, and cloud based services are trending tech friends often ask me (given my barely concealed addiction for it) what’s the future and the role of a tool like Puppet. It was born to solve problems of the past, when people had to configure their own servers, rather than relying on ...Martin Alfke, April 10, 2022 05:59 PM | Source: betadots
Puppet verschlüsselt Verbindungen mit einer selbst-signierten OpenSSL basieten CA.
Diese hat üblicherweise eine Laufzeit von 5 Jahren. Bei der initialen Installation kann man dies über eine Konfigurationseinstellung ändern:
puppet config set --section server ca_ttl 10y
Bei Bestandsinstallationen kann man die CA im laufenden Betrieb verlängern.
Im Slack Puppet Community Channel hat Neeloy z.B. ein Script veröffentlicht:
cd /etc/puppetlabs/puppet/ssl/ca
(openssl rsa -noout -modulus -in ca_key.pem 2> /dev/null | openssl md5 ; openssl x509 -noout -modulus -in ca_crt.pem 2> /dev/null | openssl md5 )
# Generate new CSR
openssl x509 -x509toreq -in ca_crt.pem -signkey ca_key.pem -out ca_csr.pem
# Sign
cat > extension.cnf ...
Raphaël Pinson, February 23, 2022 05:37 PM | Source: Camptocamp Blog
A year and a half ago, our infrastructure team at Camptocamp was faced with an increasingly problematic situation. We were provisioning more and more Kubernetes clusters, on different cloud providers. We used Terraform to deploy the infrastructure itself, and we had started to adopt Argo CD to deploy applications on top of the cluster.
We quickly ended up with many projects using similar logic, often borrowed from older projects, and most of these cluster were starting to use divergent code.
We thought it was time to put together a standard core in order to:
Anonymous, December 21, 2021 12:00 AM | Source: binford2k.com
Today at 7:58 am was the Winter Solstice. That’s when the days stop getting shorter and start getting longer again. Metaphorically, it’s when darkness starts leaving our lives again and we welcome in more light.
Ruben and I celebrated with a 7:58 am morning run, of course. The first half of the run was on a well-worn regular route, but then on the way back we wandered on an unplanned, unmapped, unfamiliar route. We just let ourselves go where our feet and Ruben’s nose led us. It was wonderful. I thought about things I’d like to let go of and ...
Anonymous, December 20, 2021 12:00 AM | Source: Example 42
example42 GmbH was founded back in 2015 and registered at chamber of commerce during PuppetConf 2015. We have worked in Puppet world for many years, have supported hundreds of companies, and delivered training worldwide. We were self-employed professionals and decided that it was good to unite the forces and develop a company. That’s how example42 Gmbh started, registered in Berlin, owned by the most prominent Puppet experts in Italy and Germany, and committed to providing Puppet support to customers via the virtuous partnership with Puppet Inc. or directly. It worked well, constantly cash flow positive, with slow but steady growth, ...daianamezdrea, November 08, 2021 12:00 AM | Source: Puppet IAC Team
We’d like to thank the following people in the Puppet Community for their contributions over this past week:
puppetlabs-apt#1010
: “(MODULES-10763) Remove frequency collector”, thanks to LTangaF and the following people who helped get it over the line (kenyon)puppetlabs-java_ks#383
: “move honeycomb key”, thanks to LivingInSynpuppetlabs-java_ks#382
: “change the honeycomb writekey to a github secret”, thanks to LivingInSynpuppetlabs-postgresql#1298
: “Support setting default_privileges on all schemas”, thanks to fish-facepuppetlabs-postgresql#1297
: “Support target_role in default_privileges”, thanks to fish-facefacterdb#209
: “Add support for ubuntu 21.10 and 21.04 “, thanks to hbrown-uiowafacterdb#207
: “Add ...michaeltlombardi, October 20, 2021 12:00 AM | Source: Puppet IAC Team
The Infrastructure Automation Content (IAC) team formed from the merger of 4 core content-focused teams (Modules, Windows, Cloud & Containers, and Networking), maintaining forty-five open-source supported Puppet modules and over a dozen tools that help reduce the content maintenance and support costs.
A crucial part of Puppet’s success has always been the support of the community. The IAC team, like with all module teams before, would have had a dedicated engineer or engineers assigned to community triage, usually on a rotational basis.
The triage rota consumed 20% of the team’s engineering resources. It was challenging due ...
ia-content, October 11, 2021 12:00 AM | Source: Puppet IAC Team
We’d like to thank the following people in the Puppet Community for their contributions over this past week:
puppetlabs-firewall#1019
: “Bugfix MODULES-11203: error on second apply when uid or gid is specified as a range”, thanks to cmd-ntrfpuppetlabs-firewall#1018
: “Fedora 34 and iptables-compat fix; properly utilising iptables param.”, thanks to adamboutcherpuppetlabs-postgresql#1307
: “Drop further code for Debian 6 and Ubuntu 10”, thanks to ekohlpuppetlabs-postgresql#1306
: “MODULES-11201: add service_name for Ubuntu 18.04 and later”, thanks to moritz-makandrapuppetlabs-postgresql#1297
: “Support target_role in default_privileges”, thanks to fish-facefacterdb#197
: “Release 1.10.1”, thanks to bastelfreakfacterdb#196
: “CI: ...ia-content, October 04, 2021 12:00 AM | Source: Puppet IAC Team
We’d like to thank the following people in the Puppet Community for their contributions over this past week:
puppetlabs-apache#2195
: “Allow docroot
with mod_vhost_alias
virtual_docroot
”, thanks to yakatzpuppetlabs-apache#2191
: “add double quote on scope parameter”, thanks to aba-rechsteinerpuppetlabs-apt#1007
: “(MODULES-11173) Add per-host overrides for apt::proxy”, thanks to maturnbullpuppetlabs-chocolatey#269
: “add support for version range”, thanks to rico89puppetlabs-docker#774
: “Prefer timeout to time_limit for Facter::Core::Execution”, thanks to smortexpuppetlabs-firewall#1019
: “Bugfix MODULES-11203: error on second apply when uid or gid is specified as a range”, thanks to cmd-ntrfpuppetlabs-java#488
: “Enabling Rocky Linux for ...Anonymous, August 19, 2021 12:00 AM | Source: binford2k.com
Information is power. And those who control the narrative have all the power in the world. In recent years, we’ve seen the interconnectedness of our digital communities lead to the weaponization of misinformation.
The obvious example of that was the Jan 6, 2021 insurrection in which a departing president incited an attempted coup in a pathetic attempt to remain in power and relevant. He did this via Twitter.
Fortunately, he’s since been de-platformed, but the right-wing has squadrons of misinformation lieutenants regularly attempting to spin current events, gaslight the nation, and control the minds of their army of followers. One ...
That's easy, you just tweet to @_masterzen_ your Puppet category/tag blog feed (atom or rss) url and I'll include it