Here's a recording on our webinar on March 9, 2021: Infrastructure as Code We covered the very basics of infrastructure as code, version control, quality assurance techniques and tools such as Puppet, Terraform, Ansible and Puppet Bolt. The webinar slides:
Puppet Litmus allows creating SUTs ("System Under Test") with Vagrant using Virtualbox or Hyper-V as the virtualization backend. However, the default virtual machine settings like 1024MB of memory are only suitable for very simple modules and applications. For example, Litmus testing our puppetmaster-installer will fail with the default settings. Litmus documentation tells us that you […]
Puppet Litmus is a Puppet acceptance test harness that leverages on many existing, proven technologies. In the long run Litmus aims to replace Beaker. However, the latter is currently still the only way to run multi-machine (e.g. cluster) acceptance tests in a standardized way. For example we use Beaker for our Keycloak domain mode cluster […]
Throw a job ad on a recruitment portal, wait for applications, hold a couple of interviews and that's it, right? This is what recruiting can look like from the outside but there's quite a bit more to it. A recruitment campaign can be a massive effort especially for small businesses. In addition, if you're doing […]
The vagrant-hostmanager plugin is a really nice plugin which helps Vagrant VMs communicate with each other using names instead of IP addresses. Essentially it manages hosts entries for the VMs, acting like a poor-man's DNS. Now, on *NIX operating systems you typically use sudo, which caches your authorization. So, when hostmanager starts, you type your […]
This posting comes strictly from the land of esoteria. We have a Vagrant + Virtualbox environment that sets up Foreman used for PXE booting baremetal servers. The environment work fine on Linux and MacOS. But we needed to make this environment work also on Windows. Easy, right? Vagrant and Virtualbox are supposed to abstract all […]
If you’re at all like me, you every now and then find yourself thrown out of your comfort zone, when you should actually be in it. The pattern usually goes something like this: It’s something simple. I’ll fix it in a couple of minutes and document it for others. I know my stuff. Hmm, this […]
We're using the centos/7 base box in Vagrant a lot and often hit this problem when bringing up new VMs with Vagrant: This error comes from vagrant-vbguest plugin which tried to install the Virtualbox Guest Additions but failed. The error message is misleading, because the real issue is related to upstream (CentOS) yum repositories. As […]
We use Vagrant and Virtualbox heavily when developing Puppet code. We also do provisioning of baremetal servers with Foreman. While Vagrant is a really powerful tool, it is not designed for creating VMs that boot from the network (PXE boot). Fortunately Virtualbox itself provides a rich command-line with which you can create and configure virtual […]
When using ejabberd in a company for multi-user chat (see my earlier blog post) people will quickly start complaining that they missed discussions because they had been offline. Ejabberd does play back last 20 messages when user joins a room, but that is too little for an active chatroom. The simplistic approach is to set […]
Ejabberd is a very flexible and scalable XMPP server. We use it because it can be configured using a simple yaml configuration file and managed via ejabberdctl commands. This makes it a good fit for our infrastructure as code approach. That said, ejabberd does require one to understand the XMPP protocol/jargon as it does not […]
Sometimes you'd like to pass a dynamic value to a Terraform resource's provider parameter. This can be done, but some background first. Terraform allows you to define multiple providers of the same type using provider aliases. This is useful when you're working with a provider that is tied to a region, the AWS provider being […]
This could possibly be the most esoteric blog post I've ever written, but here it goes. So, for reasons even we have difficulty comprehending (hint: related to PXE booting in a Vagrant/Virtualbox environment) we had to find out which inactive vboxnet (hostonly) interface had the highest index. We wanted the code to (hopefully) run on […]
Grafana is a common tool to visualize data from multiple datasources. Perhaps the most common datasource is Prometheus. If an organization has a Single-Sign On solution, it makes sense to authenticate users centrally with that solution That will make authentication easier and friendlier for end users (authenticate once and then access multiple services), and also […]
In this blog we consider JBoss/Wildfly domain mode in the context of the wonderful Keycloak software. It is not necessarily trivial to understand how the interfaces should be configured, especially if you want to do something other than the defaults, for example to secure your Wildfly/JBOSS configuration, or if you are dealing with a more […]
Some Puppet modules like puppet-module-keycloak have hundreds of unit tests. That is good for test coverage, but waiting for test results hurts your productivity when you're developing tests for your new code. There are at least two ways to (temporarily) limit the scope of the tests that you run. First method is baked in into […]
Today was a special day. Our Finnish website went to greener pastures after having spent its golden months serving permanent HTTP redirects to our current website while having been taken our of our Terraform codebase. It is customary to speak a few words in occasions like this, so here we go. "Beloved www.puppeteers.fi. You were […]
We use Kanban to coordinate our projects and tasks. Kanban is focused on visualizing and improving throughput, that is, making projects (high-level) and tasks (low-level) go through the system as fast as by limiting work in progress, which in turn minimizes waste (time and money). Our field of work is IT operations and we're generally […]
We use Terraform for managing our Cloud infrastructure. Our customers typically use AWS and that's what we're most familiar with. Each public Cloud has its own terminology, so this page is a translation table between Terraform resource names in the AWS and Azure providers: AWS Azure aws_instance azurerm_linux_virtual_machine aws_network_interface azurerm_network_interface aws_security_group azurerm_network_security_group aws_security_group_rule azurerm_network_security_rule aws_vpc […]
I recently had to add access control rules to OpenVPN Access Server to permit certain groups to access certain IP addresses. As we manage our Access Server configurations with Puppet using puppet-openvpnas (by the author), we needed a way to parameterize the allowed IP addresses while keeping the Puppet code readable. This is where puppet-dnsquery […]
