This blog post is a part of this blog post series: In the previous blog post we created the Puppet type librenms_service and created a dummy skeleton for the provider implementation. We were able to use the type, but it did not yet do anything. In this blog post we move to implementing the create […]
This article is a part of this blog post series: Writing Puppet types and providers looks like black magic even to those who have lots of experience in the Puppet language itself. While the official types development documentation is quite ok, provider documentation is definitely lacking. Not only are there no practical examples from real […]
When you're iterating over a hash you may end up having to treat the last hash entry differently. For example, if you're creating entries to a JSON file you should have "}," in between the entries until you reach the last entry, where you must have just "}" or JSON data will be invalid. Now, […]
Usually writing rspec-puppet tests is straightforward. Then you run into some problem that does not make any sense. In my case I ran into a couple of duplicate resource declaration issues when adding rspec tests to our puppetmaster-installer. The error message was not that useful: $ pdk test unit --tests=spec/classes/puppetboard_spec.rb --- snip --- Failures: 1) […]
I recently - again - had to import resources to Terraform (0.11.14) from AWS that were outside of the default AWS region and were managed in a nested (non-root) module. The root module contained the provider configuration, including multiple aliases to allow creation of resources in different regions, as well as the nested module call, […]
It seems every other organization is using Jenkins these days. Jenkins is a continuous integration and continuous delivery server that can be used to automate building, testing, and delivering or deploying software. Many organizations also use Puppet for their configuration management needs. Puppet is, if not the de facto configuration management solution, at least one of the […]
This article is based on an earlier article written in Finnish. Here I describe how to make changes to an XML file with Augeas - a useful approach when managing the whole file as a template is out of the question. The configuration file used as an example, web.xml, belong to Pwm, and we intend […]
This translated from the original Finnish article that is available here. The Augeas resource in Puppet allows one to manage parts of a complex configuration file instead of managing the whole file using a template or a static file. For trivial cases stdlib's file_line resource may be sufficient. While use of templates or static files […]
When a resource is managed by Puppet it is typically managed fully, or not at all. Exceptions to this rule, such as the "replace" parameter in the File resource, are rare. However, sometimes you end up having to change the properties of a resource outside of Puppet without making Puppet overwrite those changes on the […]
I was recently in a situation where I needed to figure out which interface name matched a particular, static IPv4 address. On a single or a handful of nodes this could have been hardcoded in Hiera, for example, but there were dozens of nodes. The way I solved this was by creating a custom fact […]
This is probably one of the shortest blog postings in the history of this blog. But as this topic does not seem to be covered in more generic articles about avoiding Git merge conflicts (e.g. this, this and this), here it goes. Adding modules to the Puppetfile is a quite common task. When you or […]
I use Pidgin as my instant messaging client because it is open source and because it supports almost all IM protocols directly or through plugins. In my case I need support for IRC, XMPP, Facebook, Slack and SIPE (Office 365). Apparently it would be possible to use Pidgin for Signal as well, but as official […]
In the Puppet module rspec testing with PDK blog post I covered the procedure of creating and running puppet-rspec tests with PDK. This blog post will go more in-depth to that topic, in particular describe and context which you see in all puppet-rspec tests. When looking at the puppet-rspec test syntax the first time it […]
With default settings Foreman does not allow Puppet Agents to specify their own environment when connecting to the Puppetserver. This makes it impossible to use r10k and feature branch workflow like you can with a normal Puppetserver. This behavior can fortunately be reverted easily by modifying Foreman configuration file, /etc/foreman/settings.yaml: # Allow testing feature branches […]
Fabric is a Python library for executing shell commands remotely over SSH in serial or parallel mode. I used Fabric 1 for years and it was - and still is - an excellent tool. While Fabric's use-cases overlap somewhat with those of Ansible, the difference is that Fabric is not state-based. In other words, in […]
I've noticed that some people - I won't reveal their names here to protect them - love using contain and/or ordering arrows in Puppet. A typical use-case is for role classes: class role::webserver { contain ::packetfilter::endpoint contain ::profile::monit contain ::profile::unixbase contain ::profile::ipa_client contain ::profile::webserver Class[::packetfilter::endpoint] -> Class[::profile::monit] -> Class[::profile::unixbase] -> Class[::profile::ipa_client] -> Class[::profile::webserver] } The […]
Recently we had to reprovision a bare metal server that was in Foreman and had IPMI support. The goal was to check if our automated "force-join to FreeIPA domain after reprovisioning" logic worked as intented. We did not have access to any graphical IPMI console, nor Foreman's GUI, so we had to do everything from […]
The PHP version comes in default CentOS 7 repositories is rather horribly outdated. This is problematic when running WordPress, which has to be upgraded constantly, and really old PHP versions may not be accepted, security-patched or not. The solution is to get updated PHP from the remi yum repositories. There are two sets of PHP […]
I've stumbled upon interesting access denied problems with S3-based Terraform state files recently. Suppose you have two or more Terraform root modules which use the same bucket for storing the state and just use a different key (=state file): terraform { backend "s3" { bucket = "terraform-state" key = "root-module-1" region = "eu-central-1" } } […]
If you've searched for instructions on how to write unit tests for Puppet code you've probably stumbled upon tutorials such as this that are of good quality, but suggest installing and using tools such as puppetlabs_rspec_helper directly. Or you may encounter references to rake, bundler, rvm and rspec. Then you start experimenting these tools, some […]
