Search results

Hiera lookups in rspec-puppet

While rspec-puppet documentation is quite decent, it does not really explain how to test classes that get their parameters via Hiera lookups, such as profiles in the roles and profiles pattern. Several parameters related to Hiera are listed in the rspec-puppet configuration reference, but that's all. The other documentation you find on the Internet is […]

Serverless Puppet with control repo, Hiera, roles and profiles and Puppet Bolt

The traditional way of managing systems with Puppet is to install Puppet agent on the nodes being managed and point those agents to a Puppet server (more details here). This approach works well for environments with tens or hundreds of nodes, but is an overkill for small environments with just a handful of nodes. Fortunately […]

Testing Puppet feature environments with Puppet Bolt

Puppet feature environments are an excellent way to test code before deploying it, typically to production. They allow testing Puppet runs on no-operation mode across the whole node population managed by Puppet. There are sometimes cases where your code changes potentially impact many nodes and you're not exactly sure of their scope or effect. In […]

Product news: 'Configuration Manager' now available for free

Our Puppet-server installer product is now available free of charge in AWS Marketplace and Azure Marketplace! 'Configuration Manager' is a cloud image with an easy-to-use Puppet server installer. It supports installation of PuppetDB and Puppetboard as well. The source code can be retrieved from GitHub. Check out details at our product page.

The four ways to install Puppet modules

When working with Puppet and Puppet modules in particular you quickly notice that there are several ways to manage module dependencies. Today I learned about a new way introduced in Puppet Bolt 3.x, so I thought I'd compile a list that celebrates this diversity: metadata.json: used primarily to dependency metadata to Puppet Forge. Some tools […]

Notes about puppet-litmus testing

Puppet Litmus is a Puppet acceptance test harness that leverages on many existing, proven technologies. In the long run Litmus aims to replace Beaker. However, the latter is currently still the only way to run multi-machine (e.g. cluster) acceptance tests in a standardized way. For example we use Beaker for our Keycloak domain mode cluster […]

Solving an Apache Mellon redirect loop mystery

If you’re at all like me, you every now and then find yourself thrown out of your comfort zone, when you should actually be in it. The pattern usually goes something like this: It’s something simple. I’ll fix it in a couple of minutes and document it for others. I know my stuff.  Hmm, this […]

Limiting the scope of puppet-rspec tests

Some Puppet modules like puppet-module-keycloak have hundreds of unit tests. That is good for test coverage, but waiting for test results hurts your productivity when you're developing tests for your new code. There are at least two ways to (temporarily) limit the scope of the tests that you run. First method is baked in into […]

Querying DNS in Puppet code

I recently had to add access control rules to OpenVPN Access Server to permit certain groups to access certain IP addresses. As we manage our Access Server configurations with Puppet using puppet-openvpnas (by the author), we needed a way to parameterize the allowed IP addresses while keeping the Puppet code readable. This is where puppet-dnsquery […]

Migrating from Puppet 5 to 6 with Puppet Bolt

The main annoyance with agent-based configuration management is the management of the agents themselves. They usually don't require any handholding after the initial install, except when you need to migrate them to a new environment. For example, migrate from a Puppet 5-based server to Puppet 6. The migration process is not overly difficult, but in […]

Creating custom facts programmatically

Writing static facts is fairly easy even with a low level of Ruby skills. Below is an example of a fact that returns true or false depending on whether the node has a /boot partition: As you can see above the required information was already inside the "mountpoints" fact of Facter. Using the fact is […]

Duplo series, part 2: Puppet agents at work

Here's the next episode in our Duplo visualization series, have a look! This time we put Puppet agents to work. Featuring: Puppet agents will retrieve their desired state definition (catalog) from Puppet master for the Puppet environment they're in. Puppet agent reads the catalog: Puppet agent compares the current state to the catalog and notices […]

Fattening the workflow, part 5: Hiera and content encryption

Separating data from code in Puppet modules is advisable as it improves reusability of code. The separation can be accomplished with Hiera by having separate levels based on facts, organizational units, locations, etc. Hiera can also be used for storing private data that needs to be protected and must not be readable by outsiders. Typically […]

Fattening the workflow, part 4: Roles and profiles

If the workflow that includes the control repository, r10k and GitLab still feels too light, there are yet more ways to make the workflow heavier by adding more abstraction to the Puppet modules themselves. This is done by adopting the "Roles and Profiles pattern" that was developed by Craig Dunn and popularized in the blog […]

Duplo series, part 1: R10k at work

We've been having DIY visualization sessions on Puppet and sysadmin related topics and we wanted to share some of them with you. We had a lot of fun doing this, hope you'll enjoy this even a bit as much as we did! Let me introduce the characters involved in the first chapter: R10k is started […]

Using Puppet Bolt to apply roles to nodes, part 1

NOTE: this article is somewhat outdated. Please refer to Serverless Puppet with control repo, Hiera, roles and profiles and Puppet Bolt instead. Puppet Bolt is a designed to be an orchestration tool, but it can be used for configuration management as well. For example you may have a small environment of handful of nodes where […]

Improving Vim's Puppet integration

A recent package upgrade seemed to break Puppet syntax highlighting horribly on my Fedora 32 laptop. Not only did syntax highlighting not work, it was actually completely wrong and confusing. It seemed as if the Puppet file type detection was missing, so vim was probably using some a syntax highlighter for a wrong type. To […]

Finnish language webinar recording: "Building infrastructure as code"

For the Finnish speakers out there here's a recording of our webinar held in co-operation with Turku Business Region on 5th May 2020: Infrastruktuurin rakentaminen koodilla We cover the very basics of infrastructure as code, version control, quality assurance techniques and tools such as Puppet, Terraform, Ansible and Puppet Bolt.

Puppet environment leakage

Occasionally when working with feature branch and updating types and providers you may run into environment leakage issues. They manifest themselves as issues that make no particular sense and are caused by the wrong version of a type/provider such as puppetlabs-apt (see this issue) leaking into your feature environment. This can happen when you update […]

Simple orchestration with Puppet Bolt

As discussed in the introductory post one of the use-cases for Puppet Bolt is orchestration - running actions on multiple targets in a certain order, possibly using results of actions or data from some targets on other targets. Orchestration with Bolt plans is quite easy: you just create a plan with multiple TargetSpec parameters, each […]
1 2 3