For the Finnish speakers out there here's a recording of our webinar held in co-operation with Turku Business Region on 5th May 2020: Infrastruktuurin rakentaminen koodilla We cover the very basics of infrastructure as code, version control, quality assurance techniques and tools such as Puppet, Terraform, Ansible and Puppet Bolt.
Occasionally when working with feature branch and updating types and providers you may run into environment leakage issues. They manifest themselves as issues that make no particular sense and are caused by the wrong version of a type/provider such as puppetlabs-apt (see this issue) leaking into your feature environment. This can happen when you update […]
As discussed in the introductory post one of the use-cases for Puppet Bolt is orchestration - running actions on multiple targets in a certain order, possibly using results of actions or data from some targets on other targets. Orchestration with Bolt plans is quite easy: you just create a plan with multiple TargetSpec parameters, each […]
NOTE: this article is somewhat outdated. Please refer to Serverless Puppet with control repo, Hiera, roles and profiles and Puppet Bolt instead. Puppet Bolt is an orchestration tool similar to Ansible. It is suitable for multiple use-cases: Running ad hoc commands on target nodes. We use this approach for testing Puppet feature branches before approving […]
This blog post is a part of this blog post series: In the previous blog post we created the Puppet type librenms_service and created a dummy skeleton for the provider implementation. We were able to use the type, but it did not yet do anything. In this blog post we move to implementing the create […]
This article is a part of this blog post series: Writing Puppet types and providers looks like black magic even to those who have lots of experience in the Puppet language itself. While the official types development documentation is quite ok, provider documentation is definitely lacking. Not only are there no practical examples from real […]
When you're iterating over a hash you may end up having to treat the last hash entry differently. For example, if you're creating entries to a JSON file you should have "}," in between the entries until you reach the last entry, where you must have just "}" or JSON data will be invalid. Now, […]
Usually writing rspec-puppet tests is straightforward. Then you run into some problem that does not make any sense. In my case I ran into a couple of duplicate resource declaration issues when adding rspec tests to our puppetmaster-installer. The error message was not that useful: $ pdk test unit --tests=spec/classes/puppetboard_spec.rb --- snip --- Failures: 1) […]
It seems every other organization is using Jenkins these days. Jenkins is a continuous integration and continuous delivery server that can be used to automate building, testing, and delivering or deploying software. Many organizations also use Puppet for their configuration management needs. Puppet is, if not the de facto configuration management solution, at least one of the […]
This article is based on an earlier article written in Finnish. Here I describe how to make changes to an XML file with Augeas - a useful approach when managing the whole file as a template is out of the question. The configuration file used as an example, web.xml, belong to Pwm, and we intend […]
This translated from the original Finnish article that is available here. The Augeas resource in Puppet allows one to manage parts of a complex configuration file instead of managing the whole file using a template or a static file. For trivial cases stdlib's file_line resource may be sufficient. While use of templates or static files […]
When a resource is managed by Puppet it is typically managed fully, or not at all. Exceptions to this rule, such as the "replace" parameter in the File resource, are rare. However, sometimes you end up having to change the properties of a resource outside of Puppet without making Puppet overwrite those changes on the […]
I was recently in a situation where I needed to figure out which interface name matched a particular, static IPv4 address. On a single or a handful of nodes this could have been hardcoded in Hiera, for example, but there were dozens of nodes. The way I solved this was by creating a custom fact […]
This is probably one of the shortest blog postings in the history of this blog. But as this topic does not seem to be covered in more generic articles about avoiding Git merge conflicts (e.g. this, this and this), here it goes. Adding modules to the Puppetfile is a quite common task. When you or […]
In the Puppet module rspec testing with PDK blog post I covered the procedure of creating and running puppet-rspec tests with PDK. This blog post will go more in-depth to that topic, in particular describe and context which you see in all puppet-rspec tests. When looking at the puppet-rspec test syntax the first time it […]
With default settings Foreman does not allow Puppet Agents to specify their own environment when connecting to the Puppetserver. This makes it impossible to use r10k and feature branch workflow like you can with a normal Puppetserver. This behavior can fortunately be reverted easily by modifying Foreman configuration file, /etc/foreman/settings.yaml: # Allow testing feature branches […]
I've noticed that some people - I won't reveal their names here to protect them - love using contain and/or ordering arrows in Puppet. A typical use-case is for role classes: class role::webserver { contain ::packetfilter::endpoint contain ::profile::monit contain ::profile::unixbase contain ::profile::ipa_client contain ::profile::webserver Class[::packetfilter::endpoint] -> Class[::profile::monit] -> Class[::profile::unixbase] -> Class[::profile::ipa_client] -> Class[::profile::webserver] } The […]
Recently we had to reprovision a bare metal server that was in Foreman and had IPMI support. The goal was to check if our automated "force-join to FreeIPA domain after reprovisioning" logic worked as intented. We did not have access to any graphical IPMI console, nor Foreman's GUI, so we had to do everything from […]
The PHP version comes in default CentOS 7 repositories is rather horribly outdated. This is problematic when running WordPress, which has to be upgraded constantly, and really old PHP versions may not be accepted, security-patched or not. The solution is to get updated PHP from the remi yum repositories. There are two sets of PHP […]
If you've searched for instructions on how to write unit tests for Puppet code you've probably stumbled upon tutorials such as this that are of good quality, but suggest installing and using tools such as puppetlabs_rspec_helper directly. Or you may encounter references to rake, bundler, rvm and rspec. Then you start experimenting these tools, some […]