Puppet

Bootstrapping I’ve had to setup 3 different macbooks from scratch recently, and it made me think of the whole process of Macbook bootstrapping. It’s something I’ve done a fair few times over the years, either because I’ve change jobs, get a new personal Macbook or, as is the case recently, had to nuke a work laptop back to factory settings and start again after a buyback program. It lead me to think about my experience with developer bootstrapping in the OSX world, and realising it’s now been over a decade of experiencing the aches and pains and eventual improvements to this experience. I thought I’d do a small braindump of my experiences and the various tools we used and what I use now. ...

Vault Caching with Auto-Auth and Puppet So I’ve done a lot of work with Vault and Puppet and how they integrate with each other. I was recenlty posed the question: How would these Puppet runs calling out for secrets affect the performance of Vault, and if it was possible to cache the results? So I did a little digging and the answer is Yes, it’s possible! Vault Caching In the 1.1.0 release of Vault, we added the ability to run vault agent as a caching proxy. ...

EDIT: So, this blog was linked by DevOps Weekly #379, and seems to have climbed the SEO ranking for Hiera and Vault, but I’ve learn a lot and have some general changes since then. I did a webinar on the subject I’ll be writing an updated version of how to use Vault and Hiera soon, and link it here. Although I don’t work at Puppet anymore, it’s still my favourite config management software, and I use it for the management of machines under my control, including my home storage server and several MacBooks. ...

Today is a very big day for me. Today is my last day at Puppet. Puppet has been a huge part of my life for almost 7 years. It all started way back in 2011, when I was working at Simply Business. We’d just done a big shift to continuous deployment. We had a fully working deployment pipeline, but our ops workflows were starting to creak a bit at the seams. We started a new project to start managing the sytems with Puppet in an agentless model, and I was hooked. ...

Day 29 in the #vDM30in30 Image from https://flic.kr/p/sqiJKP Let’s talk about the lifecycle of a Puppet run. The Puppet agent process collects information about the host it is running on including facts, which it passes to the server. The parser uses that system information and Puppet modules on local disk to compile a configuration for that particular host and returns it to the agent. The agent applies that configuration locally, thus affecting the local state of the host, and files the resulting report with the server, including the facts from the system Essentially, Puppet runs in an atomic fashion: Information it has is locked at the start of the run, and is not changed. At the end of the run, facts might be different, but the catalog stays the same. ...