We’re taking a brief break from your regularly scheduled module of the week goodness with a mini series to discuss some of the elements that go into writing great Puppet modules. I’ll try to sum it up in a few sentences: Your module should be immediately useful to me after I install it. Documentation should […]
Puppet Labs has been on a roll…and this time it is not our user community, but the physical one we live in that is giving rave reviews! The City of Portland’s Sustainability at Work Program recently announced Puppet Labs as a Gold Certification winner! It all began with the culture here…they care about their community […]
Purpose Standard library for creating Puppet modules Module puppetlabs/stdlib Puppet Version 2.6+ Platforms Redhat, Debian, Solaris, Mac OS X, Windows Welcome back to the module of the week! Previously we covered facter-dot-d. This week we’re switching our focus to the puppetlabs/stdlib data functions: getvar, loadyaml, and merge. The data functions provide the ability to dynamically […]
In a recent blog post we discussed verifying and testing your Puppet code, which generated a large amount of interest. One of the readers asked why we’d bother with rspec-puppet if it simply verifies attributes of a resource. It’s true that, if you have a manifest that simply contained a collection of static resources, rspec-puppet […]
Purpose Standard library for creating Puppet modules Module puppetlabs/stdlib Puppet Version 2.6+ Platforms Redhat, Debian, Solaris, Mac OS X, Windows Welcome back to the module of the week! Last week we began our coverage of the puppetlabs/stdlib module by examining the file_line resource, which allows you to manage individual lines in a file. We’ll pick […]
Puppet modules are a fantastic way to deploy and manage specific applications. The Puppet Forge contains a wealth of third-party modules that allow you to do some awesome stuff with a minimum of work. In this post, we use a module from the Forge to solve a common task—using Puppet to set up a WordPress […]
Welcome to the Puppet Module of the Week! This is a brand new blog series where we pick a module on the Puppet Forge and review it. We’ll cover a wide variety of modules in these reviews. When we run across a great module that could use some work, we’ll highlight those areas and even […]
Management of network devices is one of the exciting new features in Puppet Enterprise 2.0 and Puppet 2.7. In the initial release, support is limited to Cisco devices, but because Puppet is extensible via modules, we are able to build upon the existing framework and add support for F5 BIG-IP. Like most network appliances, installation […]
In a previous blog post, we introduced use cases for separating configuration data from Puppet code. This post (part one of a two part series) will go in-depth with installing, configuring, and using Hiera, but let’s first look at WHY we would need Hiera. Introduction to the SSH module One of the benefits of Hiera […]
Written in conjunction with Tino Vazquez from the OpenNebula Project, and cross-posted on the OpenNebula blog. Puppet is used for managing the infrastructure for many IaaS software packages, including Eucalyptus, OpenStack, and OpenNebula. OpenNebula is an IaaS manager which can not only manage a large amount of different virtualization and public cloud platforms, it can […]
With the launch of Puppet Enterprise 2.0, it’s easy to get lost in the scale of what we’ve enabled sysadmins to do. Besides shipping a world-class configuration management tool, we now make it easy to create managed servers from thin air. In addition, we’re providing command line tools that take fresh OS installs directly to […]
It’s come time for us to pick a code name for our next release of Puppet. If you help develop Puppet you may be fairly familiar with our naming system, but for those who haven’t yet contributed to the open source project, we name each version of Puppet after a Muppet. We use code names […]
OVERVIEW We have discovered a security vulnerability (“AltNames Vulnerability”) whereby a malicious attacker can impersonate the Puppet master using credentials from a Puppet agent node. This vulnerability cannot cross Puppet deployments, but it can allow an attacker with elevated privileges on one Puppet-managed node to gain control of any other Puppet-managed node within the same […]
We are evaluating two tools for testing Puppet modules. One is rspec-puppet, the other is cucumber-puppet. The hope is to get standards for testing into the module forge and hook it into a CI framework such as Hudson or Jenkins. This will enable Puppet Forge users to immediately evaluate a module in terms of its test failure rate, and enable developers to see the intended behavior of the module. The higher level goal is to open a discussion among developers on the Puppet Forge about the intended behavior of modules, what they need to do, and what they should and should not be doing.
Another huge goal of this project is to develop a way to test Puppet without running puppet apply and looking to see what worked or didn’t. Both of the tools under consideration allow the developer/sysadmin to test the modules against Puppet to see if they compile (equivalent to a puppet apply —noop) and then hold the catalog object so that we can see if the catalog is formed as intended.
Cucumber-puppet’s advantages are that it is a more mature codebase, it is faster to start with, and it uses the human-readable gherkin language for its tests. One disadvantage for cucumber-puppet is that it is difficult to contain all of the tests within a cucumber feature. Many of the tests we have written in cucumber-puppet involved creating dummy nodes in a site.pp to write cucumber tests against. Cucumber-puppet also doesn’t seem to be compatible with Puppet 2.7.x, at least not yet. It is however compatible with the 0.25.x branch which is a benefit for legacy puppet users and administrators.
Rspec-puppet’s advantages are that it is brand new and has seen a flurry of development since its inception. Puppet already uses a lot of rspec to do testing, and, since the gherkin layer is removed, it can be coded entirely in Ruby. Also, in contrast to cucumber-puppet, rspec-puppet tests can be entirely contained within the spec test file. And for compatibility, rspec-puppet works well with the Puppet 2.6.x/2.7.x branches, but does not work with the 0.25.x branch. One note for testing both 2.6.x and 2.7.x is that 2.6.x will raise Puppet::Error exceptions for catalog compilation failures while the 2.7.x branch raises general Runtime exceptions.