How to Get Started With Agentless Automation

Agentless automation offers a cost-effective and efficient approach to automating your infrastructure management. So, what does it mean to do agentless automation?

Read on to learn more about the advantages of agentless automation and how to launch an automated workflow with Bolt, Apply, and Plans.

What Is Agentless Automation?

Agentless automation is a type of automation that does not require any code to be installed on the systems being managed. It can be a great option for automating simple task management, especially if you're just getting started with IT automation.

Is Puppet Agentless?

By default, Puppet is agent-based, with Puppet agents checking that nodes are in the desired state every 30 minutes. Puppet Bolt is an agentless remote task runner from Puppet.

What Are the Benefits of Agentless Automation?

Agentless automation eliminates the need for complicated installation and configuration processes, allowing for a much simpler and more flexible way to get up and running with automation.

👋 Want to skip to the free trial of Puppet? Get started with agentless automation, supported by Puppet >>

Agentless automation can be quickly and easily deployed across an organization's infrastructure.

Avoid Excess Manual Work With Agentless Automation

I work on the team that runs Puppet Enterprise (PE) at Puppet. We use PE to enforce the configuration of our infrastructure and maintain the standards we’ve decided on as a team. But sometimes we need to configure servers that don’t exist within the confines of our production continuous integration (CI) infrastructure, and that’s when we turn to Bolt to ensure that those servers are configured in a repeatable fashion.

We use PE to manage the physical servers that run Openstack, but the VMs (virtual machines) themselves aren’t centrally managed, since this is a sandboxed environment. In this sandboxed environment, there was a problem I wanted to solve. Our users would report issues with their VMs in the Openstack environment, and I didn’t have access to ssh into the VMs that my internal customers were setting up. Even if I did have access to ssh into their vms, I didn’t have historical data about the experience of being on a VM in the environment.

I solved this problem by building two servers in the environment that communicated with each other, using telegraf to send performance data to influxdb. There was shared code between these two servers, and I didn’t want to configure them manually, particularly in an environment that doesn’t have the SLA of production.

To take this solution even further, I used Bolt to create Plans to help me manage these servers quickly.

How To Use Bolt Apply

With the introduction of Bolt Apply, Bolt allows you to manage your agentless infrastructure using the same code and modules that you use to manage your infrastructure managed by PE. The first thing to note is that Bolt is opinionated about how you set up your environment, so that you can take advantage of code you write, as well as modules on the Puppet Forge.

These examples are based on users using a unix-based system. After installing Bolt, change to your ~/.puppetlabs/bolt directory, and create a Puppetfile.

forge "http://forge.puppetlabs.com"
mod 'profiles', local: true
mod 'puppetlabs-concat', '5.2.0'
mod 'puppetlabs-stdlib', '5.1.0'
mod 'puppet-telegraf', '2.1.0'

A few things to note:

• Add any modules that you will be using, in this case, I knew I wanted to use the telegraf module, and the telegraf module was dependent on the concat and stdlib modules.
• Ensure you add the module you are about to create here with the flag local: true. Bolt will manage your modules from here on out, and if you do not list it as local_true, bolt will delete the code that you wrote, attempting to overwrite it with a module from the forge.

Next, use the command bolt puppetfile install to install all of the modules you listed in your puppetfile, then create a modules directory if one doesn’t exist, and create the directory for your module inside that directory. Bolt supports simpler tasks, which can run in any language you desire, and plans which are more extensible and use the Puppet language, in this case I wanted to use the bolt apply feature which requires puppet plans. I created the puppet plan, telegraf.pp in the directory ~/.puppetlabs/bolt/modules/profiles/plans/telegraf.pp.

plan profiles::telegraf(
  TargetSpec $nodes,
  String[1]  $influxdb_hostname,
  String[1]  $influxdb_password,
) {
  # Install the puppet-agent package if Puppet is not detected.
  # Copy over custom facts from the Bolt modulepath.
  # Run the `facter` command line tool to gather node information.
  $nodes.apply_prep
  # Compile the manifest block into a catalog
  apply($nodes) {
    class { 'telegraf':
      hostname => $facts['networking']['fqdn'],
      logfile  => '/var/log/telegraf/telegraf.log',
      outputs  => {
      'influxdb' => {
          'urls'     => [ "http://${influxdb_hostname}:8086" ],
          'database' => 'telegraf',
          'username' => 'telegraf',
          'password' => $influxdb_password,
          },
      },
      inputs   => {
        'cpu'       => {
          'percpu'   => true,
          'totalcpu' => true,
        },
        'disk'      => {},
        'diskio'    => {},
        'mem'       => {},
        'net'       => {},
        'processes' => {},
        'syslog'    => {
          'server' => 'tcp://:6514',
        },
        'system'    => {},
      },
    }
  }
}

This is the plan which is used to install telegraf on the nodes. In this plan, I am passing in three variables:

$nodes
$influxdb_hostname,
$influxdb_password,

The node variable is populated using the bolt flag --nodes.

Here is an example of how you would apply this bolt plan:

bolt plan run profiles::telegraf --nodes centos@10.234.0.115 --run-as root --tty  influxdb_hostname=hostname.puppet.com influxdb_password=ReallySecureP@ssword

$nodes.apply_prep is what gets the node ready to run puppet on them, though this is an agentless experience, we need to copy over the code which runs puppet apply onto the hosts running this code.

apply($nodes) { is the line that tells bolt you are about to pass Puppet language code to bolt to apply onto the server. You are running it on the nodes you passed into $nodes. This means you can generate this variable in other ways, if you want to develop a node list programmatically.

Note: If this were a more complex infrastructure, I could have used hiera to configure some of the variables.

Related: How to use Hiera to reduce code complexity in your infrastructure.

Agent or No Agent: Puppet Has a Solution

Bolt is a great way to automate the infrastructure in your organization that is detached from your primary Puppet environment. This allows us to get the benefit of code reuse between teams managing infrastructure, while also keeping our code base smaller, and more purpose built.

Puppet makes it easy to adapt your workflow as the needs of your organization change over time. You can scale your automation and easily migrate from Bolt to Puppet Enterprise for the best of both agentless and agent-based automation in one platform.

Get a free trial of Puppet Enterprise for the ultimate control and flexibility of options when automating your infrastructure.

Try Puppet Enterprise

Learn More

• Watch an intro video about Bolt
• Discover the many benefits of IT automation
• Use this Puppet Directory Guide to help you navigate all of Puppet's directories
• Check out Bolt on GitHub

This blog was originally published on February 27, 2019 and has since been updated for accuracy and relevance.