The University of Oregon has historically been a decentralized IT campus, where each college would handle their own technology needs while Information Services would provide centralized services like Active Directory and OpenLDAP, email, and Banner ERP.
The success IS had as a result of using Puppet led to many departments wanting to leverage this tool for similar purposes, however there would be a need to provide a consistent platform at scale while accommodating the disparate needs of other departments and maintain stability across the environment while respecting other departments’ desire for autonomy. All of this and avoid being the blocker of rapid innovation and not be inundated with support requests.
The University uses a “delegated administration” (or federation) model where 12+ teams of admins and developers are responsible for their own tech stacks, while the University’s Systems Automation Services’ (SAS) within Information Services provides a consistent platform (Windows or Red Hat Linux with base profiles for central authentication, logging, DNS settings, etc.) that is maintained at scale.
- Puppet Enterprise (PE) for its web UI and RBAC controls
- Puppet Bolt and tasks within Puppet Enterprise
- In addition to PE, Continuous Delivery for Puppet Enterprise (CD4PE) to leverage its features to enhance federation model
- Reporting – Having a central interface for inspecting agent reports is very useful when troubleshooting an issue
- Orchestrator – The Orchestration component is quickly gaining traction as their primary location for users to run automated tasks. They’ve also been making use of the Orchestrator API for our automated provisioning system (VRealize Automation) to trigger tasks.
- Support – While the University reports that they haven’t needed too much support, the times where they’ve submitted a ticket “have all been pleasant. Techs are quick to respond with helpful information and a pleasant attitude.”
Puppet Enterprise was absolutely essential to meet our needs. It offers a nice user interface for various groups to log in and create reports, see the state of their machines, or run tasks related to their infrastructure