[Puppet Users] One master per environment, or one to rule them all?

[Antony Gelberg]

I've asked a similar question on the Terraform mailing-list but on 
reflection, I think it's more appropriate here.

Let's say I need several environments, and I'm using AWS, with each 
environment in a separate VPC. I'm going to configure instances with Puppet 
(and deploy with Jenkins). I see two basic design options here:

*Option 1: Puppet master in one environment / VPC, either:*

   1. In their own VPC, e.g. "devops".
   2. Less-optimally, piggy-backed on an application environment VPC, e.g. 
   "staging".

This master would be responsible for configuring all servers across all 
other environments / VPCs.

Implications:

   - Have to open up security groups, scope for environments to affect each 
   other.
   - Configuring Puppet environments using something like r10k, high 
   dependency on that enviroment
   - VPCs will have to have different CIDRs (not sure if this is a big 
   deal).
   

*Option 2: Every environment to have its own Puppet master.*

Implications:

   - More costly.
   - Feels "cleaner", each Puppet master only needs to handle one 
   environment.
   - Less likely for environments to interfere with each other.
   - Potentially less (or more?) pain with managing Puppet environments.
   - Might be overly complex.
   
Is either of these an obviously better choice than the other? If (1) is 
better, is sub-option (1) or (1) better?
Or are both options both viable and sane?

NB Assume that "master" may mean "masters" according to the need.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d5c26bc6-c7ce-4439-8073-41c462f9ded2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Hiera and r10k, roles and responsibilities

[Antony Gelberg]

I'm looking to set up a new Puppet infrastructure, which will manage 
several environments (nothing fancy, let's call them sandbox, staging, 
production). Given that I can use hiera to differentiate data by 
environment, is there still a use case for r10k? If so, can somebody give 
some examples of what that use case is? In short, one "master" branch and 
hiera seems a lot simpler to maintain, but I'm concerned that I'd be 
missing out on something useful.

I know that r10k is also used for deploying modules, but librarian-puppet 
can do that anyway, so I also. Is librarian-puppet still in use? Most of 
what I read about it is a few years old.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/af1a8acb-21bc-4041-bc38-d231f1a05eaf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Clean Puppet 3 to Puppet 4 migration

[Michael Watters]

Been through a similar upgrade myself.  The first step would be to spin up 
a new puppet master running Puppet Server.  You can copy over the SSL dir 
from your old/current master to avoid SSL errors on the agents.  For 
testing you'll want to make sure your manifests work correctly using the 
future parser, that can be enabled in the puppet.conf file on the agents.  
Setting up a separate environment for testing is also recommended.

Puppet Server will work with 3.7 clients so once you have a manifest that 
compiles correctly you can just point the agents to the new master's IP.


On Wednesday, October 11, 2017 at 8:07:13 AM UTC-7, Salty Old Cowdawg wrote:
>
> About three years ago (4 years ago?) I deployed a Puppet infrastructure 
> for my company and department based on FOSS Puppet 3.7.   Given that's been 
> deprecated of course I'm very much looking to migrate to Puppet 4.   
> Besides for about three months I worked for another company and got spoiled 
> by Puppet 4. 
>
> So I'm back at my old digs and assessing what it will take to go from P3 
> to P4.   Here are some of the things I have to think about
>
> 1) the migration needs to be fully automated both on the server end and 
> the client end. 
> 2) no really this is going to be done by operations personnel who have 
> a low threshold of fright for Puppet in spite of my best efforts to 
> desensitize them.
> 3) There is as penetrable firewall between me (developer) and the Puppet 
> infrastructure servers and clients so I cannot personally intervene
>
> Anybody out there been through this pain and have any suggestions and 
> pointers on how to make this happen with minimal "breakage?" 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/8c276e2e-e692-43ec-9560-06f29138559c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Announce: Bolt 0.5.1

[warron.french]

Saw this, just joined.  I will keep a watchful eye out for ideas that
people are coming up with.

--
Warron French


On Wed, Oct 11, 2017 at 12:09 PM, Eric Sorenson  wrote:

> Hi, I'm super excited to announce the initial open-source release of Bolt,
> a new project that lets you easily run commands, scripts, tasks, and task
> plans across your infrastructure.
>
> It's got its own product page on the puppet site: https://puppet.com/
> products/puppet-bolt
>
> Or you can go straight to the tech docs: https://puppet.com/docs/
> bolt/0.5/bolt_overview.html
>
> If you have real-time questions about Bolt or Puppet Tasks, you can join
> the conversation on slack.puppet.com #puppet-tasks.
>
> Eric Sorenson - e...@puppet.com 
> director of product, ecosystem and platform
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/puppet-users/37AF0FFE-142D-4BB2-950D-C0CB09C7C079%40puppet.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAJdJdQkS3jcrd0TxF2jWt9q4z2w3yPOT0XG%3DRe58Rzos%2BMv%2Bcg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Announce: PDK 1.2 is now available

[Lindsey Smith]

Hello Everyone!

Today we are announcing the latest release of PDK, version 1.2.0. This
release includes new features, UX improvements, and bugfixes.

Some of the new features and improvements include:

   -

   pdk new task generates a new Puppet task (https://puppet.com/puppet-bolt)
   -

   pdk validate lints task metadata


For the full CHANGELOG please visit https://puppet.com/docs/pdk/1.
0/release_notes.html 

To try this new version, download it from https://puppet.com/download-
puppet-development-kit

Thanks!

Lindsey Smith

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAPyei8VhL42qZOTBXHzZotTJ1QrEbMXNrR8qSO10zkXg_-8abA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Announce: Forge Support for Modules with Puppet Tasks

[Lindsey Smith]

Hello Everyone!

Today we are announcing updates to the Forge (https://forge.puppet.com/) to
support tasks in Puppet modules.


*Improvements include:*

   -

   Forge accepts modules with tasks where each task includes the
   corresponding task metadata: https://puppet.com/docs/bolt/
   0.5/writing_tasks.html#task-metadata
   
   -

   New Tasks tab on the module detail page: https://forge.puppet.com/googl
   e/gcompute/tasks
   -

   Search filter for modules with tasks: https://forge.puppet.com/
   modules?with_tasks=true


Thanks!

Lindsey Smith

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAPyei8XqGpXrBQYkZbL%3DAHAbHwThB9SVrrnZ8xoHN8oxB68Q-A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Task Modules Release Announcement

[Davin Hanlon]

Hi everyone!

The Puppet Modules team is excited to launch tasks in existing modules, and
also to provide generic task modules for performing standard functions.
We're releasing eleven modules in total with tasks: four existing modules
have been updated to have tasks added; and seven new task specific modules
have been created. This is an exciting evolution for Puppet modules with
tasks intended to complement the existing state management capabilities
that Puppet provides. We will add further tasks in the future to meet
various use cases and we encourage you to add the tasks you'd like to see
in your modules. Details of what we're releasing today are below.

*New Task Modules*

Seven new task modules have been created, as below. They are available on
the Forge.

   - Package: allowing you to install, uninstall, upgrade and check package
   status on nodes.
   - Service: providing you the ability to start, stop, restart, enable,
   disable and check status of services running on nodes.
   - Exec: letting you pass commands to remote nodes for execution with the
   results passed back in standard out.
   - Resource: allowing you to run the resource command to inspect the
   value of resources on nodes.
   - Facter: letting you retrieve facts from nodes.
   - Puppet.conf: providing you with the ability to get and set your Puppet
   configuration on nodes.
   - Bootstrap: letting you install the Puppet Agent on remote nodes.

*Updates to Existing Modules*

Four existing Puppet supported modules have been updated to add tasks to
them, as below:

   - Apache: now contains a task which will reload the Apache configuration
   without requiring the service to be restarted.
   - MySQL and Postgresql: both modules now have a task which will pass a
   SQL statement to a database host, execute the SQL and return the result.
   - Apt: has a task that will show you updates that are available to
   packages, and allow those packages to be updated.

In addition to the above Puppet supported modules that have been updated,
Google's approved modules have been updated with tasks.

The task modules work with Puppet Enterprise and the open source offering
(Bolt) that supports tasks. We enjoyed building this new functionality and
are excited by the possibilities it creates. All the content is publicly
available in our repositories and we welcome your feedback and
contributions. Finally, big shout out to the modules team that built these
modules!

Feel free to contact me with feedback!

Thanks,
Davin


Davin Hanlon

Product Owner, Modules

*Puppet . The shortest path to better software.*

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAH7JWurTEFNHXmbD82H1ySWhqG0jmnNYa%2BG2-Sou2dk3iV0Kow%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Announce: Bolt 0.5.1

[Eric Sorenson]

Hi, I'm super excited to announce the initial open-source release of Bolt, a 
new project that lets you easily run commands, scripts, tasks, and task plans 
across your infrastructure.

It's got its own product page on the puppet site: 
https://puppet.com/products/puppet-bolt 


Or you can go straight to the tech docs: 
https://puppet.com/docs/bolt/0.5/bolt_overview.html 


If you have real-time questions about Bolt or Puppet Tasks, you can join the 
conversation on slack.puppet.com  #puppet-tasks.

Eric Sorenson - e...@puppet.com  
director of product, ecosystem and platform

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/37AF0FFE-142D-4BB2-950D-C0CB09C7C079%40puppet.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Clean Puppet 3 to Puppet 4 migration

[Peter Berghold]

About three years ago (4 years ago?) I deployed a Puppet infrastructure for
my company and department based on FOSS Puppet 3.7.   Given that's been
deprecated of course I'm very much looking to migrate to Puppet 4.
Besides for about three months I worked for another company and got spoiled
by Puppet 4.

So I'm back at my old digs and assessing what it will take to go from P3 to
P4.   Here are some of the things I have to think about

1) the migration needs to be fully automated both on the server end and the
client end.
2) no really this is going to be done by operations personnel who have
a low threshold of fright for Puppet in spite of my best efforts to
desensitize them.
3) There is as penetrable firewall between me (developer) and the Puppet
infrastructure servers and clients so I cannot personally intervene

Anybody out there been through this pain and have any suggestions and
pointers on how to make this happen with minimal "breakage?"

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAArvnv0END3xCwQsNwK9jjkSEq37LvY%3Dy-Ck7johj5Af3GHgWQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Today’s a big day for Puppet customers and users

[Molly Waggett]

Today we’re thrilled to announce our largest and most important set of
product innovations. If you want to scale automation across your entire
organization or deliver better software faster, keep reading or join us for
the PuppetConf live stream (https://puppet.com/puppetconf/livestream/signup)
between 9 a.m. and 10:20 a.m. PT.

*Puppet Discovery™*
See everything you have in real time across your on-premises, cloud and
container infrastructure with the new Puppet Discovery. With full
visibility into your infrastructure, plus meaningful insights, you can
easily see what you have and what you need to automate next. Learn more:
https://puppet.com/blog/announcing-puppet-discovery

*Puppet Tasks™*
Puppet Tasks is a family of offerings that include a new open source
product and Puppet Enterprise capabilities that make it easy to
troubleshoot systems, deploy one-off changes, and execute sequenced
actions. Learn more about Puppet Bolt™ and Puppet Enterprise Task
Management:
https://puppet.com/blog/easily-automate-ad-hoc-work-new-puppet-tasks

*Puppet Enterprise 2017.3*
In our latest release, Package Inspector updates make it easier to browse
and search for packages, Task Management helps you execute ad hoc tasks
across tens of thousands of nodes, the Puppet 5 Platform is baked in, and
there’s expanded Japanese language support. Learn more:
https://puppet.com/blog/taking-you-journey-automation-puppet-enterprise-20173

*Puppet Pipelines™ and Puppet® Container Registry*
We recently acquired Distelli, an innovative continuous delivery platform
for developers and enterprises. We’re happy to introduce their products as
part of our portfolio: Puppet Pipelines for Applications, Puppet Pipelines
for Containers, and Puppet Container Registry. Learn more:
https://puppet.com/blog/introducing-puppet-pipelines-and-puppet-container-registry

*New Splunk integrations*
We’re pleased to announce our new partnership and integrations with Splunk.
The new integrations will help you fully leverage the data, insights,
action, and ongoing policy enforcement across the platforms so you can gain
deeper insights and drive change. Learn more:
https://puppet.com/blog/automating-modern-it-splunk-puppet

*New and updated Google Cloud Platform modules*
Our friends at Google Cloud updated their recently released IaaS modules
with new functionality, including the ability to use Puppet Tasks. They
also published a new set of modules to automate even more of their
services. Learn more: https://puppet.com/products/managed-technology/google

*New Kubernetes, Helm and Docker modules*
We’re thrilled to announce new modules to install and manage Kubernetes and
Helm, and the applications running on your Kubernetes clusters. We also
released an enhanced Docker module with support for Puppet Code Manager,
Docker Swarm mode, and Docker Secrets. Learn more:
https://puppet.com/blog/announcing-kream-and-new-kubernetes-helm-and-docker-modules

Thanks!

-- 
*Molly Waggett*
Assoc. Release Engineer

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAFOE68Dbveg83nd%2BqbZ5mQanQm_FnDbqsC-ZqC8a7xtn42aqOQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Forge repository timeout

[Raphaël Hoareau]

Hi all,

I'm trying to synchronize the Forge repository (https://forge.puppet.com) 
into my Katello install but it fail with connection errors (it was working 
a few weeks ago).
When trying to download https://forge.puppet.com/modules.json, a simple 
curl/wget tries multiple times before getting the file (and Katello simply 
fails).

[rhoareau@glados ~]$ wget -S https://forge.puppet.com/modules.json
--2017-10-11 10:45:00-- https://forge.puppet.com/modules.json
Résolution de forge.puppet.com (forge.puppet.com)… 52.10.130.237
Connexion à forge.puppet.com (forge.puppet.com)|52.10.130.237|:443… 
connecté.
requête HTTP transmise, en attente de la réponse… 
HTTP/1.0 504 Gateway Time-out
Cache-Control: no-cache
Connection: close
Content-Type: text/html
Nouvel essai.

--2017-10-11 10:46:32-- (essai : 2) https://forge.puppet.com/modules.json
Connexion à forge.puppet.com (forge.puppet.com)|52.10.130.237|:443… 
connecté.
requête HTTP transmise, en attente de la réponse… 
HTTP/1.0 504 Gateway Time-out
Cache-Control: no-cache
Connection: close
Content-Type: text/html
Nouvel essai.

--2017-10-11 10:48:05-- (essai : 3) https://forge.puppet.com/modules.json
Connexion à forge.puppet.com (forge.puppet.com)|52.10.130.237|:443… 
connecté.
requête HTTP transmise, en attente de la réponse… 
HTTP/1.1 504 Gateway Time-out
Server: nginx
Date: Wed, 11 Oct 2017 08:49:36 GMT
Content-Type: text/html
Content-Length: 176
X-App-Server: forge/forge-i-437e8aec_forgenext-app04-prod.ops.puppetlabs.net
X-Lb-Server: forgenext-lb02-prod.ops.puppetl
X-UUID: 25AB0F9B:F43F_0AE00633:01BB_59DDDAC6_EF89F2B:01F1
Nouvel essai.

--2017-10-11 10:49:39-- (essai : 4) https://forge.puppet.com/modules.json
Réutilisation de la connexion existante à forge.puppet.com:443.
requête HTTP transmise, en attente de la réponse… 
Taille : non indiqué
Sauvegarde en : « modules.json.1 »

modules.json.1 [ <=> ] 1,67M --.-KB/s ds 68s 

2017-10-11 10:50:48 (25,0 KB/s) - « modules.json.1 » sauvegardé [1749112]

Any information on that ?

Raphaël.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/8b5540ef-5110-40d5-80d7-639006084e2c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.