Protecting the production environment

Methuselah

Infrastructure and Scaling

Puppet requires a not inconsiderable infrastructure for professional use. You need the Puppet server including a CA, a controlling Git with r10k, optionally some kind of software management, and a GUI for reporting. Additionally, you implement PuppetDB as an application with a PostgreSQL database if you need exported resources.

I mostly use Foreman for reporting and ENC, extended by the plugin Katello for software management, which also requires a PostgreSQL server. A PuppetDB is therefore a good choice and does not cause much additional work. Moreover, you need GitLab Community Edition as a Git with a GUI for integrated issue management.

A Puppet server can serve around 500 hosts. If more, Puppet scales very well horizontally: Additional Puppet servers that also compile catalogs can be integrated easily.

Conclusions

Puppet is complex, heavyweight, and not easy to learn. However, once mastered, it proves to be flexible and secure. The many modules maintained on Puppet Forge are a massive advantage. They usually also require a training period but leave hardly any wishes unfulfilled.

Puppet protects its own production environment with established processes. However, this also means saying goodbye to the idea that you can quickly write code for it. The code has to be tested conscientiously and transferred to production via staging. Configuration parameters for managed applications do not require such tests and can be easily adapted in Hiera.

Infos

  1. HashiCorp Vagrant: https://www.vagrantup.com
  2. Ruby templating language: https://puppet.com/docs/puppet/5.5/lang_template_erb.html
  3. Directory structure: https://puppet.com/blog/magic-directories-guide-to-puppet-directory-structure
  4. Community portal for modules: https://forge.puppet.com
  5. Community project for module maintenance: https://voxpupuli.org
  6. Class containment: https://puppet.com/blog/class-containment-puppet
  7. Native implementations of Puppet environments: https://github.com/puppetlabs/r10k
  8. Orchestration with Puppet Bolt: https://puppet.com/docs/bolt/latest/bolt.html

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus