In case someone else might find this useful, here are my notes from PuppetConf 2014 (including the Monday contributor’s summit.)

Contributor Summit (Modules Track)

  • Puppet modules antipatterns
  • Don’t ensure => latest on packages (installed or present)
  • Do parameter validation (use stdlib)
  • Don’t require an yum/apt repo
  • Ensure idempotency
  • Deprecation warnings
  • strict_variables = true in puppet.conf
  • Automatically detect typos
  • Look at cfacter

Puppet Debugging Toolkit

Cert Management


Puppet 4.0 Language

PuppetDB API with Puppetboard

Killer r10k Workflow

CI for Infrastructure as Code

Experiences Running Masterless Puppet

  • Can run with –debug and you get all the infos, tracebacks, etc., which is helpful.  Otherwise, all that stuff is just logged on the master.
  • Also you get deprecation warnings
  • Secret management (use a thing like nimitz for this)
  • Apache mod_ext_filter/jq to manage ACLs to PuppetDB
  • Did not go masterless just due to master scaling
  • Single monolithic git repo
  • Complex dependencies
  • Modules needed for puppet run determined by hiera
  • Using internal forge, which mirrors upstream forge

Puppet Internal Subsystems


Tools and Virtualization to Manage Ops at PuppetLabs

Talks I Missed, To Watch Later