Continuing our series of PuppetConf speaker interviews, we talked to Ryan Park about how Pinterest uses Puppet, his upcoming PuppetConf talk, and his advice for other sysadmins.

Puppet Labs: Tell me a bit about yourself and your background:

Ryan Park: I joined Pinterest about a year ago. When I arrived, I was the first full-time ops hire, and the first person really automating the infrastructure. Before that, servers weren’t really standardized; we simply installed software and configured machines as needed.

One of the first things I did at Pinterest was bring in Puppet. I spent the majority of my first three months configuring the environment and converting the existing servers to be managed by Puppet.

Setting up a configuration management system was the most important thing to do when I arrived at Pinterest. Having Puppet meant we didn’t need to do things a hundred times for a hundred servers. For example, using Puppet meant we could easily grant access to new employees—giving access to 20 servers here and 30 servers there. We could trust that our servers were all configured the same way and that nothing was different or screwy about any individual host.

Puppet Labs: What brought you to Puppet?

Read the rest of this entry »

Today we’re excited to announce Puppet Enterprise 1.2 with two great new features that give you the intelligence you need to prove you’re in compliance with your change management processes.

With Puppet Enterprise Compliance you set a desired-state for each of your systems and monitor them for any changes, right from our web-based Dashboard, creating a baseline. You’ll be alerted to changes on monitored nodes and you choose to accept or reject each change. Accepted changes will become part of the baseline, and rejected changes will still show up in Dashboard until you manually update the node to your desired state. This helps you create a maintenance to do list, ensuring nothing slips through the cracks.

There are lots of different times this type of monitoring and insight is important. If you have a tremendous amount of change in your environment Puppet Enterprise Compliance monitors priority resources, giving you the agility to act immediately on unapproved changes. Compliance also allows you to track spent time and resources on unmanaged resources that go through periodic, high-volume change, indicating when these troublesome resources are ready for Puppet’s continuous automated management.

With Puppet Enterprise Compliance you can:

• Confirm changes are in compliance with change management policies
• Identify unauthorized or unexpected change
• Improve visibility and enforce accountability across the enterprise
• Reduce unplanned downtime and improve mean time to repair
• Gather data to track IT resources and costs
• Monitor systems under consideration for Puppet automated management

And with Puppet you’re not limited to auditing just content and metadata of files, like other monitoring software. Using built-in Puppet resource types you can also audit user accounts, packages, services, cron jobs, or anything else that Puppet manages. You can even write plug-ins to monitor your custom resources.

Also with this Puppet Enterprise 1.2 release, we’ve solved another compliance headache when it comes to managing user accounts. Puppet Enterprise now has the built-in capability to support best practices for user account management and ensure compliance with internal policies. With Puppet you can assess and make changes on all of your machines with one command, without the availability risks you find in central directory software. Puppet even manages SSH keys for password-less access, using public and private keys instead of insecure passwords. And Puppet records all account changes, creating an auditable trail and ensuring internal change management policies are followed.

Puppet Enterprise user account management now makes it easier to:

• Perform required periodic password changes
• Provision a new user
• Grant user access
• Revoke user access
• Remove a user from the database
• Grant limited access to a user, as in giving someone permission to reboot a web server but not permission shut down the machine

Find out more about components included in this release in the Puppet Enterprise FAQ. 

To see PE 1.2 in action register for Introduction to Puppet Enterprise 1.2 Live Webinar this Wednesday, August 31 at 11 am PDT.

Want to try Puppet Enterprise 1.2 for yourself?

Download Puppet Enterprise 1.2 now and start managing 10 nodes for free.

Version 1.1 of Puppet Dashboard was recently released, fixing a number of bugs and broadening the feature set. If you’re already a Dashboard user, you’ll certainly find this a worthwhile upgrade. If you’re not, then now is a great time to check it out. Here’s why:

Inventory service integration. Working in beautiful harmony with the recently-released inventory service feature of Puppet, Dashboard can now query and report facts across all your nodes. When viewing an individual node, its current fact information will be retrieved via the inventory service for your perusal.

Also of note is the “Custom query” function, found in the left-hand node navigation. This page allows you to specify conditions on particular facts and search for all nodes matching those conditions. For instance, this can be used to easily find all your Debian nodes that haven’t yet been upgraded to Puppet 2.6.

Filebucket integration. Continuing in the vein of interconnectivity with Puppet, Dashboard is now filebucket-aware. When the checksum of a file is mentioned in a report, Dashboard will offer to display the bucketed contents. Similarly, when a file’s content changes, you will have the option to view a diff.

Improved report support. Reports in the Puppet 2.6 format are now fully supported, in addition to inspect reports created by the new “puppet inspect” application. The page for a Puppet 2.6 report provides resource-level summaries, including information about the previous and current values of any changed properties. Viewing an inspect report is quite similar, except the information shown represents a snapshot of the current state of the system at the time of the report.

File search. Using the new file search page, you can easily find which of your nodes have a particular version of an important file. Simply provide the file name and desired checksum, and receive a list of which nodes have the content you want, and which don’t. This feature searches the latest inspect report for your nodes, so you will need to periodically run “puppet inspect” for this functionality to work.

This release is available for download, and documentation is coming—preliminary documentation is available here.

Here’s the latest cast by Nan Liu with a short drive-by of some of the recent improvements to the Puppet Dashboard.

• Expand on daily run status to be beyond 30 days
• Set timezone
• Nodes no longer reporting – timeframe can be changed

d”

In our continued efforts to help you get the most out of Puppet, our professional services team is working on bite-sized content in the form of Puppetcasts. Here are two casts created by Dan Bode.

New Features for Puppet Dashboard

This cast covers the inventory service query, 2.6 reports, and reports for catalog compilation failures.

Inventory Service Support for Multiple Puppet Masters

Add a comment or send a message about any topics you want to see covered in the future editions.

We’re pleased to announce the availability of Puppet Dashboard 1.0.4!

This is a maintenance release, it fixes a number of bugs, improves the
user interface, significantly boosts performance and includes better RPM
and DEB packages.

Please upgrade to this stable release and let us know about any issues
on the mailing list, or
in the ticket tracker with an “Affected Version” of 1.0.4.

If you’re interested in what we’re hoping to work on next, please see
our roadmap. We would
also appreciate it if you watched and commented on those tickets that
are important to you.

New installation and upgrading instructions are available in the
included README, which you can also read online here.