If you've used Puppet for anything non-trivial, you've almost certainly used it to configure something secret. Perhaps you've configured an application with a database password. Perhaps you've configured a local maintenance user account with a private SSH key. Something that might seem obvious in retrospect is that these secrets exist in the catalog--and by extension all reports and any other tooling that uses them. Anyone with access to the catalog or raw reports also has access to your secrets. All your secrets.
So now we've used Puppet to manage a file on our computer. The
/etc/motd file is now owned by root and has a fun little sentence in it. We can write all we want out to that file. But sooner or later, we're going to want to put something a little more interesting. Perhaps we'll want the hostname or operating system installed?
We'll take a little side trip first, though, and learn about
Configuration management with tools like Puppet can make your life a lot easier. It can make configuring newly provisioned servers more repeatable and reliable and it can make disaster recovery nearly trivial. Learning to use the tool isn't trivial by any means, though. There are 200 configurable options, give or take depending on the version you're running, and the number of things you can do with it is nearly infinite.
So you keep hearing about this Puppet thing and how it's going to solve all of your DevOpsy configuration management problems. But what is it? How do you write a Puppet script? Well, as it turns out, the key concept is unlearning the habit of thinking about scripts. But all in good time. We'll get there. First, let's write some code.
Let's start out with something easy. You all know what the
/etc/motd file is. It's the message of the day file that's dumped to your screen every time you log in.
Geppetto is an Eclipse-based IDE for developing Puppet modules. The editor provides features such as syntax highlighting, code completion, error highlighting, refactoring, and even integrates directly with the Puppet Forge.