PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter

•

0 likes•167 views

Here are the slides from Tray Torrance's PuppetConf 2016 presentation called Can You Manage Me Now? Humanizing Configuration Management at Scale. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa

Technology

Can You Manage Me Now?
Humanizing Configuration
Management at Scale
Tray Torrance
SRE, Twitter

Problem Space
Millions of LoC
Thousands of Nodes
Hundreds of Contributors
Several Coding Styles
Disparate Agent Versions
3

$Problem Space • Actively Hostile Codebase • What even are types? if enc_query(‘something’, ‘false’) == ‘true’ { … } if enc_query(‘something’, ‘false’) != ‘false’ { … } if enc_query(‘something’, undef ) == undef { … } # impossible ThreadCount <%= @workers.to_i %> “I ran Puppet, and it painted me a Picasso [with errors]” “Sharp and Pointy by Design” Hard to reason about by accident 4$

Factoring the Problem
Code Hygiene (Dupe Code, Linting)
Coding Best Practices
Customer Education & Assistance
Software Lifecycle Management
5

Plan of Attack: Code Hygiene
Identify Duplicate Code
Refactor Common Code to Modules
Scope Linter Violations
Increase Linter Compliance
Enable Linting in SCM Hooks
6

Plan of Attack: Customer Education
Be the Code You Want to See in Your Repo
Mingle With the People
Teach Them to Fish
8

Plan of Attack: Upgrades
Unify Your Masters
Agents Will Follow
Future-proof the Process
9

On SCM Migrations
Evolution: Good
• Better Tooling
• Better Branching
Revolution: Bad
• “I’ve only ever used $otherSCM, so we should, too!”
• “If it’s good enough for the Linux kernel, it’s good
enough for me!”
• “Isn’t $currentSCM really really old?”
10

Are We There Yet?
The boss wants to know…
11
Image provided by Wikipedia

You Are NEVER There
Those who don’t learn from the past,
Are doomed to refactor it.
Over and over and over.
12
Image provided by @imwithstoopid13 — deviantart

Acknowledgements
Ramin K
Jesse M
Management
PuppetConf
13

PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter

This document summarizes best practices for using Puppet configuration management in the AWS cloud. It describes ServiceChannel's journey from an on-premise infrastructure to migrating to AWS, including initial exploration of single EC2 instances and hybrid on-premise/AWS deployments. Key steps for deploying Puppet in AWS are discussed such as understanding AWS services, network configuration, enabling CloudTrail logging, and using IAM roles. The Puppet Labs AWS module is introduced for provisioning AWS resources through Puppet. Benefits seen from adopting DevOps practices like Puppet in AWS include faster deployment times, increased stability, and shorter recovery windows.

PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...

Puppet

PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water Operations

Puppet

PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet

Puppet

PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...

Puppet

Gemtalk Product Roadmap

ESUG

- The company that produces GemStone, formerly known as GemStone Systems, is now called GemTalk Systems. - GemTalk Systems will continue to support GemStone/S 32 indefinitely instead of ending support in 2015 as originally planned. - A new version of GemStone/S 64, version 3.2, is planned for late 2013 or early 2014 which will include new features like improved indexing, encryption capabilities, and hot standby functionality. - GemStone/S licensing models will now include perpetual licenses and annual subscriptions in addition to the existing VAR model. A new free Web Edition of GemStone/S will also be offered.

Windows azure overview

ctc TrainCanada

The Windows Azure public cloud platform is one of the three pillars of Microsoft’s Cloud OS vision that will transform the traditional datacenter environment, help businesses unlock insights in data stored anywhere, enable the development of a wide range of modern business applications, and empower IT to support users who work anywhere on any device while being able to manage these devices in a secure and consistent way. Microsoft Azure Training Courses here: http://www.traincanada.com/courses/microsoft/azure/

Savanna - Elastic Hadoop on OpenStack

Sergey Lukjanov

Savanna is an OpenStack component that allows elastic provisioning of Hadoop clusters in OpenStack. It has a 3 phase roadmap - phase 1 allows basic cluster provisioning which is complete, phase 2 will add advanced configuration and tool integration currently in progress, and phase 3 will enable analytics as a service with a job execution framework. Savanna uses an extensible plugin architecture to provision Hadoop VMs and configure the clusters, integrating with other OpenStack components like Nova, Glance, and Swift.

Roadmap for successful IT budgeting

Absoft Limited

Open Data Center Alliance Workgroups, Usage Models and Roadmap Structure

Open Data Center Alliance

Learn about the Open Data Center Alliance Workgroups, Usage Models and Roadmap Structure from the perspective of the Alliance Technical Coordination Committee. This presentation was used in the Nov. 18, 2010 Alliance Webcast delivered by Howard Grodin, VP of Strategic Programs, Terrermark; Alliance Technical Coordination Committee Member, and Ravi Subranamiam, Intel Corporation; Alliance Technical Advisor. For more information about the Open Data Center Alliance, visit www.opendatacenteralliance.org. You will also find the Webcast recording that accompanies this presentation there.

Metalnox Product Overview

Dan Barefoot

Technical roadmap 2015 - Nuxeo Tour 2014

Nuxeo

The Nuxeo 2015 Roadmap document outlines planned evolutions and improvements to the Nuxeo platform, including enhancements to the document repository, field constraints, blob management, document storage, platform infrastructure, operations on large trees, multi-node management, online services/connectors, UI/client SDK, coding tools, automation scripting, and Java coding. Key goals are to improve scalability, robustness, integration with cloud services, and provide modern tools for building Nuxeo-based applications.

Product Release Road-map Guide

Bim Akinfenwa

WSO2 Quarterly Technical Update

WSO2

The document provides an update on WSO2's technical developments in 2011 and roadmap highlights for 2012. Major updates in 2011 included improvements to Carbon Core, the Enterprise Service Bus, Governance Registry, and other products. Focus areas for 2012 include tooling, integration, analytics, cloud services, and improvements to Carbon and Stratos foundations. The roadmap highlights new capabilities for API management, Cassandra support, a redesigned Business Activity Monitor, and an automated cloud development platform.

Mobile ECM: Using the Nuxeo Platform from mobile devices

Nuxeo

Share point 2010 roadmap

ctc TrainCanada

Ceh certified ethical hacker

bestip

This 5-day Certified Ethical Hacker training course teaches students how to scan, test, hack, and secure their own systems by learning the techniques used by hackers. The course covers topics like footprinting, scanning, enumeration, system hacking, viruses, sniffers, denial of service attacks, session hijacking, web server hacking, web application vulnerabilities, password cracking, SQL injection, and wireless and cryptography attacks. The goal is to help security professionals and network administrators enhance cybersecurity by thinking like an attacker in order to defend systems from real-world threats.

Hacking - CEH Cheat Sheet Exercises.pdf

john485745

The document provides guidance on using cheat sheets to study for the EC-Council Certified Ethical Hacker exam. It recommends printing out the cheat sheets, copying them by hand multiple times, and adding notes to help master the concepts and recall important information during the exam without needing the original sheets. A chapter map outlines the topics covered in the various cheat sheets to aid preparation.

1435488539 221998

Shree Krishna Shrestha

A trojan is a type of malware that appears to perform a desirable function but hides malicious code that allows unauthorized access to a system. Some key points about trojans: - Trojans are often disguised as legitimate files to trick users into running them. Common file types used for trojans include executable files (.exe), dynamic link libraries (.dll), scripts (.vbs, .js), and compressed files (.zip, .rar). - Once activated, a trojan may allow attackers to install additional malware, steal data, use system resources for cryptomining or DDoS attacks, and more. - Common trojan delivery methods include email attachments, compromised/malicious websites, peer-to-

Viewers also liked

PuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar

Puppet

PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...

Puppet

PuppetConf track overview: Modern Infrastructure

Puppet

PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...

Puppet

PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...

Puppet

PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water Operations

Puppet

PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet

Puppet

PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...

Puppet

Gemtalk Product Roadmap

ESUG

Windows azure overview

ctc TrainCanada

Savanna - Elastic Hadoop on OpenStack

Sergey Lukjanov

Roadmap for successful IT budgeting

Absoft Limited

Open Data Center Alliance Workgroups, Usage Models and Roadmap Structure

Open Data Center Alliance

Metalnox Product Overview

Dan Barefoot

Technical roadmap 2015 - Nuxeo Tour 2014

Nuxeo

Product Release Road-map Guide

Bim Akinfenwa

WSO2 Quarterly Technical Update

WSO2

Mobile ECM: Using the Nuxeo Platform from mobile devices

Nuxeo

Share point 2010 roadmap

ctc TrainCanada

Viewers also liked (19)

PuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar

PuppetConf 2016: The Challenges with Container Configuration – David Lutterko...

PuppetConf track overview: Modern Infrastructure

PuppetConf 2016: Best Practices for Puppet in the Cloud – Randall Hunt, Amazo...

PuppetConf 2016: Implementing Puppet within a Complex Enterprise – Jerry Caup...

PuppetConf 2016: Watching the Puppet Show – Sean Porter, Heavy Water Operations

PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet

PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...

Gemtalk Product Roadmap

Windows azure overview

Savanna - Elastic Hadoop on OpenStack

Roadmap for successful IT budgeting

Open Data Center Alliance Workgroups, Usage Models and Roadmap Structure

Metalnox Product Overview

Technical roadmap 2015 - Nuxeo Tour 2014

Product Release Road-map Guide

WSO2 Quarterly Technical Update

Mobile ECM: Using the Nuxeo Platform from mobile devices

Share point 2010 roadmap

Similar to PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter

Ceh certified ethical hacker

bestip

Hacking - CEH Cheat Sheet Exercises.pdf

john485745

1435488539 221998

Shree Krishna Shrestha

Code Quality Makes Your Job Easier

Tonya Mork

Code quality directly impacts how easy or hard your job is. The higher the quality, the easier it is for anyone (including you) to quickly jump in and get to work. Where do you start? In this session, Tonya Mork will empower you to simplify your code while dramatically increasing its code quality. It's all about building <human code>, code that is highly human readable and understandable. This slide deck is from a session I gave for WPSessions. https://wpsessions.com/sessions/code-quality-makes-jobs-easier/

Successful developers

Kirsten Hunter

Securing the “Weakest Link”

Priyanka Aash

Security professionals often call people “the weakest link.” We claim that they'll always make mistakes, however hard we try, and throw up our hands. But the simple truth is that we can help people do well at a wide variety of security tasks, and it’s easy to get started. Building on work in usable security and threat modeling, this session will give you actionable, proven ways to secure people. (Source: RSA USA 2016-San Francisco)

Inside Darwin Analytics

jelmersnoeck

Maintainable code

RiverGlide

The key points of maintainable code according to the document are: 1) Code should be written to be easily read and understood. Methods and classes should not go on for too many lines to hold the reader's context. 2) Code should leverage existing libraries rather than reinventing the wheel for common tasks. 3) Guard clauses and failure fast approaches like exceptions help simplify code flow and make errors obvious. 4) Null values and unnecessary complexity like nested if statements should be avoided when possible.

Safety Bot Guaranteed -- Shmoocon 2017

Richard Seymour

Chat bots been have popping up everywhere for silly things, but what if they can help us make the world more safe and secure? The work of designing secure systems often involves iterating over designs with a team but what if you don’t have a team? What if you could iterate over system design and analysis in a chat window and have a design document with safety constraints as the end product? This talk will present an original chat bot that will do just that

Introduction to AntiPatterns & CodeSmells

Claudio Bernasconi

The document discusses anti-patterns and code smells that can occur in software development. It defines anti-patterns as poor solutions to recurring problems that happen when developers lack experience or apply patterns incorrectly. Several common anti-patterns are described, such as the Blob (overly large class), Lava Flow (unused code), and Golden Hammer (overusing a single concept). Code smells are also defined as indicators that code may need refactoring, and examples like duplicated code, long methods, and switch statements are provided. Overall refactoring techniques are recommended to improve code quality by addressing these issues.

Automating Tinder w/ Eigenfaces and StanfordNLP

Justin Long

Pentester's Mindset! - Ravikumar Paghdal

NSConclave

I will represent multiple case studies to convey the message that if you think limited, you will be limited. Bug bounty approach has degraded the quality of penetration testing, for both the customers as well as the practitioners. It is hard for the customer to differentiate between a good penetration testing and a quick and dirty top-10 or top-25 approach. https://nsconclave.net-square.com/pentesters-mindset.html

Anti-Patterns

Robert Brown

This document discusses various anti-patterns and best practices in coding. It covers topics like avoiding magic numbers, proper use of #define, implicit type conversions, assertions, encapsulation, short and descriptive variable names, dead code, and name spacing. The key messages are to form good habits, optimize code for humans, learn rules well to know when to break them, avoid assumptions without assertions, and use proper encapsulation, short methods and naming.

Design patterns - The Good, the Bad, and the Anti-Pattern

Barry O Sullivan

4.Security Assessment And Testing

phanleson

This document discusses secure software engineering practices, including: 1) Using architecture to structure applications so they mitigate exploits by limiting the impact of vulnerabilities. 2) Conducting code reviews with a variety of reviewers to catch issues and avoid "inbred" groupthink. 3) Using automated code checkers and complexity metrics to efficiently find security bugs, though their results still require manual review.

Threat Modeling Lessons From Star Wars

Adam Shostack

Everyone knows you ought to threat model, but in practical reality it turns out to be tricky. If past efforts to threat model haven't panned out, perhaps part of the problem is confusion over what works, and how the various approaches conflict or align. This talk captures lessons from years of work helping people throughout the software industry threat model more effectively. It's designed to help security pros, developers and systems managers, all of whom will leave with both threat modeling lessons from Star Wars and a proven foundation, enabling them to threat model effectively.

How Credential Stuffing is Evolving - PasswordsCon 2019

Jarrod Overson

Extension methods, nulls, namespaces and precedence in c#

Paul Houle

Extension methods are the most controversial feature that Microsoft has introduced in C# 3.0. Introduced to support the LINQ query framework, extension methods make it possible to define new methods for existing classes. Although extension methods can greatly simplify code that uses them, many are concerned that they could transform C# into something that programmers find unrecognizable, or that C#’s namespace mechanisms are inadequate for managing large systems that use extension methods. Adoption of the LINQ framework, however, means that extension methods are here to stay, and that .net programmers need to understand how to use them effectively, and, in particular, how extension methods are different from regular methods. This article discusses three ways in which extension methods differ from regular methods: 1. Extension methods can be called on null objects without throwing an exception 2. Extension methods cannot be called inside of a subclass

Extension methods, nulls, namespaces and precedence in c#

Paul Houle

Extension methods allow calling methods on null objects without exceptions and add methods to existing classes without modifying them. However, extension methods have different precedence than regular methods and can cause conflicts if defined in multiple namespaces. To avoid issues, extension methods should be defined carefully, null values should be checked, and namespaces should be managed properly.

Chatting with your programs to find vulnerabilities

Christopher Gardner

This document discusses using AI techniques like chatbots and neural networks to help automate the process of finding software vulnerabilities. It summarizes that traditional fuzzing and symbolic execution approaches are slow, and benefit from good initial test cases. A chatbot was trained on existing human-generated test cases to see if it could produce new test cases that achieve similar code coverage levels as humans. While the chatbot underperformed humans, it was much faster and in some cases came close to human performance. Further research into improving chatbots and combining them with symbolic execution may lead to more effective automated vulnerability discovery tools.

Similar to PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter (20)

Ceh certified ethical hacker

Hacking - CEH Cheat Sheet Exercises.pdf

1435488539 221998

Code Quality Makes Your Job Easier

Successful developers

Securing the “Weakest Link”

Inside Darwin Analytics

Maintainable code

Safety Bot Guaranteed -- Shmoocon 2017

Introduction to AntiPatterns & CodeSmells

Automating Tinder w/ Eigenfaces and StanfordNLP

Pentester's Mindset! - Ravikumar Paghdal

Anti-Patterns

Design patterns - The Good, the Bad, and the Anti-Pattern

4.Security Assessment And Testing

Threat Modeling Lessons From Star Wars

How Credential Stuffing is Evolving - PasswordsCon 2019

Extension methods, nulls, namespaces and precedence in c#

Chatting with your programs to find vulnerabilities

More from Puppet

Puppet camp2021 testing modules and controlrepo

Puppet

This document discusses testing Puppet code when using modules versus a control repository. It recommends starting with simple syntax and unit tests using PDK or rspec-puppet for modules, and using OnceOver for testing control repositories, as it is specially designed for this purpose. OnceOver allows defining classes, nodes, and a test matrix to run syntax, unit, and acceptance tests across different configurations. Moving from simple to more complex testing approaches like acceptance tests is suggested. PDK and OnceOver both have limitations for testing across operating systems that may require customizing spec tests. Infrastructure for running acceptance tests in VMs or containers is also discussed.

Puppetcamp r10kyaml

Puppet

2021 04-15 operational verification (with notes)

Puppet

The document discusses operational verification and how Puppet is working on a new module to provide more confidence in infrastructure health. It introduces the concept of adding check resources to catalogs to validate configurations and service health directly during Puppet runs. Examples are provided of how this could detect issues earlier than current methods. Next steps outlined include integrating checks into more resource types, fixing reporting, integrating into modules, and gathering feedback. This allows testing and monitoring to converge by embedding checks within configurations.

Puppet camp vscode

Puppet

Modules of the twenties

Puppet

- The document discusses various patterns and techniques the author has found useful when working with Puppet modules over 10+ years, including some that may be considered unorthodox or anti-patterns by some. - Key topics covered include optimization of reusable modules, custom data types, Bolt tasks and plans, external facts, Hiera classification, ensuring resources for presence/absence, application abstraction with Tiny Puppet, and class-based noop management. - The author argues that some established patterns like roles and profiles can evolve to be more flexible, and that running production nodes in noop mode with controls may be preferable to fully enforcing on all nodes.

Applying Roles and Profiles method to compliance code

Puppet

This document discusses adapting the roles and profiles design pattern to writing compliance code in Puppet modules. It begins by noting the challenges of writing compliance code, such as it touching many parts of nodes and leading to sprawling code. It then provides an overview of the roles and profiles pattern, which uses simple "front-end" roles/interfaces and more complex "back-end" profiles/implementations. The rest of the document discusses how to apply this pattern when authoring Puppet modules for compliance - including creating interface and implementation classes, using Hiera for configuration, and tools for reducing boilerplate code. It aims to provide a maintainable structure and simplify adapting to new compliance frameworks or requirements.

KGI compliance as-code approach

Puppet

This document discusses Kinney Group's Puppet compliance framework for automating STIG compliance and reporting. It notes that customers often implement compliance Puppet code poorly or lack appropriate Puppet knowledge. The framework aims to standardize compliance modules that are data-driven and customizable. It addresses challenges like conflicting modules and keeping compliance current after implementation. The framework generates automated STIG checklists and plans future integration with Puppet Enterprise and Splunk for continued compliance reporting. Kinney Group cites practical experience implementing the framework for various military and government customers.

Enforce compliance policy with model-driven automation

Puppet

This document discusses model-driven automation for enforcing compliance. It begins with an overview of compliance benchmarks and the CIS benchmarks. It then discusses implementing benchmarks, common challenges around configuration drift and lack of visibility, and how to define compliance policy as code. The key points are that automation is essential for compliance at scale; a model-driven approach defines how a system should be configured and uses desired-state enforcement to keep systems compliant; and defining compliance policy as code, managing it with source control, and automating it with CI/CD helps achieve continuous compliance.

Keynote: Puppet camp compliance

Puppet

This document discusses how organizations can move from a reactive approach to compliance to a proactive approach using automation. It notes that over 50% of CIOs cite security and compliance as a barrier to IT modernization. Puppet offers an end-to-end compliance solution that allows organizations to automatically eliminate configuration drift, enforce compliance at scale across operating systems and environments, and define policy as code. The solution helps organizations improve compliance from 50% to over 90% compliant. The document argues that taking a proactive automation approach to compliance can turn it into a competitive advantage by improving speed and innovation.

Automating it management with Puppet + ServiceNow

Puppet

As the leading IT Service Management and IT Operations Management platform in the marketplace, ServiceNow is used by many organizations to address everything from self service IT requests to Change, Incident and Problem Management. The strength of the platform is in the workflows and processes that are built around the shared data model, represented in the CMDB. This provides the ‘single source of truth’ for the organization. Puppet Enterprise is a leading automation platform focused on the IT Configuration Management and Compliance space. Puppet Enterprise has a unique perspective on the state of systems being managed, constantly being updated and kept accurate as part of the regular Puppet operation. Puppet Enterprise is the automation engine ensuring that the environment stays consistent and in compliance. In this webinar, we will explore how to maximize the value of both solutions, with Puppet Enterprise automating the actions required to drive a change, and ServiceNow governing the process around that change, from definition to approval. We will introduce and demonstrate several published integration points between the two solutions, in the areas of Self-Service Infrastructure, Enriched Change Management and Automated Incident Registration.

Puppet: The best way to harden Windows

Puppet

This document promotes Puppet as a tool for hardening Windows environments. It states that Puppet can be used to harden Windows with one line of code, detect drift from desired configurations, report on missing or changing requirements, reverse engineer existing configurations, secure IIS, and export configurations to the cloud. Benefits of Puppet mentioned include hardening Windows environments, finding drift for investigation, easily passing audits, compliance reporting, easy exceptions, and exporting configurations. It also directs users to Puppet Forge modules for securing Windows and IIS.

Simplified Patch Management with Puppet - Oct. 2020

Puppet

Does your company struggle with patching systems? If so, you’re not alone — most organizations have attempted to solve this issue by cobbling together multiple tools, processes, and different teams, which can make an already complicated issue worse. Puppet helps keep hosts healthy, secure and compliant by replacing time-consuming and error prone patching processes with Puppet’s automated patching solution. Join this webinar to learn how to do the following with Puppet: Eliminate manual patching processes with pre-built patching automation for Windows and Linux systems. Gain visibility into patching status across your estate regardless of OS with new patching solution from the PE console. Ensure your systems are compliant and patched in a healthy state How Puppet Enterprise makes patch management easy across your Windows and Linux operating systems. Presented by: Margaret Lee, Product Manager, Puppet, and Ajay Sridhar, Sr. Sales Engineer, Puppet.

Accelerating azure adoption with puppet

Puppet

The document discusses how Puppet can be used to accelerate adoption of Microsoft Azure. It describes lift and shift migration of on-premises workloads to Azure virtual machines. It also covers infrastructure as code using Puppet and Terraform for provisioning, configuration management using Puppet Bolt, and implementing immutable infrastructure patterns on Azure. Integrations with Azure services like Key Vault, Blob Storage and metadata service are presented. Patch management and inventory of Azure resources with Puppet are also summarized.

Puppet catalog Diff; Raphael Pinson

Puppet

This document discusses using Puppet Catalog Diff to analyze the impact of changes between Puppet environments or catalogs. It provides the command line usage and options for Puppet Catalog Diff. It also discusses how to integrate Puppet Catalog Diff into CI/CD pipelines for automated impact analysis when merging code changes. Additional resources like GitHub projects and Dev.to posts are provided for learning more about diffing Puppet environments and catalogs.

ServiceNow and Puppet- better together, Kevin Reeuwijk

Puppet

ServiceNow and Puppet can be integrated in four key areas: 1) Self-service infrastructure allows non-Puppet experts to control infrastructure through a ServiceNow interface; 2) Enriched change management automatically generates ServiceNow change requests from Puppet changes and populates them with impact details; 3) Automated incident registration forwards details of configuration drift corrections in Puppet to ServiceNow to create incidents; and 4) Up-to-date asset management would periodically upload Puppet inventory data to ServiceNow to keep the CMDB accurate without disruptive discovery runs.

Take control of your dev ops dumping ground

Puppet

This document discusses how Puppet Relay uses Tekton pipelines to orchestrate containerized workflows. It provides an overview of how Tekton fits into the Relay architecture, with Tekton controllers managing taskrun pods to execute workflow steps defined in YAML. Triggers can initiate workflows based on events, with reusable and composable steps for tasks like provisioning infrastructure or clearing resources. Relay also includes features for parameters, secrets, outputs, and approvals to customize workflows. An ecosystem of open source integrations provides sample workflows and steps for common use cases.

100% Puppet Cloud Deployment of Legacy Software

Puppet

This document discusses deploying legacy software into the AWS cloud using Puppet. It proposes modeling AWS resources like security groups, autoscaling groups, and launch configurations as Puppet resources. This would allow Puppet to provision the underlying AWS infrastructure and configure servers launched in autoscaling groups. It acknowledges challenges around server reboots but suggests they can be addressed. In summary, it argues custom Puppet resources can easily model AWS resources and using Puppet to configure autoscaling servers is possible despite some challenges around rebooting servers during deployment.

Puppet User Group

Puppet

This document discusses a partnership between Republic Polytechnic's School of Infocomm and Puppet to promote DevOps practices. It introduces several people involved with the partnership and outlines their mission to prepare more IT companies and individuals for jobs in the DevOps field through training courses. The document describes some short courses offered on DevOps topics and using the Puppet and Microsoft Azure platforms. It provides an example of how Republic Polytechnic has automated infrastructure configuration using Puppet to save time and reduce errors. There is a request at the end for readers to register their interest in DevOps by completing a survey.

Continuous Compliance and DevSecOps

Puppet

This document discusses continuous compliance and DevSecOps best practices followed by financial services organizations. Continuous compliance is defined as an ongoing process of proactive risk management that delivers predictable, transparent, and cost-effective compliance results. It involves continuously monitoring compliance controls, providing real-time alerts for failures and remediation recommendations, and maintaining up-to-date policies. Best practices for continuous compliance discussed include defining CIS controls and benchmarks, achieving transparent compliance dashboards and automated fixes for breaches. DevSecOps is introduced as bringing security earlier in the application development lifecycle to minimize vulnerabilities. It aims to make everyone accountable for security. Challenges discussed include security teams struggling to keep up with DevOps pace and

The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy

Puppet

The document discusses using Puppet and Vault together to dynamically manage SSL certificates. Puppet can use the vault_cert resource to request signed certificates from Vault and configure services to use the certificates. On Windows, some additional logic is needed to retrieve certificates' thumbprints and bind services to certificates using those thumbprints. This approach provides automated certificate renewal and distribution across platforms.

More from Puppet (20)

Puppet camp2021 testing modules and controlrepo

Puppetcamp r10kyaml

2021 04-15 operational verification (with notes)

Puppet camp vscode

Modules of the twenties

Applying Roles and Profiles method to compliance code

KGI compliance as-code approach

Enforce compliance policy with model-driven automation

Keynote: Puppet camp compliance

Automating it management with Puppet + ServiceNow

Puppet: The best way to harden Windows

Simplified Patch Management with Puppet - Oct. 2020

Accelerating azure adoption with puppet

Puppet catalog Diff; Raphael Pinson

ServiceNow and Puppet- better together, Kevin Reeuwijk

Take control of your dev ops dumping ground

100% Puppet Cloud Deployment of Legacy Software

Puppet User Group

Continuous Compliance and DevSecOps

The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy

Recently uploaded

Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...

Pitangent Analytics & Technology Solutions Pvt. Ltd

Skybuffer SAM4U tool for SAP license adoption

Tatiana Kojar

Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool. SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.

Principle of conventional tomography-Bibash Shahi ppt..pptx

BibashShahi

Energy Efficient Video Encoding for Cloud and Edge Computing Instances

Alpen-Adria-Universität

What is an RPA CoE? Session 1 – CoE Vision

DianaGray10

Dandelion Hashtable: beyond billion requests per second on a commodity server

Antonios Katsarakis

This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).

Artificial Intelligence and Electronic Warfare

Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD

HCL Notes and Domino License Cost Reduction in the World of DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/ The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this! We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model. Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward. These topics will be covered - Reducing license cost by finding and fixing misconfigurations and superfluous accounts - How do CCB and CCX licenses really work? - Understanding the DLAU tool and how to best utilize it - Tips for common problem areas, like team mailboxes, functional/test users, etc - Practical examples and best practices to implement right away

How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf

Chart Kalyan

GNSS spoofing via SDR (Criptored Talks 2024)

Javier Junquera

In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security. This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing. The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.

Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors

DianaGray10

Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more. The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications. We’ll discuss and demo the benefits of UiPath Apps and connectors including: Creating a compelling user experience for any software, without the limitations of APIs. Accelerating the app creation process, saving time and effort Enjoying high-performance CRUD (create, read, update, delete) operations, for seamless data management. Speakers: Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP Charlie Greenberg, host

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

akankshawande

Leveraging the Graph for Clinical Trials and Standards

Neo4j

Harnessing the Power of NLP and Knowledge Graphs for Opioid Research

Neo4j

Nordic Marketo Engage User Group_June 13_ 2024.pptx

MichaelKnudsen27

Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians

Neo4j

Northern Engraving | Nameplate Manufacturing Process - 2024

Northern Engraving

Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!

5th LF Energy Power Grid Model Meet-up Slides

DanBrown980551

5th Power Grid Model Meet-up It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology. Power Grid Model The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services. Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability. Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization. What to expect For the upcoming meetup we are organizing, we have an exciting lineup of activities planned: -Insightful presentations covering two practical applications of the Power Grid Model. -An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024. -An interactive brainstorming session to discuss and propose new feature requests. -An opportunity to connect with fellow Power Grid Model enthusiasts and users.

Astute Business Solutions | Oracle Cloud Partner |

AstuteBusiness

Essentials of Automations: Exploring Attributes & Automation Parameters

Safe Software

Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they? Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality. You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.

Recently uploaded (20)

Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...

Skybuffer SAM4U tool for SAP license adoption

Principle of conventional tomography-Bibash Shahi ppt..pptx

Energy Efficient Video Encoding for Cloud and Edge Computing Instances

What is an RPA CoE? Session 1 – CoE Vision

Dandelion Hashtable: beyond billion requests per second on a commodity server

Artificial Intelligence and Electronic Warfare

HCL Notes and Domino License Cost Reduction in the World of DLAU

How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf

GNSS spoofing via SDR (Criptored Talks 2024)

Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

Leveraging the Graph for Clinical Trials and Standards

Harnessing the Power of NLP and Knowledge Graphs for Opioid Research

Nordic Marketo Engage User Group_June 13_ 2024.pptx

Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians

Northern Engraving | Nameplate Manufacturing Process - 2024

5th LF Energy Power Grid Model Meet-up Slides

Astute Business Solutions | Oracle Cloud Partner |

Essentials of Automations: Exploring Attributes & Automation Parameters

PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter

1. Can You Manage Me Now? Humanizing Configuration Management at Scale Tray Torrance SRE, Twitter

2. Introduction Who What Where When Why 2

3. Problem Space Millions of LoC Thousands of Nodes Hundreds of Contributors Several Coding Styles Disparate Agent Versions 3

4. Problem Space • Actively Hostile Codebase • What even are types? if enc_query(‘something’, ‘false’) == ‘true’ { … } if enc_query(‘something’, ‘false’) != ‘false’ { … } if enc_query(‘something’, undef ) == undef { … } # impossible ThreadCount <%= @workers.to_i %> “I ran Puppet, and it painted me a Picasso [with errors]” “Sharp and Pointy by Design” Hard to reason about by accident 4

5. Factoring the Problem Code Hygiene (Dupe Code, Linting) Coding Best Practices Customer Education & Assistance Software Lifecycle Management 5

6. Plan of Attack: Code Hygiene Identify Duplicate Code Refactor Common Code to Modules Scope Linter Violations Increase Linter Compliance Enable Linting in SCM Hooks 6

7. Plan of Attack: Coding Best Practices Adopt Role/Profile Make Amends with the AutoLoader Eradicate Multi-Resource Stanzas $ grep -ri ‘foo’ puppet/modules puppet/modules/role/manifests/bar.pp:22 include ::foo puppet/modules/role/manifests/baz.pp:36 include ::foo puppet/modules/role/manifests/qux.pp:44 ’foo’: 7

8. Plan of Attack: Customer Education Be the Code You Want to See in Your Repo Mingle With the People Teach Them to Fish 8

9. Plan of Attack: Upgrades Unify Your Masters Agents Will Follow Future-proof the Process 9

10. On SCM Migrations Evolution: Good • Better Tooling • Better Branching Revolution: Bad • “I’ve only ever used $otherSCM, so we should, too!” • “If it’s good enough for the Linux kernel, it’s good enough for me!” • “Isn’t $currentSCM really really old?” 10

11. Are We There Yet? The boss wants to know… 11 Image provided by Wikipedia

12. You Are NEVER There Those who don’t learn from the past, Are doomed to refactor it. Over and over and over. 12 Image provided by @imwithstoopid13 — deviantart

13. Acknowledgements Ramin K Jesse M Management PuppetConf 13

PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (19)

Similar to PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter

Similar to PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter (20)

More from Puppet

More from Puppet (20)

Recently uploaded

Recently uploaded (20)

PuppetConf 2016: Can You Manage Me Now? Humanizing Configuration Management at Scale – Tray Torrance, Twitter