Back from PuppetConf 2017

PuppetConf is a unique place to meet and connect staff from Puppet Labs (including Managers and Developers). People are most of the time open for a quick chat before or after their presentation. This year, Mr. Mirchandani (actual President & CEO) with several product owners held a great keynote.

New software were introduced to actual offer, following three big lines :

  • Puppet Discovery enables discovery of infrastructure (from traditional infrastructure to cloud resources), and provides deep insights about running infrastructure.
  • Puppet Task (via open source project Bolt) is a task runner that executes ad hoc command across infrastructure and applications. It is driven through a command line interface and connects to remote systems via SSH and WinRM (It doesn’t require Puppet agent to run). It’s closed to Ansible philosophy.
  • Puppet Pipelines for Containers (formerly known as K8S dashboard from Distelli) allows to build Docker images from repository and deploy them to a Kubernetes cluster. I especially enjoyed the demo when the Puppet team updated live (on main stage screen) the ”Forge” website using this tool. Everything went OK.



During this 2 days in Hilton Union Square at San Francisco, I was also able to attend a few technical talks. One was hold by the CERN (Conseil européen pour la recherche nucléaire), which is a European research organization that operates the largest particle physics laboratory in the world. The speaker explained how his team (so-called “The Config team”), was able to migrate more than 34 000 nodes from early Puppet version 3 to version 4. I especially enjoyed the technical side of his talk (related to “containers”, load-balancers, monitoring and how they manage all Puppet modules code in a CI (Continous Integration) Software.

You will find his slides over there :


I also checked several talks about Core OS (now, named “Container Linux”) and how to manage configuration on this very slim operating System. The basic idea is to run Puppet Agent inside a container (not directly on hypervisor) and grant access to local filesystem to apply changes.

Demo code :


Several conference also explained how to connect Puppet agent and “API REST” managed software or devices. This is not new in Puppet but still a very important topic as most platform now (i.e.: Kubernetes or all Elastic software) are managed this way. Basically you can add to your existing automation workflow any elements which expose an API via HTTP. Puppet Labs has several ongoing projects about this topic. Check their Github for the latest updates.

Presentations by Tyler Langlois :


This is not very common for me as a Linux Consultant, but I took time to assist a Puppet for Windows talk. I was curious how Walmart IT team used Puppet to automate and manage Windows Server configuration. The idea is to use Puppet Agent in conjunction of Microsoft SCCM (more dedicated to OS imaging / Application installation) and Active Directory (dedicated to GPO and Users management / ACL). In their workflow, Puppet Agent is responsible for managing post-configuration files and services status for all Windows Server. Agent also schedules Powershell scripts execution. One good point also was that Puppet is used as an abstraction layer to all OS configuration, therefore source code modules are shared between Windows and Linux team.



During PuppetConf lunch time, you can assist various vendors demo (Dell EMC, CyberArk, Icinga, Sensu, …). I was pleased to discover VMware Wavefront, a monitoring software designed for developers used to optimize modern applications that rely on containers and microservices. At this exhibition hall I also met Example 42, a “Puppet focused” consulting company. I had a nice chat with them about PSICK (Puppet Systems Infrastructure Construction Kit). This is an open source full-featured, reusable, modern Puppet control-repo project.



To end this report, I would like to advise anybody interested into Puppet (open source version & Enterprise Edition) or in IT automation to visit Puppet Conf.  Technical talks are NOT hold only by Puppet people and most of the time are focused on real world experiences. It’s a good balance between vendors talk and open source community shares. I also would like to give a special thanks to all people involved in organization (lunch, talks, registration, etc..), my stay was awesome.


I have been working as an IT engineer (mostly in Web hosting industry) for more than 15 years, with specific interest in Linux internals, TCP/IP networks and software security. I have lived in Montreal (Canada), since 2013.

Leave a Reply