Pay attention at the back. Reductive Labs just announced Puppet training dates for London:

Puppet Training London: March 29 - April 2

There are two courses available: Becoming a Puppet Master (3 days) covers Puppet and Puppetmaster configuration, classes, modules, definitions, resource types, the resource abstraction layer, virtual resources, exported resources, stored configs, metaparameters, dependencies, events, tags, environments, Puppet language patterns and best practices. There'll be a mix of teaching and interactive class exercises using your own laptop and virtual machines. It costs £1595 for the 3 day course.

If you're a seasoned old Puppet hand and you know all that stuff by heart, then the Puppet Developer course (2 days) is probably for you. You'll get an introduction to Ruby for Puppet, as well as learning how to craft your own custom resource types and providers, develop custom functions and Facter facts. In addition there's a segment on testing practices and RSpec for Puppet. The cost is £995 for two days.

Register for the training (get £100 off each course if you register before March 15th) or contact Scott Campbell to find out more. And don't forget to bring an apple for the teacher.

"Is the web site down?" asked my boss. Probably the five words I least want to hear, along with "I've run over your cat" and "I'll pay you next month".

Yes, the site was down - I'd made a minor Puppet change, and assumed this would roll out without any problems. Of course, the problem with assumptions is that they make an ASS out of U in front of your BOSS. Whenever I use Puppet to make changes to production servers, I like to do it by running Puppet manually, rather than waiting for the half-hourly auto-run, and I like to do a dry run first to see what's going to happen.

Puppet's dry-run feature is a powerful tool that's often overlooked by busy sysadmins. Even if you test your Puppet manifests on a virtualised replica of your production site, which many people don't have the time or the budget to do, pushing changes out live can have unforeseen side effects which are best avoided.

To dry-run Puppet, use the --noop flag:

# puppetd --test --noop
info: Caching catalog at /var/puppet/state/localconfig.yaml
notice: Starting catalog run
762a763
> This change will screw up your Apache server.
notice: //Node[soupnazi]/nagios::server/apache/File[/etc/httpd/conf/httpd.conf]/source: 
  is {md5}327dc6b2d2337e4467840c007a0edd61, should be puppet:///apache/httpd.conf (noop)
info: //Node[soupnazi]/nagios::server/apache/File[/etc/httpd/conf/httpd.conf]: Scheduling refresh 
  of Service[httpd]
notice: //Node[soupnazi]/nagios::server/apache/Service[httpd]: Would have triggered refresh from 1 
  dependencies
notice: Finished catalog run in 8.93 seconds

Puppet's 'noop' (no-operation) mode shows you what would happen, but doesn't actually do it. As you can see, Puppet reports that it would have updated the httpd.conf file and restarted Apache, and it helpfully shows us the line it would have inserted into the file:

> This change will screw up your Apache server.

Aren't you glad you added the --noop flag? Of course, whenever you're contemplating rolling out changes to a live server like this, you'll want to stop the Puppet daemon running on the box temporarily (or disable the cron job if you run Puppet out of cron). The last thing you want is Puppet running automatically in "really do it" mode while you're scrambling to fix the broken manifest.

Puppet's dry run mode is not perfect - resource Y may fail because it requires resource X, for example, and resource X has not really been applied. Puppet isn't so clever as to model the state of the box if each resource had been really applied - which is not surprising, because that's a hard problem. Luckily, it doesn't need to be perfect: dry-running Puppet in this way will catch a lot of small but potentially disastrous errors before they happen.

Opinions differ as to how meaningful or correct a dry-run mode can be, since changing the state of the box makes things unpredictable (Chef doesn't have a dry run option at all), but I'll take avoiding a disaster over academic arguments any day.

"Thanks for getting the site back up," said my boss. "Now, something else I meant to tell you. I'll pay you next month." Read more »

Puppet is an indispensable configuration management and Linux automation tool for the system administrator who prefers to spend her time improving the infrastructure, rather than doing tedious manual labour. Chef, Puppet, Fabric and other tools can be a huge boost to productivity. From small beginnings, you can grow your Puppet installation to manage a whole network, or many networks. However, with great power comes a steep learning curve. There are lots of great resources and tutorials available if you want to learn Puppet - here's a brief guide for aspiring devops.

Puppet help

Need an introduction to Puppet? Start here.

What is Puppet?

• Puppet: IT Made Easy - introduction to Puppet from the Reductive Labs web site.
• The Craft: Automation and Scaling Infrastructure - Andrew Clay Shafer's thoughtful argument for automation as a way of liberating system administrators to do more important things. "Executable, policy-driven automation doesn’t remove the need for knowledge and skill. Automation allows the knowledge to be invested in infrastructure design, and lets the computers carry out the results of the decisions."
• Puppet can ease system administration tasks across the network - Ben Martin's overview and introduction to Puppet for linux.com.

Drupal, Puppet. Puppet, meet Drupal

Puppet and Drupal make a great combination. Drupal is an amazing tool for quickly constructing attractive, functional web sites. It lets you manage large numbers of web sites from a single installation, and (via add-on modules) provides almost any CMS or blog feature you could want.

However, like any powerful tool, Drupal takes some learning. It also needs a certain amount of discipline to manage Drupal servers without getting into a chaotic mess. The Drupal sysadmin can end up trying to navigate a spaghetti of ad-hoc symlinks and face problems upgrading, maintaining, monitoring and backing up a large Drupal installation. Aegir can help with this (I'll look at Aegir vs. Puppet in a future article) but first we need to get Drupal itself under control.

Fortunately, Puppet can help you tame Drupal and use the power of configuration management to bring your Drupal sites under control. In this article I'll explain some techniques and Puppet recipes I use to manage Drupal sites and servers, including my own sites, including this one! Read more »