rolffimages - Fotolia

Puppet IT automation wades into enterprise containers

Enterprises trust Puppet configuration management, but the company must win over a new audience of DevOps teams with capabilities that matter to them.

Puppet and its enterprise customers are in the same boat, afloat through the early phases of support for Docker containers.

Puppet introduced products and updates this week, which include new support for containers to help enterprise customers advance to the new technology.

For sophisticated IT shops where containers are already in use, configuration management can be seen as passé. In such bleeding-edge environments, container infrastructures are immutable -- destroyed and recreated continually -- rather than updated with tools such as Puppet or Chef.

But configuration management tools remain relevant to environments where infrastructure is patched and updated while it mostly remains in place over time, which is still the norm among large enterprises.

"There's still a huge opportunity for Puppet to go into existing customers and help them get DevOps in place," said Fintan Ryan, analyst with RedMonk, based in Portland, Maine. "The whole space is still just a bit messy."

Still, the Puppet tools remain a work in progress with the first release. For example, DevOps shops tend to insist on tools that offer APIs and plug in to broader application management frameworks. Puppet has an API for its new container inspection product in the works, but it won't be available in the first release this month.

Puppet IT automation embarks on a container journey

Puppet has added support for Linux package inspection within Docker containers with the first release of a tool called Lumogon.

Most of Puppet's large enterprise customers have just started to experiment with containers and still wrestle with laying the groundwork with an automated VM infrastructure first.

"Configuration management isn't going away -- you have to run containers somewhere, and those systems have to be managed," said Keiran Sweet, a consultant with Sourced Group, a Sydney-based managed services firm that works with large enterprises in Australia and Canada. Puppet's Docker Image Builder may be used by customers to convert server images to container images, he added.

As clients get comfortable with containers, Puppet is in a similar phase. Lumogon is a "minimum viable product" in this month's release, said Omri Gazitt, the chief product officer at Puppet, based in Portland, Ore.

The first release will use a command-line interface (CLI), and the data Lumogon collects will be fed into the monitoring tool of the customer's choice. A query interface is planned for subsequent releases, and the Puppet roadmap for Lumogon also includes data collection from container networks and container orchestration tools, such as Docker Swarm, Kubernetes and Apache Mesos.

Puppet has no time to waste -- these are features a crop of startups already offer to enterprises. Other configuration management tools, such as Chef and Ansible, have also established more appeal thus far in enterprise DevOps shops, analysts said.

Chef's Automate product and Ansible's new integrations with popular Red Hat tools, such as CloudForms, make them formidable opponents for Puppet in shops where people want to use established configuration management tools for containers, said Rob Stroud, an analyst at Forrester Research.

Puppet IT automation puts a new face on orchestration workflow

Puppet Enterprise 2017.2, also available from Puppet this week, includes a new visual interface. It's a welcome addition for mainstream companies that already use Puppet, and it reflects a recent trend of GUIs for open source software automation tools.

Puppet Application Orchestration, now integrated with the Puppet Enterprise GUI, was accessed through a CLI when it was first introduced in 2015. Now, enterprises can manage orchestration features with visual tools, such as drop-down menus and filters.

If I'm going to do a package update [in response to a vulnerability], I'm going to use Puppet to do it.
Rob Nelsona Puppet user

"This gives you visibility into things that are running, things that have been successful and things that have failed," Sweet said. "That will make [application orchestration] adoption easier."

Linux package inspection for known security vulnerabilities, another new feature available in Puppet Enterprise 2017.2, is of interest for enterprises, as well. Separate tools such as those from Black Duck Software in Burlington, Mass., can scan open source software packages, but some users prefer to have this feature natively available.

"If I'm going to do a package update [in response to a vulnerability], I'm going to use Puppet to do it," said Rob Nelson, a Puppet user at a large enterprise that he asked to not be named. "It's nice to be able to do both in the same spot."

Nelson has experience with Puppet's CLI, but he said the GUI will be a useful visual record of what's been changed recently in the environment.

Later this month, Puppet will also introduce a visualization software-as-a-service offering, Puppet Cloud Discovery, which offers a view into Amazon Web Services Elastic Compute Cloud instance inventories. The company said it plans to add support for more public cloud providers in future releases.

Beth Pariseau is senior news writer for TechTarget's Data Center and Virtualization Media Group. Write to her at [email protected] or follow @PariseauTT on Twitter.

Next Steps

Puppet's multisite disaster recovery competes with VMware

Complex upgrade processes make Puppet users weary

Puppet longevity ensured by API integration model

Dig Deeper on API Management for IT Tools