Mike_Kiev - Fotolia

Puppet automation tools widen config management's appeal

Puppet's enterprise customers can potentially winnow down their IT automation toolchains with Tasks and Discovery features for application automation.

SAN FRANCISCO -- Enterprise IT shops can broaden their use of Puppet automation tools with a task automation feature added to Puppet Enterprise 2017.3.

IT automation has become essential for IT shops regardless of where they are on the DevOps maturity curve. They all face pressure from business managers to simplify and streamline their automation toolchains. Puppet Tasks, a feature now available to Puppet Enterprise users, will help them progress toward this goal with a foray into basic application automation. The feature stops and starts application services and issues commands over the Puppet Enterprise communications fabric that already manages server configuration state.

Enterprise customers that have previewed Tasks said the feature boosts the chances Puppet Enterprise will become their tool of choice for IT automation as they advance toward DevOps.

"When we bring in a new tool, management asks us what we're getting rid of," said a senior Unix systems analyst at a trucking company in the Midwest who spoke on condition of anonymity.

Puppet Enterprise has nearly replaced IBM's BigFix endpoint management tool at this company, except for OS patching, because the company patches its Linux operating systems quarterly and Puppet runs every 30 minutes. The Unix analyst said he'd like to see Puppet Enterprise offer this function, built on Tasks.

"We could use it to kick off jobs or install tools like backup agents on a host, then maintain state and manage ongoing configuration changes with Puppet," the Unix systems analyst said.

Puppet Discovery dashboard
Puppet Discovery dashboard is currently available in preview, with GA expected before the end of 2017.

For now, Puppet Tasks will help with security as an alternative to giving developers root access for one-time code deployments. "It gives us more capabilities within the Puppet Enterprise console to do more scheduled tasks," he said.

Tasks is based on an open source project called Bolt, which will become available in the open source Puppet automation edition by year end. Bolt will eventually perform tasks such as running canary and blue-green deployments in continuously updated DevOps environments. It will also ingest bash scripts and infrastructure as code snippets from rival configuration management tools, such as Red Hat's Ansible Engine, Puppet officials said.

Puppet Discovery broadens systems insights

Puppet automation wasn't the only focus for the company, which also launched a separate commercial product, Discovery, at its PuppetConf show here in early October. The tool, which builds on the Cloud Discovery and Lumogon (renamed Container Discovery) projects disclosed in May, offers new insights into IT infrastructure, including resources not managed with Puppet Enterprise. Puppet Discovery will also offer the option to stop rogue services, or bring them into the fold, with the installation of an agent.

[IT managers] shouldn't make the mistake that not having stateful apps means not caring about state at all.
Edwin Yuenanalyst, Enterprise Strategy Group

Puppet Discovery is available now as a technology preview, with GA expected by the end of 2017, according to the company. Customers don't need Puppet Enterprise to use Discovery, and it will support other configuration management tools.

Puppet Discovery, and configuration management in general, must contend with the fact that infrastructure updates are passé in the eyes of many advanced DevOps shops, in favor of immutable infrastructures that are torn down when updates occur.

Enterprises have yet to embrace immutable infrastructures, which may be impractical in large IT environments with legacy workloads, said Edwin Yuen, analyst at Enterprise Strategy Group.

"[IT managers] shouldn't make the mistake that not having stateful apps means not caring about state at all," Yuen said. As enterprises move containers to production, they will need more control over server state, not less. "Completely rebuilding the environment for an update might be more work than just understanding what you have," he said.

As Puppet automation expands beyond configuration management long term, its recent acquisition of Distelli will help shore up its container management line. But Puppet will also have to come up with an answer to Chef InSpec to provide enterprises with compliance as code, Yuen said. Chef, a major Puppet competitor that also often appears in the same IT organizations, created InSpec to provide automated compliance checks during the test and deployment process.

It's an open question whether this will require that Puppet make another acquisition, he said.

Beth Pariseau is senior news writer for TechTarget's Data Center and Virtualization Media Group. Write to her at [email protected] or follow @PariseauTT on Twitter.

Next Steps

Puppet is a commonly used configuration management software in the DevOps community. Its declarative nature makes it useful for organizations of any size, and offering both open source community and enterprise editions provide a wide range of support options.

Dig Deeper on Configuration Management and DevOps