Puppet roadmap tightens DevOps integrations amid wider use

Puppet Enterprise users plan to apply the tool's capabilities into new environments, and the vendor encourages that trend with additional tie-ins.

SAN FRANCISCO -- The Puppet roadmap for enterprise software will deepen support for third-party tools and add hooks into other Puppet products, which will help IT pros deploy the infrastructure automation tool in more environments.

Enterprise IT pros at PuppetConf here this week discussed uses for Puppet Enterprise in infrastructure they manage separately, such as Windows servers, as well as integrations with third-party IT automation software such as VMware's vRealize suite. Company executives said more of these integrations are on the way.

The next release of Puppet Enterprise, slated for April 2018, will combine the Discovery tool launched this week with the Puppet query language released in 2016, said Ryan Coleman, senior product manager at Puppet. This will let Puppet admins search for attributes, such as Linux packages, installed on IT assets that aren't managed by Puppet Enterprise alongside those that are, to present a more complete view of the environment.

Ryan ColemanRyan Coleman

The Puppet roadmap also includes integrations with other vendors' tools to widen the view of IT environments. A collaboration to correlate Tenable security scans with vulnerability details provided by Puppet will tell Puppet Enterprise users not only what weaknesses are in their environment, but how to prioritize them according to the role played by each machine, Coleman said.

The integration with Tenable is of particular interest to a senior infrastructure support analyst at a power utility on the East Coast, who spoke on condition of anonymity. The utility uses tools from Tenable and Tripwire along with Puppet Enterprise to scan the IT infrastructure for security and compliance and maintain its state. Tighter integration between them would help cut down on confusion and improve visibility into the infrastructure.

"Right now I have [to keep track of] three different mechanisms -- integrating them would mean we could see our security posture in Puppet, and use a third-party tool to validate it against policy," the infrastructure support analyst said. "Then if we make a change, we can use Puppet to validate that [the infrastructure] is still in a compliant state."

Puppet Enterprise pops up in new places for IT shops

The Puppet roadmap broadens the enterprise package's horizons as customers expand their use of the infrastructure automation software into uncharted territory. For example, Wal-Mart and Humana disclosed how they use Puppet Enterprise with Windows servers.

We spent a lot of time reinventing the wheel [before bringing the Windows environment under control with Puppet].
Derek Robinsonsystems engineer, Wal-Mart

Wal-Mart previously used Puppet Enterprise to standardize configuration management on Linux servers, but the company's 40,000 Windows servers still used 20 different versions of configuration scripts, said Derek Robinson, systems engineer for the Bentonville, Ark., retailer.

"We spent a lot of time reinventing the wheel," before bringing the Windows environment under control with Puppet, Robinson said.

There is some overlap between Puppet Enterprise and Group Policy features in Active Directory, but Wal-Mart may replace Group Policy with Puppet as it moves to Windows Server 2016, said Chris Kittell, a Wal-Mart systems engineer.

Fannie Mae has already put a plug-in for VMware's vRealize IT automation software in Puppet Enterprise through its paces, according to Trent TeSelle, an infrastructure architect at the San Francisco-based mortgage lender. The integration delivers infrastructure control into developers' hands through a familiar interface.

The vRealize self-service interface for developers uses Puppet Enterprise to execute infrastructure changes, so "self-service [developer] teams can define and configure application infrastructure without the need for Puppet skills," TeSelle said.

The Puppet roadmap shows improvements in future releases to the tool's integration with backup and recovery software, as well as with Linux containers, Coleman said. Puppet offers early access builds of a container appliance for Puppet Enterprise, so users don't have to manage the OS on Puppet Enterprise servers.

Puppet Enterprise users will also see three-month support windows for minor releases between long-term support versions, rather than upgrade immediately, Coleman said. Puppet will continue to add critical patches and provide support for minor releases past three months on request.

Beth Pariseau is senior news writer for TechTarget's Data Center and Virtualization Media Group. Write to her at [email protected] or follow @PariseauTT on Twitter.

Next Steps

Tasks, Discovery broaden Puppet's automation offering

Puppet takes on Jenkins with Pipelines

Learn how Puppet works

Dig Deeper on Configuration Management and DevOps