SlideShare a Scribd company logo

Puppet Camp New York 2015: Puppet Enterprise Scaling Lessons Learned (Intermediate)

Puppet, profile picture
Puppet

This document summarizes one organization's experience scaling Puppet Enterprise (PE) to manage 5,100 nodes over 9 months. Some key points: - PE was deployed across 14 supported operating systems spanning 7 families on 4,157 production nodes and 72 development nodes. - The production PE deployment consisted of 11 servers fulfilling roles like the certificate authority (CA), PuppetDB, and Puppet Console. - Scaling challenges included load balancing puppet masters, sizing PuppetDB and the Console for performance, and tuning JVM settings as nodes grew to 4,000. - Lessons included using Role and Profiles patterns, learning staging controls, and setting top-level defaults in site.pp to

Software
1 of 20
Downloaded 11 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
SCALING PUPPET ENTERPRISE TO 5,000 NODES IN 9 MONTHS Lesson’s learned, and how PE makes me think of goats
WHO AM I? • DevOps and Cloud Admin* at Te Connectivity • ~9 years of assorted technical operations experience • ~1 year of PE usage/administration • Puppet Featured Community Member (for most verbose complaints by a Test Pilot 2014) • Puppet Certified Professional 2015 (sample scores: Puppet Language 94%, Console 40%) • Can’t be bothered to take internal “Making compelling presentations training” <= LIAR =>
PE DEPLOYMENT STATS • 5100 PE licenses • Prod => 4157 Agents • Dev => 72 Agents • 871 Licenses purchased for systems of stubborn people. • 14 supported OS spanning 7 OS families • Prod PE deployment consists of 11 servers. • 1 CA / Filebucket Server • 1 PuppetDB server (using embedded PostgreSQL) • 1 Puppet Console • 4 Puppet Compile Masters • 1 Active MQ Hub • 3 Active MQ Brokers
THE CRUELEST LIES ARE OFTENTOLD WHENTRYINGTO GET MANAGERSTO BUYTHE RIGHTTOOLS • Compliance reporting (without remediation) • Application code deployment • Service discovery • DNS?! • Any phrase that includes “I’m sure there is a way puppet can…”
NO-OP (AKA MY ARCH NEMESIS) • No-Op is a tool, not a solution. • No-Op != Operational Intelligence • Pandora’s Box full of excuses not to embrace change (see also: “brownfield”, “legacy”,“near-EoL”) • Make sure you enforce enough code to control your agent configuration…
THE FASTEST WAYTO CAUSE 4000 AGENT RUNSTO FAIL • Custom Facter facts are your friend, until they aren’t. • #1 culprit for massive agent failures is bad confines in custom facts not tested against enough canary nodes. • “It worked when I tested it, the fact even returns the right value”. Important
TIMETO SCALE OUT
#puppet.conf.stub [main] server = puppet.example.net archive_file = true archive_file_server = puppet.example.net ca_server = puppet.example.net #puppetdb.conf.stub [main] server = puppet.example.net #console.conf.stub [main] server = puppet.example.net Evolution of puppet.conf
#puppet.conf.stub [main] server = puppet.example.net archive_file = true archive_file_server = puppet.example.net ca_server = puppet.example.net #puppetdb.conf.stub [main] server = puppetdb.example.net #console.conf.stub [main] server = puppetconsole.example.net Evolution of puppet.conf
#puppet.conf.stub [main] server = puppet.example.net (Now an LB) archive_file = true archive_file_server = puppetfb.example.net* ca_server = puppetca.example.net* #puppetdb.conf.stub [main] server = puppetdb.example.net #console.conf.stub [main] server = puppetconsole.example.net Evolution of puppet.conf
LOAD BALANCING PITFALLS • Do Load Balance • Port 8140 between compile masters • If you use connection stickiness > 30 minutes agents will never change masters. • Port 61613 between ActiveMQ Brokers • Don’t Load Balance • Puppet CA, or any cert signing requests. • File Bucket (archive_file_server) • ActiveMQ hub, more split brain SSL
PERFORMANCE ISSUES (You’re looking down.)
• Sizing Recommendations Revised • PuppetDB needs way more RAM than is recommended when you scale. (Req 30GB, Our present 50GB, and it should be higher) • PostgreSQL best practices claim 3xDB size of memory for best performance. @4000 nodes, puppetdb ~ 50GB, consoledb ~40GB @ 3days retention. • ConsoleDB needs pruned aggressively. 
 (reports = nodes * 48 * days retention). That much 
 information is not useful in the console. • Console uses less RAM than expected. (Req 30GB, Our present 10GB)
Pain 0% 15,000% 30,000% 45,000% 60,000% None Agent Registered Agent Runs Agent Classified PuppetDB Puppet Console Puppet Scaling Experience (highly scientific data)
• @4000 nodes we use 8 dashboard workers. • When # of nodes grows, the default page of the console can become very sluggish. edit /opt/puppet/share/puppet-dashboard/config/routes.rb to adjust the route: PuppetDashboard::Application.routes do # root :to => 'pages#home'    root :to => 'reports#index' CONSOLE CONFIGURATIONS
JVMTUNING • Problem: Service stops, log show Out of Memory Exceptions. • Heap Sizes: • puppetserver - 4GB • puppetdb - 1GB • PE console - 2GB • ActiveMQ Hub - 1.5GB • ActiveMQ Broker - 1GB • PuppetDB (server component) has been a JVM for a while, so most GC actions can be tuned as Puppet Params
GREAT WISDOMS AND PERSISTING PAINS
• Use R10K. Use Puppetfile. Use Roles and Profiles. • Learn what nanlui/staging does. Then use it. • exec { ‘horrible_idea’: 
 cmd => ‘dostuff.sh && touch /tmp/didstuff.proof’, 
 creates => ‘/tmp/didstuff.proof’, 
 } • PuppetLabs, myself, and most of our profession are absolutely terrible at naming things. • Problem:
 (‘Environment’ && ‘Deployment’ && ‘Tier’ && ‘Branches’ && ‘Forks’) => [‘Production’, ‘Dev’, ‘QA’] • Result:
 cats.all? { cats.content[:name] == ‘Selso’ } => true • Proxy Servers are evil. Spaceship Operators have a cool name. • Problem: universally_respected_proxy_variables.exists? => false • Solution: Use site.pp + Resource Collection to set top level resource defaults. The “read this later” slide
“IF I HAVE SEEN FURTHER IT IS BY STANDING ON YE SHOULDERS OF GIANTS” ~ ISAAC NEWTON Resources that have gotten me by: • https://docs.puppetlabs.com/ references/latest/type.html • Puppet Types and Providers by Dan Bode and Nan Liu • Puppet Practitioner’s Training • Gary Larizza’s Blog (aka nsfw missing puppet documentation) • PuppetLabs Support • Puppet Professional Services And Most importantly • A healthy mixture of ambition, stubbornness and stupidity.
QUESTIONS? @pwattstbd github.com/Marsupermammal pwatts217@gmail.com

More Related Content

PDF
Lessons I Learned While Scaling to 5000 Puppet Agents
Puppet
 
PDF
Thinking through puppet code layout
Tomas Doran
 
PDF
Toplog candy elves - HOCM Talk
Patrick LaRoche
 
PDF
Puppet Development Workflow
Jeffery Smith
 
PDF
Puppet getting started by Dirk Götz
NETWAYS
 
PDF
Custom Non-RDS Multi-AZ Mysql Replication
Michael H. Oshita
 
PPTX
Django deployment best practices
Erik LaBianca
 
PPT
Capacity Management from Flickr
xlight
 
Lessons I Learned While Scaling to 5000 Puppet Agents
Puppet
 
Thinking through puppet code layout
Tomas Doran
 
Toplog candy elves - HOCM Talk
Patrick LaRoche
 
Puppet Development Workflow
Jeffery Smith
 
Puppet getting started by Dirk Götz
NETWAYS
 
Custom Non-RDS Multi-AZ Mysql Replication
Michael H. Oshita
 
Django deployment best practices
Erik LaBianca
 
Capacity Management from Flickr
xlight
 

What's hot (20)

PDF
Chasing AMI - Building Amazon machine images with Puppet, Packer and Jenkins
Tomas Doran
 
PPTX
Best practices for ansible
George Shuklin
 
PDF
V2 and beyond
jimi-c
 
PPTX
Automated Development Workflow with Gulp
plewicki
 
PDF
Puppet Camp Düsseldorf 2014: Continuously Deliver Your Puppet Code with Jenki...
Puppet
 
PDF
Ansible for beginners ...?
shirou wakayama
 
PPTX
Drupal cambs ansible for drupal april 2015
Ryan Brown
 
PPTX
How did puppet change our system's life?
Hung Phung Dac
 
PDF
Automating WordPress Theme Development
Hardeep Asrani
 
PPTX
Using Ansible Dynamic Inventory with Amazon EC2
Brian Schott
 
PDF
Steamlining your puppet development workflow
Tomas Doran
 
PDF
Bangpypers april-meetup-2012
Deepak Garg
 
PDF
WAG the Blog
Evan Volgas
 
PDF
Ansible roles done right
Dan Vaida
 
PDF
What's New in v2 - AnsibleFest London 2015
jimi-c
 
PPT
Gearman - Job Queue
Diego Lewin
 
PDF
Feature Flagging your Infrastructure for Fun and Profit
Daniel Schauenberg
 
PPTX
Breaking Up With Your Data Center Presentation
Telescope_Inc
 
PPTX
Kubectl tips and tricks
Jonathan Mosco
 
PDF
Scaling Deployment at Etsy
Daniel Schauenberg
 
Chasing AMI - Building Amazon machine images with Puppet, Packer and Jenkins
Tomas Doran
 
Best practices for ansible
George Shuklin
 
V2 and beyond
jimi-c
 
Automated Development Workflow with Gulp
plewicki
 
Puppet Camp Düsseldorf 2014: Continuously Deliver Your Puppet Code with Jenki...
Puppet
 
Ansible for beginners ...?
shirou wakayama
 
Drupal cambs ansible for drupal april 2015
Ryan Brown
 
How did puppet change our system's life?
Hung Phung Dac
 
Automating WordPress Theme Development
Hardeep Asrani
 
Using Ansible Dynamic Inventory with Amazon EC2
Brian Schott
 
Steamlining your puppet development workflow
Tomas Doran
 
Bangpypers april-meetup-2012
Deepak Garg
 
WAG the Blog
Evan Volgas
 
Ansible roles done right
Dan Vaida
 
What's New in v2 - AnsibleFest London 2015
jimi-c
 
Gearman - Job Queue
Diego Lewin
 
Feature Flagging your Infrastructure for Fun and Profit
Daniel Schauenberg
 
Breaking Up With Your Data Center Presentation
Telescope_Inc
 
Kubectl tips and tricks
Jonathan Mosco
 
Scaling Deployment at Etsy
Daniel Schauenberg
 
Ad

Similar to Puppet Camp New York 2015: Puppet Enterprise Scaling Lessons Learned (Intermediate) (20)

PDF
Puppet Primer, Robbie Jerrom, Solution Architect VMware
subtitle
 
PDF
V mware
dvmug1
 
PDF
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
Puppet
 
PDF
Strategies for Puppet code upgrade and refactoring
Alessandro Franceschi
 
PPTX
Ansible top 10 - 2018
Viresh Doshi
 
PDF
From SaltStack to Puppet and beyond...
Yury Bushmelev
 
PDF
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Puppet
 
PDF
Our Puppet Story (Linuxtag 2014)
DECK36
 
PDF
Intro - End to end ML with Kubeflow @ SignalConf 2018
Holden Karau
 
PDF
Using Puppet in Small Infrastructures
Rachel Andrew
 
PDF
PuppetCamp SEA 1 - Use of Puppet
Walter Heck
 
PDF
PuppetCamp SEA 1 - Use of Puppet
OlinData
 
PPTX
Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016)
Robert Nelson
 
PDF
Lessons Learnt in 2009
pratiknaik
 
PDF
Workshop: Know Before You Push 'Go': Using the Beaker Acceptance Test Framewo...
Puppet
 
PDF
PuppetConf 2016: Enjoying the Journey from Puppet 3.x to 4.x – Rob Nelson, AT&T
Puppet
 
PDF
SCM Puppet: from an intro to the scaling
Stanislav Osipov
 
PDF
Can you upgrade to Puppet 4.x?
Martin Alfke
 
PPTX
Ansible: How to Get More Sleep and Require Less Coffee
Sarah Z
 
PDF
Managing-Splunk-with-Puppet 31-January-2022.pdf
ssusera181ef
 
Puppet Primer, Robbie Jerrom, Solution Architect VMware
subtitle
 
V mware
dvmug1
 
Performance Tuning Your Puppet Infrastructure - PuppetConf 2014
Puppet
 
Strategies for Puppet code upgrade and refactoring
Alessandro Franceschi
 
Ansible top 10 - 2018
Viresh Doshi
 
From SaltStack to Puppet and beyond...
Yury Bushmelev
 
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Puppet
 
Our Puppet Story (Linuxtag 2014)
DECK36
 
Intro - End to end ML with Kubeflow @ SignalConf 2018
Holden Karau
 
Using Puppet in Small Infrastructures
Rachel Andrew
 
PuppetCamp SEA 1 - Use of Puppet
Walter Heck
 
PuppetCamp SEA 1 - Use of Puppet
OlinData
 
Enjoying the Journey from Puppet 3.x to Puppet 4.x (PuppetConf 2016)
Robert Nelson
 
Lessons Learnt in 2009
pratiknaik
 
Workshop: Know Before You Push 'Go': Using the Beaker Acceptance Test Framewo...
Puppet
 
PuppetConf 2016: Enjoying the Journey from Puppet 3.x to 4.x – Rob Nelson, AT&T
Puppet
 
SCM Puppet: from an intro to the scaling
Stanislav Osipov
 
Can you upgrade to Puppet 4.x?
Martin Alfke
 
Ansible: How to Get More Sleep and Require Less Coffee
Sarah Z
 
Managing-Splunk-with-Puppet 31-January-2022.pdf
ssusera181ef
 
Ad

More from Puppet (20)

PPTX
Puppet Community Day: Planning the Future Together
Puppet
 
PPTX
The Evolution of Puppet: Key Changes and Modernization Tips
Puppet
 
PPTX
Can You Help Me Upgrade to Puppet 8? Tips, Tools & Best Practices for Your Up...
Puppet
 
PPTX
Bolt Dynamic Inventory: Making Puppet Easier
Puppet
 
PPTX
Customizing Reporting with the Puppet Report Processor
Puppet
 
PPTX
Puppet at ConfigMgmtCamp 2025 Sponsor Deck
Puppet
 
PPTX
The State of Puppet in 2025: A Presentation from Developer Relations Lead Dav...
Puppet
 
PPTX
Let Red be Red and Green be Green: The Automated Workflow Restarter in GitHub...
Puppet
 
PDF
Puppet camp2021 testing modules and controlrepo
Puppet
 
PPTX
Puppetcamp r10kyaml
Puppet
 
PDF
2021 04-15 operational verification (with notes)
Puppet
 
PPTX
Puppet camp vscode
Puppet
 
PDF
Modules of the twenties
Puppet
 
PDF
Applying Roles and Profiles method to compliance code
Puppet
 
PPTX
KGI compliance as-code approach
Puppet
 
PDF
Enforce compliance policy with model-driven automation
Puppet
 
PDF
Keynote: Puppet camp compliance
Puppet
 
PPTX
Automating it management with Puppet + ServiceNow
Puppet
 
PPTX
Puppet: The best way to harden Windows
Puppet
 
PPTX
Simplified Patch Management with Puppet - Oct. 2020
Puppet
 
Puppet Community Day: Planning the Future Together
Puppet
 
The Evolution of Puppet: Key Changes and Modernization Tips
Puppet
 
Can You Help Me Upgrade to Puppet 8? Tips, Tools & Best Practices for Your Up...
Puppet
 
Bolt Dynamic Inventory: Making Puppet Easier
Puppet
 
Customizing Reporting with the Puppet Report Processor
Puppet
 
Puppet at ConfigMgmtCamp 2025 Sponsor Deck
Puppet
 
The State of Puppet in 2025: A Presentation from Developer Relations Lead Dav...
Puppet
 
Let Red be Red and Green be Green: The Automated Workflow Restarter in GitHub...
Puppet
 
Puppet camp2021 testing modules and controlrepo
Puppet
 
Puppetcamp r10kyaml
Puppet
 
2021 04-15 operational verification (with notes)
Puppet
 
Puppet camp vscode
Puppet
 
Modules of the twenties
Puppet
 
Applying Roles and Profiles method to compliance code
Puppet
 
KGI compliance as-code approach
Puppet
 
Enforce compliance policy with model-driven automation
Puppet
 
Keynote: Puppet camp compliance
Puppet
 
Automating it management with Puppet + ServiceNow
Puppet
 
Puppet: The best way to harden Windows
Puppet
 
Simplified Patch Management with Puppet - Oct. 2020
Puppet
 

Recently uploaded (20)

PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PPTX
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
PDF
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
PDF
medical staffing services at VALiNTRY
Tiyan Grayson
 
PPTX
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
PPTX
Introduction to Artificial Intelligence
lohedi9363
 
PDF
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PDF
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PPTX
Agentic AI : A Practical Guide. Undersating, Implementing and Scaling Autono...
IT IDOL Technologies
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PDF
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
PDF
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
PDF
How Creative Agencies Leverage Project Management Software.pdf
Orangescrum
 
PPTX
Transform Your Business with a Software ERP System
Canada Software Company
 
PDF
System and Network Administration Chapter 2
jaramharo
 
PDF
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
Audit Checklist Design Aligning with ISO, IATF, and Industry Standards — Omne...
rohnjim07
 
medical staffing services at VALiNTRY
Tiyan Grayson
 
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
Introduction to Artificial Intelligence
lohedi9363
 
2025 Textile ERP Trends: SAP, Odoo & Oracle
Aetos Technologies
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
Agentic AI : A Practical Guide. Undersating, Implementing and Scaling Autono...
IT IDOL Technologies
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
How Creative Agencies Leverage Project Management Software.pdf
Orangescrum
 
Transform Your Business with a Software ERP System
Canada Software Company
 
System and Network Administration Chapter 2
jaramharo
 
Raksha Bandhan Grocery Pricing Trends in India 2025.pdf
Actowiz Solustions
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 

Puppet Camp New York 2015: Puppet Enterprise Scaling Lessons Learned (Intermediate)

  • 1. SCALING PUPPET ENTERPRISE TO 5,000 NODES IN 9 MONTHS Lesson’s learned, and how PE makes me think of goats
  • 2. WHO AM I? • DevOps and Cloud Admin* at Te Connectivity • ~9 years of assorted technical operations experience • ~1 year of PE usage/administration • Puppet Featured Community Member (for most verbose complaints by a Test Pilot 2014) • Puppet Certified Professional 2015 (sample scores: Puppet Language 94%, Console 40%) • Can’t be bothered to take internal “Making compelling presentations training” <= LIAR =>
  • 3. PE DEPLOYMENT STATS • 5100 PE licenses • Prod => 4157 Agents • Dev => 72 Agents • 871 Licenses purchased for systems of stubborn people. • 14 supported OS spanning 7 OS families • Prod PE deployment consists of 11 servers. • 1 CA / Filebucket Server • 1 PuppetDB server (using embedded PostgreSQL) • 1 Puppet Console • 4 Puppet Compile Masters • 1 Active MQ Hub • 3 Active MQ Brokers
  • 4. THE CRUELEST LIES ARE OFTENTOLD WHENTRYINGTO GET MANAGERSTO BUYTHE RIGHTTOOLS • Compliance reporting (without remediation) • Application code deployment • Service discovery • DNS?! • Any phrase that includes “I’m sure there is a way puppet can…”
  • 5. NO-OP (AKA MY ARCH NEMESIS) • No-Op is a tool, not a solution. • No-Op != Operational Intelligence • Pandora’s Box full of excuses not to embrace change (see also: “brownfield”, “legacy”,“near-EoL”) • Make sure you enforce enough code to control your agent configuration…
  • 6. THE FASTEST WAYTO CAUSE 4000 AGENT RUNSTO FAIL • Custom Facter facts are your friend, until they aren’t. • #1 culprit for massive agent failures is bad confines in custom facts not tested against enough canary nodes. • “It worked when I tested it, the fact even returns the right value”. Important
  • 8. #puppet.conf.stub [main] server = puppet.example.net archive_file = true archive_file_server = puppet.example.net ca_server = puppet.example.net #puppetdb.conf.stub [main] server = puppet.example.net #console.conf.stub [main] server = puppet.example.net Evolution of puppet.conf
  • 9. #puppet.conf.stub [main] server = puppet.example.net archive_file = true archive_file_server = puppet.example.net ca_server = puppet.example.net #puppetdb.conf.stub [main] server = puppetdb.example.net #console.conf.stub [main] server = puppetconsole.example.net Evolution of puppet.conf
  • 10. #puppet.conf.stub [main] server = puppet.example.net (Now an LB) archive_file = true archive_file_server = puppetfb.example.net* ca_server = puppetca.example.net* #puppetdb.conf.stub [main] server = puppetdb.example.net #console.conf.stub [main] server = puppetconsole.example.net Evolution of puppet.conf
  • 11. LOAD BALANCING PITFALLS • Do Load Balance • Port 8140 between compile masters • If you use connection stickiness > 30 minutes agents will never change masters. • Port 61613 between ActiveMQ Brokers • Don’t Load Balance • Puppet CA, or any cert signing requests. • File Bucket (archive_file_server) • ActiveMQ hub, more split brain SSL
  • 13. • Sizing Recommendations Revised • PuppetDB needs way more RAM than is recommended when you scale. (Req 30GB, Our present 50GB, and it should be higher) • PostgreSQL best practices claim 3xDB size of memory for best performance. @4000 nodes, puppetdb ~ 50GB, consoledb ~40GB @ 3days retention. • ConsoleDB needs pruned aggressively. 
 (reports = nodes * 48 * days retention). That much 
 information is not useful in the console. • Console uses less RAM than expected. (Req 30GB, Our present 10GB)
  • 14. Pain 0% 15,000% 30,000% 45,000% 60,000% None Agent Registered Agent Runs Agent Classified PuppetDB Puppet Console Puppet Scaling Experience (highly scientific data)
  • 15. • @4000 nodes we use 8 dashboard workers. • When # of nodes grows, the default page of the console can become very sluggish. edit /opt/puppet/share/puppet-dashboard/config/routes.rb to adjust the route: PuppetDashboard::Application.routes do # root :to => 'pages#home'    root :to => 'reports#index' CONSOLE CONFIGURATIONS
  • 16. JVMTUNING • Problem: Service stops, log show Out of Memory Exceptions. • Heap Sizes: • puppetserver - 4GB • puppetdb - 1GB • PE console - 2GB • ActiveMQ Hub - 1.5GB • ActiveMQ Broker - 1GB • PuppetDB (server component) has been a JVM for a while, so most GC actions can be tuned as Puppet Params
  • 18. • Use R10K. Use Puppetfile. Use Roles and Profiles. • Learn what nanlui/staging does. Then use it. • exec { ‘horrible_idea’: 
 cmd => ‘dostuff.sh && touch /tmp/didstuff.proof’, 
 creates => ‘/tmp/didstuff.proof’, 
 } • PuppetLabs, myself, and most of our profession are absolutely terrible at naming things. • Problem:
 (‘Environment’ && ‘Deployment’ && ‘Tier’ && ‘Branches’ && ‘Forks’) => [‘Production’, ‘Dev’, ‘QA’] • Result:
 cats.all? { cats.content[:name] == ‘Selso’ } => true • Proxy Servers are evil. Spaceship Operators have a cool name. • Problem: universally_respected_proxy_variables.exists? => false • Solution: Use site.pp + Resource Collection to set top level resource defaults. The “read this later” slide
  • 19. “IF I HAVE SEEN FURTHER IT IS BY STANDING ON YE SHOULDERS OF GIANTS” ~ ISAAC NEWTON Resources that have gotten me by: • https://docs.puppetlabs.com/ references/latest/type.html • Puppet Types and Providers by Dan Bode and Nan Liu • Puppet Practitioner’s Training • Gary Larizza’s Blog (aka nsfw missing puppet documentation) • PuppetLabs Support • Puppet Professional Services And Most importantly • A healthy mixture of ambition, stubbornness and stupidity.