I am finch.

I do things and complain.
That is all.

The Puppet RAL: Types, Parameters, and Properties


This is the second post on a series on the Puppet RAL.

The RAL needs to be able to model any sort of thing you would want to manage. Because of this it’s broken into a number of different classes to be able to model any sort of resource you could need. This blog post is going to discuss the puppet Type, Parameter, and Property classes and what they do.


A Puppet Type represents a category of things you can manage. Things like users, services, files, and so forth are examples of common types. Types provide the structure for managing things and define what you can do with them.

The Type
service { 'my-service':
  ensure  => running,
  restart => '/usr/local/bin/restart-my-service',

An important detail is that Types are (mostly) abstract, and only define what instances of that Type can do. This is one of the killer features of the RAL for a number of reasons.

First off, it’s trivial to extend the core behavior of Puppet. If you want to add support for a new platform it’s not necessary to add extensions to core Puppet; you can implement a provider for that type and use it immediately.

» Read full post

The Puppet RAL: An Introduction


The Puppet RAL is one of the main parts of Puppet that people use on a daily basis. The RAL is how system state is actually inspected and enforced by Puppet, it’s where most extensions to Puppet are added, and it’s one of the parts of Puppet that really set it apart.

Unfortunately, the RAL is a little lacking on the side of documentation and explanation. The RAL provides a lot of powerful functionality but unless you’ve been digging through that code on a regular basis, it can prove hard to make full use of the RAL.

As of late the state of developer documentation has been improving. Puppet 3.1 added much improved inline documentation to a lot of the code base and covered a lot of the RAL, which is a welcome improvement. In addition Dan Bode and Nan Liu wrote the excellent Types and Providers book, which is arguably the best reference to the RAL to date.

» Read full post

Rethinking Puppet Deployment


This is the third post on a three part series on Puppet deployment.

As the last blog post in this series demonstrated, scaling Puppet deployment is hard. As your deployment grows in size and complexity and you have to maintain more modules, the tools to manage this sort of thing start to break down.

If the current tools don’t cut it, then what do you need? What characteristics should a good deployment tool have?


First off, a good deployment should be fast. Slow deployments can kill productivity, and it butchers your ability to react as things start happening. If you’re able to deploy something very quickly and something goes wrong, then you can turn around and run another deployment to fix it. Basically, reaction time matters, and it matters quite a bit.

In addition, if you’re using a deployment tool as part of your development workflow then speed is absolutely critical. You want to have a very short feedback cycle between making a change and being able to test it, and if you are constantly waiting for your code to deploy then your productivity is going to be trashed.

» Read full post

Scaling Puppet Environment Deployment


This the second post on a three part series on Puppet deployment.

In my original envisioning of dynamic environments with Puppet, I had a narrow vision to fit my current situation. It was simple enough - you would have one and only one repository, it would contain all of your manifests, and that would basically would be it.

As of the date of this writing there are 850+ Puppet modules on the Puppet Forge, and a few thousand modules on Github. On top of those raw counts the rate of module contribution is increasing and the quality of modules is steadily going up as people are figuring out how to make truly reusable modules. The adage goes “good coders code, great coders reuse,” so it makes sense to publish your good modules and reuse existing work.

So how do you roll existing modules into your deployment?

» Read full post

How Dynamic Environments Came to Be


This is the first post in a three part series on Puppet deployment.

My first interaction with Puppet was when I was a junior sysadmin at my University. One of the previous lead Unix sysadmins had dabbled a little with Puppet when Puppet itself was a very new tool, and his work spurred the use of configuration management at the university. More and more of the infrastructure became managed with Puppet and it became a fundamental part of day to day operations and was critical to the smooth functioning of the Unix team.

It’s the kind of story you tend to hear all over the place when asking how people came to use Puppet.

Access to the Puppet manifests was fairly tightly controlled. After all, if you had access to the Puppet manifests running on a machine then you basically had root on the machine, so it made sense to lock things down. People had to show up and show some merit in the organization before they were given read access to the git repository containing the manifests. They were then encouraged to learn about Puppet and make contributions, but a senior sysadmin had to review and merge your code.

» Read full post

View all blog entries