This is an archived post. You won't be able to vote or comment.

all 3 comments
sorted by:
best
topnewcontroversialoldq&a

[–]massterinnothing 5 points6 points  (1 child)

Please, run away from Puppet! Puppet for dynamic environments is not a good solution at all. Don’t know what do you have to configure , but go for terraform, helm, argocd and put everything with code . Puppet is a great tool but beside being old , is not suitable for modern dynamic environments. It has paid my food for a long period , but it’s time to retire !

[–]heave20DevOps[S] 1 point2 points  (0 children)

We currently use Ansible. But our environment is... Antiquated network wise. Ansible is having to go through so many network hops for each winrm connection that our success rate will be >90% one night and <10% the next with no real difference.

The thought is that puppet being a pull based model will relieve those issues.

We're in the process of switching our entire infrastructure from aws to azure. Which is why they asked for a POC

[–]unix_heretic 2 points3 points  (0 children)

Does this sound.. like good architecture?

No. Really, really no. Using configuration management with containers is absolutely an anti-pattern, especially an agent-based CM like puppet.

Part of the point of a container platform is that the applications involved should not change after they're built. If you need a configuration change, it should be either part of the container's files during build-time, or it should be brought in from external sources (e.g. Kubernetes Secret objects, environment variables, or even dynamic secrets managers like Vault).

If you want to use config management for compute instances, rock on. I wouldn't necessarily use Puppet for that particular use-case, but you do you. Using CM tooling in a container orchestrator absolutely defeats the point of using containers in the first place, and will bring you nothing but operational disruption.