Puppet

Foreman does a great job of providing SSL support out-of-the-box, it does this by using the SSL certificates generated by your puppet-ca. Unless your users web browsers all trust the puppet CA (unlikely), any human user of Foreman is going to get SSL warnings. Replacing Foremans SSL certificate with one that’s signed by a default trusted CA requires some care for 2 reasons: Other components apart from humans using web browsers, need to validate the Foreman server....

Puppet masters can be complex beasts, with multiple components and are often managed by themselves. There are multiple reasons why you might want to bootstrap a new puppetmaster without depending on your existing one (developement, DR, etc). In my environment, the puppetmaster is managed with a combination of the following modules: theforeman/puppet theforeman/foreman theforeman/foreman_proxy puppetlabs/puppetdb Getting to a position where our puppetmaster wrapper class can be applied using puppet apply takes some care....

Puppet Dashboad has a concept of classes, which can be really useful if you make use of external nodes and link it to the dashboard. Unfortunately it doesn’t currently have a way to auto-import classes defined in your puppet manifests. The following is a little bit of python hacked together to provide this functionality. It looks at a directory for a list of modules and the database details for puppet dashboard (only works for MySQL)....