Over the past few months, we set out to drastically reduce the amount of time Code Manager takes to deploy code and sand down some rough edges to make it more stable and robust. In order to understand what we were able to achieve, we need a quick primer on how code is deployed to a Puppet Server in the first place. There are three parts to a Code Manager code deployment: We’ve improved each of these three parts of the Code Manager code deployment.

Would your organization benefit from having powerful, yet easy-to-use filters to inspect your nodes? With our latest Continuous Delivery for Puppet Enterprise release, we’ve updated the filters in the user interface to support more advanced queries. SysAdmins, developers, DataOps, and IT managers will all benefit from having access to these powerful filters.

This article is about how to install Puppet Enterprise using your own self-signed Intermediate CA (Certificate Authority). In some environments, regulations require you to intercept and inspect all SSL traffic to detect malicious activities that could otherwise masquerade as legitimate encrypted traffic. This requires the ability to decrypt and re-encrypt the stream in real time, which can only be done with the proper certificates installed.

Adopting a public cloud platform like AWS has many benefits, but the process of moving your existing automation capabilities between on-prem and the cloud can present challenges and make it difficult to take full advantage of cloud. In fact, in a recent survey conducted by Puppet, we learned that many Puppet users are significantly influencing their organizations’ cloud migration planning, indicating that Puppet can play a key role in cloud migration.

GitHub is in the process of improving Git protocol security by removing insecure DSA keys and legacy ciphers, updating requirements on RSA keys, and adding more secure key signature algorithms ECDSA and ED25519. On January 11, GitHub ran a planned brownout event day to shake out affected clients. Our team at Puppet discovered that many users of Code Manager and r10k were affected by this change.

Log4j, the popular open-source logging library, had a rough December and closed out the year with an impressive streak of four critical vulnerabilities so far. Many are calling this the worst cybersecurity event in history. Again, so far.

Security compliance is the new black. Everyone is talking about it. Everyone is writing about it. Hopefully everyone is doing something about it, but it's a big lift for organizations. Compliance can mean adhering to departmental and company standards; it can mean well-defined regulatory standards like HIPAA, GDPR, and others. Compliance can mean adopting a standardized set of recommended protocols for cyber security. If compliance isn't on your radar right now, it should be.

Users of Red Hat Satellite will see changes coming out with regard to how Satellite interacts with Puppet. Satellite has long bundled Puppet in the distribution, using Puppet both as the Satellite installer and for configuration management. Users also had the option to leverage Satellite as an External Node Classifier (ENC) for their Puppet estates. Red Hat acquired Ansible, an imperative configuration management tool, in late 2015.

Let's rip off the bandaid and get the bad news out there first: we're rolling out telemetry for Puppet content. Read on to find out why I think that's actually good news for you, how you can see exactly what data it collects, and how to make sure it never runs if your corporate policy doesn't allow it. And maybe a free beanie if you choose to opt in?

It wouldn’t be Cybersecurity Awareness month without some spooky-themed blogs with language focused on Fear, Uncertainty, and Doubt (FUD). Luckily, it’s the end of November now, and this isn’t that kind of blog, but what was true in October is still true today. I won’t tell you that you need to be afraid of bad actors infiltrating your security defenses and wreaking havoc in your infrastructure. Why? Because you are likely stressed enough already. Don’t you think?