Puppet doesn’t like symlinks

When you start building /etc/puppet/environments/production in your puppet master, don’t use symlinks on directory tree. I once made the mistake of using symlinks for manifests and modules directories and was getting frustrated, when puppet agent didn’t seem to get my manifests/site.pp file.

Once I copied all the directly into /etc/puppet/environments/production tree, things started to work.

Use info(), notice() or debug() in site.pp to describe what role each client host has

Many users would like to see, which role was applied to which host. My approach for this challenge has been to put notice(), info() or debug() in node definitions to log this information into puppet masters log files (probably in /var/log/messages or /var/log/syslog).

puppet cert commands takes awfully long time

puppet cert commands do hostname resolving along the way and if your DNS configuration is incorrect, it will eventually fail. This problem might appear, if you have invalid information in /etc/resolv.conf.

Potential pitfalls on legacy configs

If you are given task to transform existing puppet configuration for a new hosting provider, check this things for potential problem:

  • does it overwrite /etc/resolv.conf? This will mess your DNS configuration and cause all kind of issues.</li>
  • does it overwrite /etc/puppet/puppet.conf? Puppet works beatifully on a first run, but ruins all future runs.