ConfDroid Puppet Modules – Pilot

Posted on by

Launching the ConfDroid Puppet Modules Series: Custom Tools for Real-World Infrastructure

Following the introduction to the ConfDroid Forge in the pilot post (check it out here: ConfDroid Forge Pilot), it’s time to dive deeper into the heart of the project: the custom Puppet modules being published through the forge. This new series will spotlight each module individually, with one dedicated post per module. The aim is to explain what each one does, why it was built the way it was, how to use it, and how it fits into modern Puppet environments—especially those using Foreman as the External Node Classifier (ENC).

My Journey with Puppet: From 2010 to Puppet 8

The story starts back in 2010, when Puppet first entered the picture alongside a shift into DevOps responsibilities. After picking up a book on Puppet 3, the decision was made early on to write custom modules rather than rely solely on downloads from the official Puppet Forge.

That hands-on approach continued through every major Puppet release. Today, with Puppet 8 current, the modules reflect years of adaptation to Puppet’s evolving language, best practices, and ecosystem changes. At the same time, they have kept pace with the evolution of Enterprise Linux distributions—from CentOS/RHEL 5 all the way to Rocky Linux 9 and other modern Red Hat-based systems. (While there are other equally important or adappted Linux distributions, my preference was always the RH-based ones due to the fact that selinux is per default included).

Each version brought new features (and occasional breaking changes), and the modules were updated accordingly to stay reliable, secure, and performant.

Why Custom Modules Matter More Than Ever

Every infrastructure is unique. Security policies, performance requirements, team skill levels, compliance rules, and specific application needs vary widely from one organization to another. Modules published on the official Puppet Forge are intentionally designed for broad compatibility. They often support many operating systems, multiple versions, and a wide range of use cases. While this generality is helpful for many, it frequently results in:

  • Extra complexity that isn’t needed
  • Overhead from conditional logic for unsupported platforms
  • Features or defaults that may conflict with local or company standards

In contrast, when focusing on a single (or very narrow set of) operating systems and detailed, opinionated use cases, a custom module can be leaner, faster, more secure, and easier to maintain.

The ConfDroid modules are built exactly for that reality: targeted, clean, and tailored to environments that prioritize control and simplicity.

Design Principles Behind the Modules

All current modules are developed with these guidelines in mind:

  • Target platform: Puppet 8 on Rocky Linux 9 (or any other actively supported Red Hat-based OS 9 family member, such as AlmaLinux 9 or RHEL 9).
  • ENC-first approach: Modules are written to integrate seamlessly with Foreman as the ENC. This means parameters, class inclusions, and smart-class variable overrides work out of the box in Foreman-managed setups.
  • Broad compatibility with minor tweaks: They can also be used in other environments (Hiera-based classification, site.pp declarations, etc.) with only small adjustments if needed.
  • Modern expectations: Reliance on systemd (standard in EL9), updated fact usage (accounting for Puppet 8 changes), secure defaults, and proper separation of code and data.
  • Avoiding EOL pitfalls: Older distributions (EL5–EL7) are generally not targeted, as most are end-of-life and lack modern features like systemd.

Publishing Home: The ConfDroid Forge

All development, testing, documentation, tagging, and releases happen through the ConfDroid Forge infrastructure:

This setup ensures everything is publicly accessible, well-documented, and community-oriented—exactly the opposite of scattered private repos or incomplete READMEs.

For more background on why this independent forge was created and how it operates, refer back to the pilot post: ConfDroid Forge Pilot.

What To Expect In This Series

Each upcoming post will focus on one specific module:

  • Purpose and main functionality
  • Key parameters and how to configure them (especially in Foreman)
  • Installation and usage examples
  • Any interesting implementation details or lessons learned
  • Common FAQs or gotchas
  • Links to the Gitea repo, tags, and documentation

The series will build a clear picture of the entire ConfDroid Puppet ecosystem, module by module. Whether you’re running a Foreman-centric environment, exploring alternatives to generic Forge modules, or simply curious about opinionated, production-hardened Puppet code—there will be something useful here. Stay tuned for the first module deep-dive coming soon. In the meantime, feel free to browse the forge at https://gitea.confdroid.com or drop feedback/questions at the portal. Your input helps shape what gets built and documented next. Let’s keep building better, more intentional infrastructure—one module at a time! 🚀

Did you find this post helpful? You can support me.

Hetzner Referral
ConfDroid Feedback Portal

Author Profile

12ww1160DevOps engineer & architect

Leave a Reply

Your email address will not be published. Required fields are marked *

one × two =