Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Puppet 8 for DevOps Engineers

You're reading from   Puppet 8 for DevOps Engineers Automate your infrastructure at an enterprise scale

Arrow left icon
Product type Paperback
Published in Jun 2023
Publisher Packt
ISBN-13 9781803231709
Length 416 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
David Sandilands David Sandilands
Author Profile Icon David Sandilands
David Sandilands
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Preface 1. Part 1 – Introduction to Puppet and the Basics of the Puppet Language
2. Chapter 1: Puppet Concepts and Practices FREE CHAPTER 3. Chapter 2: Major Changes, Useful Tools, and References 4. Chapter 3: Puppet Classes, Resource Types, and Providers 5. Chapter 4: Variables and Data Types 6. Chapter 5: Facts and Functions 7. Part 2 – Structuring, Ordering, and Managing Data in the Puppet Language
8. Chapter 6: Relationships, Ordering, and Scope 9. Chapter 7: Templating, Iterating, and Conditionals 10. Chapter 8: Developing and Managing Modules 11. Chapter 9: Handling Data with Puppet 12. Part 3 – The Puppet Platform and Bolt Orchestration
13. Chapter 10: Puppet Platform Parts and Functions 14. Chapter 11: Classification and Release Management 15. Chapter 12: Bolt for Orchestration 16. Chapter 13: Taking Puppet Server Further 17. Part 4 – Puppet Enterprise and Approaches to the Adoption of Puppet
18. Chapter 14: A Brief Overview of Puppet Enterprise 19. Chapter 15: Approaches to Adoption 20. Index 21. Other Books You May Enjoy

Keeping data secure

One of the key elements of managing data is ensuring that secret data is kept secure, and this can be challenging with Puppet when this data must be stored, transferred across the infrastructure to the client, and used within Puppet code to set the state. In this section, we will discuss the methods available to secure data, what levels data can be secured at, and the limitations of the methods used at each level.

The most common first step is to secure data in storage. This can be achieved using hiera-eyaml, a custom Hiera backend available at https://github.com/voxpupuli/hiera-eyaml. This module creates pkcs7 keys, which are then used to encrypt and decrypt data. Having followed the instructions in the module to create and distribute keys, a hierarchy can be created, such as the following:

hierarchy:
  - name: "Hiera data in yaml and eyaml files committed to the control-repo"
    lookup_key: eyaml_lookup_key
 ...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at R$50/month. Cancel anytime