Running Puppet inside containers
If a container can contain a whole operating system, such as Ubuntu, you might be wondering: "can't I just run Puppet inside the container?"
You can, and some people do take this approach to managing containers. It also has a number of advantages:
- You can use your existing Puppet manifests, or Forge modules; no need to write complex Dockerfiles
- Puppet will keep the container continuously updated; no need to rebuild when something changes
Of course, there are a few disadvantages too:
- Installing Puppet inflates the image size considerably, and pulls in all sorts of dependencies
- Running Puppet slows down the build process, and also consumes resources in the running container
There are also some hybrid options, such as running Puppet in the container during the build stage, and then removing Puppet and its dependencies, plus any intermediate build artifacts, before saving the final image.
Puppet's image_build
module is a promising new way of building...