Using Puppet Deferred functions to provision secrets on your infrastructure

A small intro

Requirements for using Deferred functions

More about Deferred

Using Deferred functions to provision secrets

Refactoring the code to use Deferred functions

Some caveats that we found while using Deferred

  • It doesn’t work with bson, so if you try to use it with binary data and the catalog is sent as bsoninstead of json none of the Deferred functions will be executed.
  • You need at least Puppet 6 on both the agent and master nodes to use Deferred.
  • It doesn’t work with erb and you have to convert all your templates to epp.
  • When deferring the rendering of a template you must sent all the variables used inside the template as arguments.

Conclusions

About me

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store