Puppet’s New Cloud Native Continuous Delivery Tool Builds on the CDF’s Tekton
Puppet has released into public beta its Project Nebula, a cloud native tool that connects a DevOps team’s existing toolset into an end-to-end, continuous delivery platform. The company aims to simplify deployment of microservices and serverless-based applications by connecting popular tools for infrastructure provisioning, application deployment, and notifications into a single, automated workflow.
“There are a few folks in the world who believe in one tool that solves all the problems. And then there are folks who believe in best-of-breed and pulling the right tools for the right job with the right people, and the right culture,” said Matthew Young, senior director of product management at Puppet. “And we’re really going after the latter… We are not trying to replace every other tool.”
Project Nebula currently supports more than 20 tools including Terraform, Helm, Kubectl and Slack. And that list will continue to grow as Puppet targets major integration tools such as GitLab and Jenkins, Young said.
The resulting pipeline or workflow can be managed declaratively through a GitOps approach. Triggered by a git command, git-push, Nebula initiates the deployment workflow and aggregates the logs from the various tools into a step-by-step visualization of the process that enables more centralized debugging and optimization. To deploy an application to Kubernetes, Nebula will provision a Kubernetes cluster in the Google Kubernetes Engine, for example, and then roll the application out, following the predetermined steps, then notify the DevOps team in Slack and close the ticket in Jira when it’s done. Puppet has already made some Nebula workflows available on its free community marketplace, Puppet Forge.
First Commercial CD Tool out of the CDF
Project Nebula is built on top of Tekton, the open source project started at Google and donated to the Continuous Delivery Foundation (CDF) last March. Puppet’s solution is the first commercial product to result from the CDF collaboration, whose founding members include CloudBees, Google, JFrog, Netflix and others.
“There are lots of companies building on top of the various CDF projects. This is one of the earliest examples of companies building a product on top of Tekton, which is still early days,” said Chris Aniszczyk, chief technology officer/chief operating officer of the Cloud Native Computing Foundation and vice president of developer relations at The Linux Foundation, via email. “But it’s encouraging to see people building on Tekton already as the project continues to mature.”
Puppet, which led the infrastructure as code movement with its open source automated provisioning tools, has made strides in managing cloud native workflows over the past few years. Its 2017 acquisition of Distelli led to the creation of Puppet Pipelines, the CI/CD functionality that’s part of its Puppet Enterprise product. About a year ago, Puppet also began developing its own cloud native CD tool internally as customers began to request cloud provisioning functionality. Puppet released that internal cloud native pipelines project, Lyra, as open source, shortly before the CDF was announced.
After the formation of the CDF, Puppet stopped work on Lyra and instead joined the CDF to begin building a new CD tool on top of Tekton. Project Nebula’s lead engineers have attended the CDF’s Technical Oversight Committee meetings and learned a lot from the other members about what features they should incorporate into Project Nebula from their participation, said Young. Tekton, for example, does not include role-based access controls (RBAC), secrets management or a GUI, all which Puppet has incorporated into Nebula to differentiate from the open source project and other solutions built on top of it.
“We began to realize that there was a lot of synergy between what Tekton does in terms of orchestrating cloud native workflows, and what Lyra was actually planning to do,” Young said. “So rather than have a competing project, and a community of one versus a community of more than one, we decided that we’d work together and make the Tekton project a much more viable option for everyone.
“That’s a long-winded way of saying, we’ve learned a lot over the last 12 months,” Young said.
Building on Open Source To Go Faster
Tekton was originally built by Google as a build tool for serverless apps with Knative on Kubernetes. As a workflow orchestrator, it lies at the bottom of the stack, forming a layer between Kubernetes and a team’s deployment and management tools. It interacts with Kubernetes primitives and the various tools to pull together, manage and automate all the steps it takes to get an application from your laptop into production, said Dan Lorenc, a software engineer on Tekton at Google.
All of the computational heavy lifting in Nebula is handled by Tekton, from parallelism and ordering so that various steps can run simultaneously or in order according to their dependencies, to life cycle management of steps and pods and sharing data across steps, said Eric Sorenson, director of product management at Puppet.
“The platform capabilities that [Tekton] provides accelerated our project by like four to six months, because it does a lot of the thorny computation,” Sorenson said. “This is all stuff that Google had worked out when they were using it internally as the Knative build project.”
Other companies have built CD products on top of Tekton, including Red Hat’s OpenShift Pipelines, IBM’s Kabanero and the CDF’s Jenkins X. But Puppet’s Nebula is the first to originate directly from the CDF collaboration.
“I was impressed by the time it took [Puppet] from when they first started to ask questions in CDF and how quickly they got it out,” Lorenc said, noting that Nebula is a fairly feature-rich product for such a new initiative. “The way they’ve built on Tekton makes sense, it’s what we envisioned [when Google donated Tekton to the CDF.] We’re excited to see this launch.”
By developing Project Nebula on top of Tekton, Puppet is leveraging the existing ecosystem of plugins and integrations to go to market faster, Lorenc said. End-users also benefit from a more diverse set of products in the marketplace that meet different needs and use cases, but that are all built on the same fundamentals — allowing for increased portability and interoperability.
“Everyone seems to be struggling with realizing continuous deployment. And the reason that they cite is because it’s really difficult to model environments in a repeatable way so that people can do testing when they push their code out of their GitHub repo,” Puppet’s Young said. “If we can help solve that, which we did for continuous delivery [in Puppet Enterprise], and we can do that in the cloud native space, you know, I think there’s a mutual benefit.”
Building on its foundation in configuration management, Puppet is porting the same principles of open source technologies and infrastructure as code to the cloud native space. With its own community of open source Puppet and Puppet Enterprise users, the company has a unique understanding of the challenges enterprises face integrating cloud native with traditional enterprise infrastructure and doing so at scale.
“We’re going to continue to contribute to open source and try to democratize access to the technology,” Puppet CEO Yvonne Wassenaar said on stage at the company’s Puppetize PDX 2019 user conference, being held in Portland this week. “We’re going to continue to abstract away complexity. We’re going to make sure it’s scalable and secure… We cross the landscape from the data center and across clouds to containers and back to bare metal.”
CloudBees, the Cloud Native Computing Foundation, The Linux Foundation, Puppet, and Red Hat are sponsors of The New Stack.
Feature image: Puppet’s CEO Yvonne Wassenaar on stage at Puppetize PDX.