Imagine a professional DevOps engineer juggling servers like ping-pong balls. He writes automation scripts, deploys hundreds of ‘cattle’ servers every day and is generally happy with himself. He works at Hogwarts.

Now let us apparate to another place and witness how muggles solve their infrastructure problems. Maybe they use Puppet for this. It’s extremely simple to leverage Puppet for provisioning of Windows and Linux servers, but what if our fleet is made of older Windows XP machines? Even worse, what if this is not just Windows XP, but Windows Embedded POSReady?

Despite many limitations of XP, Puppet can still be used to automate this operating system. In this post, I will share some of my findings and workarounds used to make real Puppet nodes out of these old computers.

Tip #1 Puppet agents with a version higher than 3.7.0 will not install on Windows XP system due to PUP-3516 bug. I found version 3.6.1 to work perfectly fine. It’s not the best idea to use outdated software packages, but since Windows XP isn’t a supported platform we muggles don’t have much choice.

Tip #2 Windows XP Embedded lacks some command line binaries which you may find very useful when building your manifests: tasklist.exe, taskkill.exe, findstr.exe, etc. You can use Puppet file resource to add them to the system and have more control over it.

Tip #3 Puppet lacks the functionality to run commands under a different user account on Windows, so let’s use a great tool from even greater Mark Russinovich - PsExec. Here’s an example of simple exec resource code to give you an idea how can PsExec be used to run/kill processes:

exec { 'runstate':
    command => "C:\\windows\\system32\\PsExec.exe /accepteula \\\\127.0.0.1 -d -i $psexecsession -u $psexeclogin -p $somepassword cmd.exe /c START \"\" \"$mobi2gopath\"",
    timeout => '10',
    unless => 'c:\windows\system32\cmd.exe /c tasklist.exe /FI "IMAGENAME eq Mobi2Go Pixelpoint Connect.exe" | findstr "Mobi2Go Pixel point Connect.exe"',
}

You can read more on specifics of windows exec resource in here. Also note “-i” command-line switch. If you want an interactive session, most of the times you will need to specify “0” for Windows XP system and “1” for Windows 7. Look here if you want to know more.

Tip #4 (bonus)

Puppet facter snippets below can be used on most Windows systems, so it’s a bit off-topic, but I’m so proud of my beginner Puppet skills that I just have to share them, enjoy:

Get external IP custom fact:

require 'net/http'
Facter.add("external_ipv4") do
  setcode do
    begin
      target = URI.parse('http://ipv4.icanhazip.com/')
      Net::HTTP.get_response(target.host, target.path).body.chomp
    rescue
      nil
    end
  end
end

Custom fact to get the IP of node (for older nodes, like WinXP):

Facter.add(:iplocal) do
  confine :kernel => 'windows'
  setcode do
    fullstring = Facter::Core::Execution.exec('c:\windows\system32\cmd.exe /c ipconfig | findstr /r "Address.*[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*"')
    iponly = fullstring.scan(/\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b/).last
    firstoctets = iponly.rpartition(".")[0]
    firstoctets
  end

Get puppet agent config path (windows):

acter.add(:configpath) do
  confine :kernel => 'windows'
  setcode do
    fullstring = Facter::Core::Execution.exec('c:\windows\system32\cmd.exe /c puppet agent --configprint confdir') + '/puppet.conf'
    fullstring
  end
end

On an unrelated note I also recommend to use Spotify’s Puppet Explorer to monitor Puppet infrastructure, it’s a great and lightweight open source tool.

Have fun and good luck hiding from the Ministry of Magic.