It's Always Audit Time: Compliance is Coming for Your Department (Yes, Yours)

The 2024 State of DevOps Report: The Evolution of Platform Engineering is live! In this episode, we’re taking you behind the scenes with the authors of the report and one of the people who helped run the survey.Download the 2024 report for free here!On this episode, join us as host Ben Ford, report authors Margaret Lee and David Sandilands, and project manager Stephanie Fairchild pull back the curtain on the 2024 State of DevOps Report.What are the characteristics of successful platforms? Why is the new practice driving a surge in security? Where is platform engineering going next? Learn more in this episode!Highlights:Why the State of DevOps Report pivoted to cover platform engineering last yearWhat we wanted to find out this yearThe big takeaways from the 2024 reportOur predictions for the next year of platform engineeringSpeakers:Ben Ford, Community Lead at Puppet by PerforceMargaret Lee, Manager of Product Management at Puppet by PerforceDavid Sandilands, Principal Solutions Architect at Puppet by PerforceStephanie Fairchild, Senior Manager at ClearPath StrategiesLinks:Download the 2024 State of DevOps Report: The Evolution of Platform EngineeringEmail Margaret at [email protected] Ben on Mastodon, Twitter, and in the Puppet Community Slack as binford2kFind David on Mastodon and TwitterCheck out another episode with Ben, Margaret, and David about how return-to-office plans are shaping platform strategiesRead the episode transcriptFind Us Online:puppet.comApple PodcastsTwitterLinkedIn

Platform engineering is all about giving devs the tools they need to work independently. Work-from-home policies give people flexibility in where and how they work. It should be a match made in heaven, right? Well... it’s more complicated than that.Research, feedback, and evangelizing are critical to building an internal developer platform (IDP). But WFH can make that communication tough. And that's before you’ve even considered compliance and security (ugh, the 2FA). A human-focused IT strategy was crucial in supporting a shift to remote work during the pandemic, and it's going to be equally as important as we shift to a platform paradigm.In this roundtable discussion, Ben leads a roundtable discussion of how return-to-office plans can impact platform engineering, joined by Margaret Lee and David Sandilands, authors of Puppet's 2024 State of DevOps Report: Platform Engineering Edition.Speakers:Ben Ford, Community Lead at Puppet by PerforceMargaret Lee, Manager of Product Management at Puppet by PerforceDavid Sandilands, Senior Solutions Architect at Puppet by PerforceHighlights:The remote/in-office flexibility your platform needs to considerHardening measures essential to a secure IDP in the hybrid eraWhat we learned about accommodating a workforce during the pandemicEvangelizing a platform without the in-person connectionLinks:Email Margaret at [email protected] Ben on Mastodon, Twitter, and in the Puppet Community Slack as binford2kDavid Sandilands on TwitterGet the 2023 Platform Engineering Report and sign up to receive 2024’s when it releasesRead the episode transcriptFind Us Online:puppet.comApple PodcastsTwitterLinkedIn 

Politics is everywhere in your organization. No, not THAT kind of politics – the kind that happens when you need something and can’t get it, or when you get good at something and people start noticing. Actually, politics happens just about whenever decisions get made. Joshua Zimmerman says that kind of politics is rooted in people, and with the right mindset, you can use politics to make things better in your organization – for you and your entire team.Joshua is a DevOps manager and organizer who thinks you could benefit from understanding and navigating the political landscape of your organization so you can help shape it. In fact, his presentation at DevOpsDays Chicago 2023 was all about that, and we were so impressed, we invited him on the podcast.After listening to this episode, we hope you’ll be able to figure out how decisions get made where you work, define your political structure, and leave with a few tools you can use to gain leverage with your team to make better decisions together.Highlights:Helping unpack the term “politics” in the context of your jobWhy org charts aren’t great for determining the real structure of your orgWhy trust matters more than authority (and how to sniff out both in your org)How to build lasting trust in your team and orgHow to subvert hierarchy to get what you need (without making anyone mad)Speakers:Ben Ford, Developer Relations Director at PuppetJoshua Zimmerman, SRE/DevOps ManagerLinks:Find Josh on LinkedIn, Mastodon, and TwitterWatch Joshua’s talk at DevOpsDays Chicago 2023 (2:26:00 – 2:54:30)Find Ben in the Puppet Community Slack as binford2k and on MastodonFind Us Online:puppet.comPulling the Strings on Apple PodcastsTwitterLinkedInRead the episode transcript

Great things – tools, spaces, companies, brands – are supported by great communities. The Vox Pupuli are perhaps the most prominent, active group in the Puppet community. Here’s what they're up to lately, what it’s like being one of them, and what Puppet (the community) means to Puppet (the company).The Vox Pupuli are 200+ strong; they maintain dozens of modules on the Forge; even executive leadership knows their name. On this episode of Pulling the Strings, join Puppet community members Gene Liverman, Tim Meusel, and Ben Ford for a casual discussion on what what Vox Pupuli actually do, the role of community in shaping a company like Puppet, what Vox Pupuli is focused on now, and what drives the highly engaged group. As Tim puts it, “There is no excuse to not participate.”Highlights:How Vox Pupuli worksThe relationship of Puppet (the company) to the Vox PupuliThe power of independenceThe time Vox Pupuli helped Puppet avoid disaster in a new releaseWhat Vox Pupuli is working on nowSpeakers:Gene Liverman, SRE at LTN Global and former SRE at Puppet by PerforceTim Meusel, Vox Pupuli PMC Community MemberBen Ford, Community Lead at Puppet by PerforceLinks:Find out more about the Vox Pupuli at https://voxpupuli.org/Find Tim on Twitter at https://twitter.com/BastelsBlogFind Gene in the Puppet Community Slack as genebean https://puppetcommunity.slack.com/team/U3DCRQQKAFind Ben in the Puppet Community Slack as binford2k and on Mastodon at https://hachyderm.io/@binford2kFollow the Puppet Community Team on Mastodon https://fosstodon.org/@puppetListen to Tim’s previous episode discussing how to build an awesome open source community https://www.puppet.com/resources/podcasts/awesome-open-source-communityFind Us Online:puppet.comPulling the Strings on Apple PodcastsTwitterLinkedInRead the episode transcript

Open source has always moved fast. Today, it moves faster than ever, driven by both community demand and corporate interest. On this episode, Perforce’s Javier Perez and OSI’s Stefano Maffulli discuss the impact of recent license changes and the historical push-and-pull between consumers and providers in the world of open source.Highlights:Reflecting on 25 years of OSI and its widening scopeThe historical changes that set the stage for open sourceWhat’s shaping Linux distributions today (CentOS, RHEL restrictions, HashiCorp’s switch to BSL, and more)The “social contract” between companies and communitiesThe pros and cons of single companies driving open-source communitiesThe commercialized future of open sourceSpeakers:Javier Perez, Chief Open Source Evangelist and Senior Director of Product Management at PerforceStefano Maffulli, Executive Director at the Open Source Initiative (OSI)Links:Learn about Puppet’s commitment to open source projects like Bolt and Open Source Puppet (OSP): https://www.puppet.com/community/open-sourceFind Stefano at https://www.maffulli.net/Follow Javier on Twitter at https://twitter.com/jperezp_bosOSI’s programs (including a new Advocacy and Outreach program) https://opensource.org/programs/“Defining an open source AI for the greater good”: How OSI is approaching AI https://opensource.com/article/22/10/defining-open-source-ai“Friend or Foe? ChatGPT’s Impact on Open Source Software” by Javier Perez for DevOps.com https://devops.com/friend-or-foe-chatgpts-impact-on-open-source-software/Read the episode transcriptFind Us Online:puppet.comPulling the Strings on Apple PodcastsTwitterLinkedIn

In the past few years, developer experience has become one of the biggest concerns at the C-level. Gartner found it’s the top value factor for adopting IDPs, performance engineering, CI/CD, and more core aspects of platform engineering. In 2021, McKinsey said it should be “the cornerstone of talent strategy” – and still, it’s a sticking point for a lot of software orgs. Turnover, burnout, skill gaps – symptoms abound that can often be contributed to bad DevX.Justin Reock is Field CTO at Gradle, makers of Gradle Enterprise and Gradle Build Tool. He’s focused on the developer experience at an intersectional level – where right-brain creativity, left-brain productivity, and ‘joyful activity’ combine to make development better for the people who do it. In conversation with David Sandilands, Senior Solutions Architect at Puppet, Justin shares his perspective on where platform engineering is headed and how the future of platform engineering – up, down, or flat – depends on using tools to engineer the developer experience.Speakers:David Sandilands, Senior Solutions Architect at Puppet by PerforceJustin Roeck, Field CTO at GradleHighlights:Justin’s career to date and starting a year of living out of an RVWhy the future of platform engineering depends on a developer experience focusInstructions for organizations to adopt real practices, not just hypeThe personalities needed to make stuff like platform engineering actually workLinks:Download Puppet’s 2023 State of Platform Engineering ReportOrganizational Physics by Lex SisneyFind your nearest devopsdays eventJustin Reock on TwitterJustin Reock on LinkedInDavid Sandilands on LinkedInDavid Sandilands on TwitterRead the episode transcriptFind Us Online:puppet.comApple PodcastsTwitterLinkedIn

The opportunity to write a Puppet 8 book landed in David Sandilands’s lap when he had just started at Puppet and with a child on the way. About a year and a half later in mid-2023, “Puppet 8 for DevOps Engineers” launched via Packt. This is the story of everything that happened in the middle.Speakers:Ben Ford, Community Lead at Puppet by PerforceDavid Sandilands, Senior Solutions Architect at Puppet by Perforce Learn More About Puppet + DevOps[10+ YEARS OF DEVOPS REPORTS] Highlights:What other Puppet books didn’t haveThe joy of creating a book that doesn’t have to cater to one audience or anotherWhat it's like to work with a publisherLearning to lean on your community for supportHard-learned tips for writing your own bookLinks:Check out David's book, “Puppet 8 for DevOps Engineers,” via Packt“Puppet Best Practices” by Chris Barbour and Jo RhettBen Ford on TwitterDavid Sandilands on Twitter

So your organization failed a compliance audit and got slapped with fines and penalties. Bummer! You pay the fine, spend a few days fixing your configurations, run a scan, and get ready to do it again come the next audit. But that approach doesn’t work anymore: The risks are too high, and fixing months of configuration drift at the drop of a hat (let alone hunting down all the paperwork for auditors) certainly isn’t your team’s favorite thing to do.Demo Puppet Comply + CEM for cross-department visibility and automated complianceThe broad scope of today’s compliance management requires a coordinated effort from more than just the security team. In this episode of Pulling the Strings, two Puppet compliance experts make the case for cooperation among security, compliance, ops, and just about everyone else in your organization. They discuss the crumbling walls between security, compliance, and ops, as well as tools organizations use to ensure continuous compliance.Highlights:Why organizations always wait until something goes wrong to pay attention to compliance + securityThe simple micro-adjustments that prevent massive corrections come audit timeWorking toward better alignment between teams so that they’re making compliance easierThe point and benefits of continuous compliance – and why ‘cowboy compliance’ isn’t enoughWhy compliance frameworks matter across security, compliance, and opsSpeakers:Ben Ford, Community Lead at Puppet by PerforceClaire McDyre, Senior Product Manager at Puppet by PerforceRobin Tatam, Senior Director of Product Marketing, Puppet by PerforceLinks:Try Puppet Comply + CEM to give your whole team the power to tackle complianceRead Claire’s content on the Puppet blogRead Robin’s content on the Puppet blogRead the episode transcriptFind Us Online:puppet.comApple PodcastsTwitterLinkedIn

Modules are the basic building blocks of Puppet. They're made to solve common challenges, extend functionality, and optimize your use of Puppet. They're also reusable and shareable – you can find thousands on the Puppet Forge – and best of all, anyone can make them. But what does that really mean?On this episode of Pulling the Strings, Ben Ford sits down with Yeshua Hall to talk about Yeshua’s experience building the Puppet module known as zend_common, initially released in December 2022.Highlights:How to build a Puppet moduleWhat zend_common doesWhat to know before you start buildingHighlights:How to build a Puppet moduleWhat zend_common doesWhat to know before you start buildingSpeakers:Ben Ford, Community Lead at Puppet by PerforceYeshua Hall, Senior Solutions Architect at PerforceLinks:Download the free guide, “How to Start Automating in a Few Steps with Bolt”Download zend_common on the Puppet ForgeFollow Yeshua Hall on TwitterFollow Ben Ford on TwitterRead the episode transcriptFind Us Online:puppet.comApple PodcastsTwitterLinkedIn

Supposedly, Albert Einstein once said, “If you can't explain it to a six-year-old, then you don't understand it yourself.” That might be a bit harsh, but it holds true for teaching just about anything: You’ve got to meet learners where they are. That’s why Puppet recently launched new on-demand training courses and more. There’s a new, engaging way to learn how to do things with Puppet without going down too many rabbit holes.On this episode of Pulling the Strings, Ben Ford interviews Principal Training Solutions Engineers Jain Waldrip and Tom Chisholm about designing training with “highly calibrated visuals,” the exciting new avenues for Puppet learners, and much more.Highlights:What’s led Jain and Tom to their roles in Puppet trainingWhat you can expect from Puppet’s new on-demand training courses Introducing Puppet Console Overview, an interactive, guided tour of the Puppet ConsoleSpeakers:Ben Ford, Community Lead at Puppet by PerforceJain Waldrip, Principal Training Solutions Engineer at Puppet by PerforceTom Chisholm, Principal Training Solutions Engineer at Puppet by PerforceLinks:Take new on-demand Puppet training coursesCheck out the PE Console OverviewGet in touch with the Puppet education team at [email protected] Jain and Tom in the Puppet Community SlackRead the episode transcriptFind Us Online:puppet.comApple PodcastsTwitterLinkedIn