Puppet

Configuration Management Tool for Declarative Desired State Server Management

  • Master Server Architecture
  • Puppet Primary Server .. stores code and defines the desired state
    • For big scale Deployments there are Compiled Master configurations and Master of Master (MOM)
  • Puppet Agent … translate state into commands
  • Facter is Puppets Inventory Tool which gathers facts about an Agent.
    • These facts make up the Manifest of an agent.
      • A Manifest is Ruby file with the .pp extension.
      • It consists of Classes and Resources
    • The Server compiles a catalog, which defines the state of the agent and are executed on the Agent.

Misc

  • Puppet Code & Manifests are kept in Modules
  • Puppet stores data in PuppetDB
  • Puppet Bold can be used for Agentless devices
  • Servers and Agents communicate via HTTPs on TCP and SSL certificates
  • Puppet includes a built-in certificate authority for managing certificates

Flow

  1. The Agents create Certificates to be signed to the Primary Server
  2. The written Manifest is compiled into a Catalog by the Primary Server and deployed to the Agents
  3. The Agents execute the Catalog and send back a Report to the Primary Server

Pros

  • Strong Open Source Community

Cons

  • Requires learning Ruby

Commands

Agents

# list certss sent to master
puppet cert list
 
# check for changes from the master and apply the test
puppet agent --test

Primary Server

# sign certs on master
puppet cert sign --all

Example File

file { '/root/some-file': 
  ensure => present, 
}