Puppet
Configuration Management Tool for Declarative Desired State Server Management
- Master Server Architecture
- Puppet Primary Server .. stores code and defines the desired state
- For big scale Deployments there are Compiled Master configurations and Master of Master (MOM)
- Puppet Agent … translate state into commands
- Facter is Puppets Inventory Tool which gathers facts about an Agent.
- These facts make up the Manifest of an agent.
- A Manifest is Ruby file with the
.ppextension. - It consists of Classes and Resources
- A Manifest is Ruby file with the
- The Server compiles a catalog, which defines the state of the agent and are executed on the Agent.
- These facts make up the Manifest of an agent.
Misc
- Puppet Code & Manifests are kept in Modules
- Puppet stores data in PuppetDB
- Puppet Bold can be used for Agentless devices
- Servers and Agents communicate via HTTPs on TCP and SSL certificates
- Puppet includes a built-in certificate authority for managing certificates
Flow
- The Agents create Certificates to be signed to the Primary Server
- The written Manifest is compiled into a Catalog by the Primary Server and deployed to the Agents
- The Agents execute the Catalog and send back a Report to the Primary Server
Pros
- Strong Open Source Community
Cons
- Requires learning Ruby
Commands
Agents
# list certss sent to master
puppet cert list
# check for changes from the master and apply the test
puppet agent --testPrimary Server
# sign certs on master
puppet cert sign --allExample File
file { '/root/some-file':
ensure => present,
}