Puppet Tutorial for Beginners – The BEST Step-By-Step Guide

Last updated on 30th May 2020, Blog, Tutorials

What is Puppet?

PUPPET is a system management tool for centralizing and automating the configuration management process. Puppet is also used as a software deployment tool. It is an open-source configuration management software widely used for server configuration, management, deployment, and orchestration of various applications and services across the whole infrastructure of an organization.

Puppet is specially designed to manage the configuration of Linux and Windows systems. It is written in Ruby and uses its unique Domain Specific Language (DSL) to describe system configuration.

What are the Puppet versions?

Puppet comes in two versions:

• Open Source Puppet: It is a basic version of Puppet configuration management tool, which is also known as Open Source Puppet. It is available directly from Puppet’s website and is licensed under the Apache 2.0 system.
• Puppet Enterprise: Commercial version that offers features like compliance reporting, orchestration, role-based access control,GUI,API and command line tools for effective management of nodes.

What Puppet can do?

For example, you have an infrastructure with about 100 servers. As a system admin, it’s your role to ensure that all these servers are always up to date and running with full functionality.

System Admin working manually on the servers

To do this, you can use Puppet, which allows you to write a simple code which can be deployed automatically on these servers. This reduces the human effort and makes the development process fast and effective.

Puppet automates Server Management

Puppet performs the following functions:

• Puppet allows you to define distinct configurations for every host.
• The tool allows you to continuously monitor servers to confirm whether the required configuration exists or not and it is not altered. If the config is changed, Puppet tool will revert to the pre-defined configuration on the host.
• It also provides control over all the configured system, so a centralized change gets automatically effected.
• It is also used as a deployment tool as it automatically deploys software to the system. It implements the infrastructure as a code because policies and configurations are written as code.

Puppet DSL and Programming Paradigms:

Before we learn Puppet DSL, let’s understand programming paradigms:

A programming paradigm is a style you are using in computer programming. Four types of paradigms are:

• Imperative.
• Declarative.
• Functional (which is considered a subset of that declarative paradigm)
• Object-oriented.

We will focus on Imperative and Declarative.

Imperative:

This programming paradigm expresses the logic of a computation(What to do) and describes its control flow(How to do)

Example :

Assume you are going to your office, you book a cab and start giving step by step directions to the driver until you reach the office. Specifying what to do and how to do is an imperative style.

Declarative:

This programming paradigm expresses the logic of a computation(What to do) without describing its control flow(How to do)

Example:

Assume you are going to your office, you book Uber cab and specify the final destination (Office). Specifying what to do not how to do is a declarative style.

Paradigm	What to do	How to do
Imperative	Yes	Yes
Declarative	Yes	No

Puppet uses a declarative programming paradigm:

Puppet uses a declarative programming approach. Example: Create a user on the system:

It can be done using Imperative programming pattern by a shell script: Here we specify how to create the user and what commands to use on the operating system.

However, it can be done using Declarative programming pattern with only a few lines of puppet code, Puppet domain specific language (DSL), and still achieve the same result.

Deployment models of configuration management tools

There are two deployment models for configuration management tools :

• Push-based deployment model: initiated by a master node.
• Pull-based deployment model: initiated by agents.

Push-based deployment model:

In this deployment model master server pushes the configurations and software to the individual agents. After verifying a secure connection, the master runs commands remotely on the agents. For example, Ansible and Salt Stack.

Pull-based deployment model.

In this deployment model, individual servers contact a master server, verify and establish a secure connection, download their configurations and software and then configure themselves accordingly — for example, Puppet and Chef.

How Puppet works?

Puppet is based on a Pull deployment model, where the agent nodes check in regularly after every 1800 seconds with the master node to see if anything needs to be updated in the agent. If anything needs to be updated the agent pulls the necessary puppet codes from the master and performs required actions.

Let’s explain it by an example:

Example: Master – Agent Setup:

The Master:

A Linux based machine with Puppet master software installed on it. It is responsible for maintaining configurations in the form of puppet codes. The master node can only be Linux.

The Agents:

The target machines managed by a puppet with the puppet agent software installed on them. The agent can be configured on any supported operating system such as Linux or Windows or Solaris or Mac OS.

The communication between master and agent is established through secure certificates.

Puppet Master Agent Communication:

Communication between the Master and the Agent:

Step 1) Once the connectivity is established between the agent and the master, the Puppet agent sends the data about its state to the Puppet master server. These are called Facts: This information includes the hostname, kernel details, IP address, file name details, etc.…

Agent Sends Facts to Master

Step 2) Puppet Master uses this data and compiles a list with the configuration to be applied to the agent. This list of configuration to be performed on an agent is known as a catalog. This could be changed such as package installation, upgrades or removals, File System creation, user creation or deletion, server reboot, IP configuration changes, etc.

Master sends a catalog to Agent

Step 3) The agent uses this list of configuration to apply any required configuration changes on the node.

In case there are no drifts in the configuration, Agent does not perform any configuration changes and leaves the node to run with the same configuration.

Agent applies configuration

Step 4) Once it is done the node reports back to puppet master indicating that the configuration has been applied and completed.

Puppet Blocks

Puppet provides the flexibility to integrate Reports with third-party tools using Puppet APIs.

Four types of Puppet building blocks are

• Resources
• Classes
• Manifest
• Modules

Puppet Resources:

• Puppet Resources are the building blocks of Puppet.
• Resources are the inbuilt functions that run at the back end to perform the required operations in puppet.

Puppet Classes:

A combination of different resources can be grouped together into a single unit called class.

Puppet Manifest:

Manifest is a directory containing puppet DSL files. Those files have a .pp extension. The .pp extension stands for puppet program. The puppet code consists of definitions or declarations of Puppet Classes.

Puppet Modules:

Modules are a collection of files and directories such as Manifests, Class definitions. They are the re-usable and sharable units in Puppet.

For example, the MySQL module to install and configure MySQL or the Jenkins module to manage Jenkins, etc..

Puppet Tutorial

Puppet Tutorial is the second blog of Puppet blog series. I hope you have read my previous blog on “What is Puppet” that explains Configuration Management and why it is important with the help of use-cases.

In this Puppet Tutorial following topics will be covered:

• What is Configuration Management?
• Puppet Architecture
• Puppet Master Slave Communication
• Puppet Components
• Hands-On

What is Configuration Management?

In my previous blog, I have given an introduction to Configuration Management and what challenges it helps us to overcome. In this Puppet Tutorial, I will explain you about different interdependent activities of Configuration Management. But before that, let us understand what is Configuration Item (CI). A Configuration Item is any service component, infrastructure element, or other item that needs to be managed in order to ensure the successful delivery of services. Examples of CI include individual requirements documents, software, models, and plans.

Configuration Management consists of the following elements:

• Configuration Identification
• Change Management
• Configuration Status Accounting
• Configuration Audits

The diagram below explains these components:

Configuration Identification:

It is the process of

• Labeling software and hardware configuration items with unique identifiers
• Identifying the documentation that describes a configuration item
• Grouping related configuration items into baselines
• Labeling revisions to configuration items and baselines.

Change Management: It is a systematic approach to dealing with change both from the perspective of an organization and the individual.

Configuration Status Accounting: It includes the process of recording and reporting configuration item descriptions (e.g., hardware, software, firmware, etc.) and all departures from the baseline during design and production. In the event of suspected problems, the verification of baseline configuration and approved modifications can be quickly determined.

Configuration Audits: Configuration audits provide a mechanism for determining the degree to which the current state of the system is consistent with the latest baseline and documentation. Basically, it is a formal review to verify that the product being delivered will work as advertised, promoted or in any way promised to the customers. It uses the information available as an outcome of the quality audits and testing along with the configuration status accounting information, to provide assurance that what was required has been build.

Now is the correct time to understand Puppet Architecture.

Puppet Tutorial – Architecture of Puppet

Puppet uses a Master-Slave architecture. The diagram below depicts the same:

The following functions are performed in the above image:

• The Puppet Agent sends the Facts to the Puppet Master. Facts are basically key/value data pair that represents some aspect of Slave state, such as its IP address, up-time, operating system, or whether it’s a virtual machine. I will explain Facts in detail later in the blog.
• Puppet Master uses the facts to compile a Catalog that defines how the Slave should be configured. Catalog is a document that describes the desired state for each resource that Puppet Master manages on a Slave. I will explain catalogs and resources in detail later.
• Puppet Slave reports back to Master indicating that Configuration is complete, which is visible in the Puppet dashboard.

Check out this Puppet tutorial video for deep understanding of Puppet.

Puppet Tutorial – Puppet Master and Slave Communication

Puppet Master and Slave communicates through a secure encrypted channel with the help of SSL. The diagram below depicts the same:

As you can see from the above Image:

• Puppet Slave asks for Puppet Master certificate.
• After receiving Puppet Master certificate, Master requests for Slave certificate.
• Once Master has signed the Slave certificate, Slave requests for configuration/data.
• Finally, Puppet Master will send the configuration to Puppet Slave.

Let us now have a look at various Puppet components.

Puppet Tutorial – Components of Puppet:

Manifests: Every Slave has got its configuration details in Puppet Master, written in the native Puppet language. These details are written in the language which Puppet can understand and are termed as Manifests. They are composed of Puppet code and their filenames use the .pp extension. These are basically Puppet programs. For example: You can write a Manifest in Puppet Master that creates a file and installs Apache server on all Puppet Slaves connected to the Puppet Master.

Module: A Puppet Module is a collection of Manifests and data (such as facts, files, and templates), and they have a specific directory structure. Modules are useful for organizing your Puppet code, because they allow you to split your code into multiple Manifests. Modules are self-contained bundles of code and data.

Resource: Resources are the fundamental unit for modeling system configurations. Each Resource describes some aspect of a system, like a specific service or package.

Facter: Facter gathers basic information (facts) about Puppet Slave such as hardware details, network settings, OS type and version, IP addresses, MAC addresses, SSH keys, and more. These facts are then made available in Puppet Master’s Manifests as variables.

Mcollective: It is a framework that allows several jobs to be executed in parallel on multiple Slaves. It performs various functions like:

• Interact with clusters of Slaves, whether in small groups or very large deployments.
• Use a broadcast paradigm to distribute requests. All Slaves receive all requests at the same time, requests have filters attached, and only Slaves matching the filter will act on requests.
• Use simple command-line tools to call remote Slaves.
• Write custom reports about your infrastructure.

Catalogs: A Catalog describes the desired state of each managed resource on a Slave. It is a compilation of all the resources that the Puppet Master applies to a given Slave, as well as the relationships between those resources. Catalogs are compiled by a Puppet Master from Manifests and Slave-provided data (such as facts, certificates, and an environment if one is provided), as well as an optional external data (such as data from an external Slave classifier, exported resources, and functions). The Master then serves the compiled Catalog to the Slave when requested.

Now in this Puppet Tutorial my next section will focus on Hands-On.

Puppet Tutorial – Hands-On

I will show you how to deploy MySQL and PHP from Puppet Master to Puppet Slave. I am using only one Slave for demonstration purpose there can be hundreds of Slaves connected to one Master. To deploy PHP and MySQL I will use predefined modules available at forge.puppet.com. You can create your own modules as well.

Features of Puppet:

Following are the features of Puppet:

Platform Support

Puppet is compatible with all platforms that support Ruby, like Microsoft Windows, Linux, MacOS X, etc.

Scalable

The puppet was developed in 2005; therefore, many different organizations, including medium and large, have deployed Puppet, and hence its scalability is very large.

Documentation

Puppet provides a large number of well-developed wiki pages with detailed documentation.

Idempotency

Unlike other configuration management tools, in Puppet, we can safely run the same set of configurations multiple times on the same machine. Means, after deploying a configuration on any machine, the puppet keeps verifying those configurations in certain intervals.

Open-Source

A puppet is an open-source tool, and because of this feature, it is easy to extend it to build custom libraries and modules.

Reporting Compliance

The enterprise version of the puppet supports graphical reporting with the help of this you can simply visualize the infrastructure, communicate, and quickly respond to the modifications. It provides you the real-time visibility into the effects of changes, which allows you to see what’s going on your infrastructure.

Cost-Effective

When you have many numbers of systems and want to make some minor code changes, then Puppet helps to reduce the effort and cost.

Faster

Puppet allows DevOps professionals and System Administrators to work more quickly and effectively.

Growing Fast

Today, many companies have adopted puppet to manage their infrastructure, such as Google, Red Hat, AT&T, Spotify, AON, US Air Force, etc.

Prerequisites

Before proceeding with this tutorial, you should have a basic knowledge of system administration, network protocol communication, and infrastructure. To automate the infrastructure provisioning, we should have a basic understanding of Ruby scripts and the system where we want to use Puppet.

Audience

This tutorial is created for those who would like to learn the basics of Puppet. This tutorial will provide enough understanding to reduce the complexity of managing infrastructure. After completion of this tutorial, you will get a basic level of understanding of Puppet and workflow. This tutorial will also give you a good understanding of the configuration of Puppet in a preconfigured infrastructure and how to use it for automation.

Problems

We assure you that you will not find any difficulty while learning our Puppet tutorial. But if there is any mistake in this tutorial, kindly post the problem or error in the contact form so that we can improve it.