2. What is Puppet?
• Puppet is a configuration automation platform that is meant to
simplify various system administration tasks.
• Puppet uses a client/server formation where the servers,
called agent nodes talk to and pull down configuration profiles from
the master client, or Puppet master.
• Puppet is written in its own Puppet language, meant to be
accessible to system administrators.
• A module, located on the Puppet master, describes the desired
system.
• Puppet then translates the module into code and alters the agent
servers as needed when you run the puppet agent command on an
agent node, or automatically at the configured intervals.
• Puppet can be used to manage multiple servers across various
infrastructures

3. Setting up the Puppet Master
• Enable the “puppetlabs-release” repository on Ubuntu, unpackage it and update
the system
 wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb
 sudo dpkg -i puppetlabs-release-trusty.deb
 sudo apt-get update
 sudo apt-get install puppetmaster-passenger
 sudo apt-get install puppetmaster
• Ensure you have latest version of puppet running
 puppet resource package puppetmaster ensure=latest
• Puppet master is controlled by Apache2. so it runs when Apache2 runs
 sudo service Apache2 stop | start | restart | status
• Make sure the hostname is “puppet” and hosts has entry
 sudo vi /etc/hostname - puppet
 sudo vi /etc/hosts - <ip> puppet , puppet.localdomain
<ip> agent-01, agent-01.localdomain
<ip> agent-02, apent-02.localdomain
• Lock the puppet version
 Create a new file sudo vi /etc/apt/preferences.d/00-puppet.pref
 Package: puppet puppet-common puppetmaster-passenger
 Pin: version 3.4*
 Pin-Priority: 501

4. Setting up the Puppet Master …
• Setup puppet master names and certificates
 Edit master’s puppet.conf file - sudo vi /etc/puppet/puppet.conf
 Delete the line with templatedir
 Under the [master] section add the following
- certname = puppet
- dns_alt_names = puppet, puppet.localdomain
• Master’s certificates set up
 delete old certificates - sudo rm –rf /var/lib/puppet/ssl
 Create a new CA certificate - sudo puppet master –verbose --no-daemonize
 Press Ctrl-C after Notice: Starting puppet master message to return to shell
 In case “Address in Use” error comes, it could be because puupet master is controlled by Apache2
and that needs to be stopped - sudo service Apache2 stop
 to list all certificates on master: sudo puppet cert list -all
 Start master - sudo service puppet start
 Signing certificates
 sudo puppet cert sign <agent-name>

5. Setting up the Puppet Agent
• Enable the “puppetlabs-release” repository on Ubuntu, unpackage it and
update the system
 wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb
 sudo dpkg -i puppetlabs-release-trusty.deb
 sudo apt-get update
 sudo apt-get install puppet
• Ensure you have latest version of puppet running
 puppet resource package puppet ensure=latest
• Puppet is disabled by default.
 edit /etc/default/puppet and change start=yes
• Make sure the hostname is “puppet” and hosts has entry
 sudo vi /etc/hostname - agent-01 or host-01 or whatever is the hostname
 sudo vi /etc/hosts - <ip> puppet , puppet.localdomain
<ip> agent-01, agent-01.localdomain
• Lock the puppet version
 Create a new file sudo vi /etc/apt/preferences.d/00-puppet.pref
 Package: puppet puppet-common puppetmaster-passenger
 Pin: version 3.4*
 Pin-Priority: 501

6. Setting up the Puppet Agent …
• Setup puppet master name and certificates
 Edit agent’s puppet.conf file - sudo vi /etc/puppet/puppet.conf
 delete templatedir
 delete [master] and the lines below it.
 Add [agent]
server = puppet.localdomain
 Start puppet agent
 sudo service puppet start
 if no output (other than done), then it means the agent has connected
to master and is being managed by the master.

7. Gathering facts
• Puppet gathers facts about each of its nodes using a tool
called “facter”.
• Facter gathers basic facts about nodes (systems) such as
hardware details, network settings, OS type and version, IP
addresses, MAC addresses, SSH keys , etc
• These facts are then made available in puppet as variables.
• It is possible to add custom facts as needed.
• On master -
 sudo vi /etc/puppet/manifests/site.pp
 add the below lines
 file {'/tmp/example-ip': # resource type file and filename
 ensure => present, # make sure it exists
 mode => 0644, # file permissions
 content => "Here is my Public IP Address: ${ipaddress_eth0}.n", # note the ipaddress_eth0
 }
 On Agent
 sudo puppet agent –test -- will create file /tmp/example-ip and print node’s ip address
 Here is my Public IP Address: x.x.x.x.

8. Puppet manifest with module
• Modules are useful for grouping tasks together.
• There are many modules available in the Puppet community,
and you can even write your own.
• On master - install puppetlabs-apache module from forgeapi
 sudo puppet module install puppetlabs-apache or <module-name>
 edit site.pp (sudo vi /etc/puppet/manifests/site.pp) and add the below lines
 node 'host-01' {
 class { 'apache': } # use apache module
 apache::vhost { ‘mysite.com': # define vhost resource
 port => '80',
 docroot => '/var/www/html'
 }
 },
 On Agent
 sudo puppet agent –test
 Should see output with Apache2 getting installed

9. Puppet code
 Puppet code is primarily composed of resource declarations.
 A resource describes something about the state of the system,
such as a certain user or file should exist, or a package should
be installed.
 Example of user resource declaration
user { ‘ranjit':
ensure => present,
uid => '1000',
gid => '1000',
shell => '/bin/bash',
home => '/home/ranjit'
}
 Example of resource declaration
resource_type { ‘resource_name':
attribute => value,
…..
}
 To list all resource types: sudo puppet resource --types

10. Manifests & Classes
 Puppet programs are called manifests.
 Manifests are composed of puppet code with a .pp extension.
Default main manifest installed via apt is “site.pp”. Another
example of manifest is node, for installing Apache on agent.
 Classes - A class definition is where the code that composes a
class lives. Defining a class makes the class available to be
used in manifests, but does not actually evaluate to anything.
 Class Definition
class myclass {
…… (puppet code)
}
 Class Declaration - include myclass. This will cause puppet
to evaluate puppet code in “myclass”
 A resource like class declaration occurs when a class is
declared like a resource. E.g. class {‘apache’:}

11. Modules
 A module is a collection of manifests and data
(such as facts, files, and templates), and they
have a specific directory structure.
 Modules are useful for organizing your Puppet
code, because they allow you to split your code
into multiple manifests.
 To add a module to Puppet, place it in
the /etc/puppet/modules directory

12. Developing a manifest
 Using Puppet to set up LAMP stack on Ubuntu.
 The following resources are needed on Ubuntu server
1. Apache2 installed and running
2. MySQL server package installed and running
3. php5 package installed and a test php script file present
4. update apt before and after installing packages
 For this we write a manifest with the following types of resource declarations
1. exec - to execute commands – e.g. apt-get update
2. package – to install packages via apt-get
3. Service - to ensure that a service is running
4. File – to ensure that certain file exists.
 Create manifest on the node where you want to install lamp
sudo vi /etc/puppet/manifests/lamp.pp
sudo puppet apply –test
 See the attached lamp.pp file

13. Installing lamp on multiple nodes
 Use modules to install lamp on multiple nodes.
 Create a directory - lamp/manifests in /etc/puppet/modules
 Create a file – init.pp in lamp/manifests
(/etc/puppet/modules/lamp/manifests/init.pp)
 Add the following lines in init.pp
1. class lamp {
2. // add the code in lamp.pp here
3. }
 On puppet master, in site.pp, add the following
1. node default{ include lamp } OR
2. node ‘host-01’ {
3. include lamp
4. }
5. A node block allows you to specify Puppet code that will only apply to certain agent
nodes. The default node applies to every agent node that does not have a node block
specified
 On puppet agent, do the following
sudo puppet agent –test --verbose
see the output
 lamp is installed on agent