Please enable JavaScript to view the comments powered by Disqus.

What is Puppet and What are its Key Components

What is Puppet and What are its Key Components

Written by Vaibhav Umarvaishya

Share This Blog


Puppet is a tool that helps you manage and automate the configuration of servers.

When you use Puppet, you define the desired state of the systems in your infrastructure that you want to manage. You do this by writing infrastructure code in Puppet's Domain-Specific Language (DSL) — Puppet Code — which you can use with a wide array of devices and operating systems. Puppet code is declarative, which means that you describe the desired state of your systems, not the steps needed to get there. Puppet then automates the process of getting these systems into that state and keeping them there. Puppet does this through Puppet primary server and a Puppet agent. The Puppet primary server is the server that stores the code that defines your desired state. The Puppet agent translates your code into commands and then executes it on the systems you specify, in what is called a Puppet run.

The primary server and the agent are part of the Puppet platform, which is described in The components that make up Puppet — along with facts, catalogs, and reports.

How Puppet Works

Puppet has a primary-secondary node architecture.

The clients are distributed across the network and communicate with the primary-secondary environment where Puppet modules are present. The client agent sends a certificate with its ID to the server; the server then signs that certificate and sends it back to the client. This authentication allows for secure and verifiable communication between the client and the master.

The factar then collects the state of the clients and sends it to the master. Based on the fact sent, the master compiles the manifests into the catalogs, which are sent to the clients, and an agent executes the manifests on its machine. A report is generated by the client that describes any changes made and is sent to the master.

This process is repeated at regular intervals, ensuring all client systems are up to date. In the next section, let us find out about the various companies adopting Puppet as a part of our learning about what is Puppet.

Why use Puppet desired state management?

There are many benefits to implementing a declarative configuration tool likePuppetinto your environment — most notablyconsistencyandautomation.

  • Consistency. Troubleshooting problems with servers is a time-consuming and manually intensive process. Without configuration management, you are unable to make assumptions about your infrastructure — such as which version of Apache you have or whether your colleague configured the machine to follow all the manual steps correctly. But when you use configuration management, you are able to validate thatPuppetapplied the desired state you wanted. You can then assume that state has been applied, helping you to identify why your model failed and what was incomplete, and saving you valuable time in the process. Most importantly, once you figure it out, you can add the missing part to your model and ensure that you never have to deal with that same problem again.
  • Automation.When you manage a set of servers in your infrastructure, you want to keep them in a certain state. If you only have to manage homogeneous 10 servers, you can do so with a script or by manually going into each server. In this case, a tool likePuppetmay not provide much extra value. But if you have 100 or 1,000 servers, a mixed environment, or you have plans to scale your infrastructure in the future, it is difficult to do this manually. This is wherePuppetcan help you — to save you time and money, to scale effectively, and to do so securely.

Puppet in DevOps?

Puppet is often used and applied in DevOps so let’s review the reasons for its use in DevOps.

  • Puppet applies the model of continuous delivery to the software release cycle by automating operations and working process of deployment
  • Idle time caused by issues with configuration is minimized or can be avoided as the speed of system recovery is high thanks to Puppet and other automation systems for servers management
  • Unlike scripts, Puppet can work well in large infrastructures and automates repetitive tasks easily; also, it’s well-supported
  • Puppet has broad sectoral support in Cloud and DevOps ecosystems and is often applied in automation.

Scalability and consistency, portable infrastructure, flexibility, and constant infrastructure analysis are essential aspects for the DevOps to pay attention to. When using Puppet, many of these problems are solved. There are many other useful tools for the DevOps to use and the range is continuously growing. The difference between the newer tools that they are not as popular, while Puppet has a solid reputation, shows significant progress and is in use by many large IT companies.

Key concepts behind Puppet

UsingPuppetis not just about the tool, but also about a different culture and a way of working. The following concepts and practices are key to using and being successful withPuppet.

Infrastructure-as-code

Puppetis built on the concept ofinfrastructure-as-code, which is the practice of treating infrastructure as if it were code. This concept is the foundation of DevOps — the practice of combining software development and operations. Treating infrastructure as code means that system administrators adopt practices that are traditionally associated with software developers, such as version control, peer review, automated testing, and continuous delivery. These practices that test code are effectively testing your infrastructure. When you get further along in your automation journey, you can choose to write your own unit and acceptance tests — these validate that your code, your infrastructure changes, do as you expect.

Idempotency

A key feature ofPuppetisidempotency— the ability to repeatedly apply code to guarantee the desired state on a system, with the assurance that you will get the same result every time. Idempotency is what allowsPuppetto run continuously. It ensures that the state of the infrastructure always matches the desired state. If a system state changes from what you describe,Puppetwill bring it back to where it is meant to be. It also means that if you make a change to your desired state, your entire infrastructure automatically updates to match.

Agile methodology

When adopting a tool likePuppet, you will be more successful with anagile methodologyin mind — working in incremental units of work and reusing code. Trying to do too much at once is a common pitfall. The more familiar you get withPuppet, the more you can scale, and the more you get used to agile methodology, the more you can democratize work. When you share a common methodology, a common pipeline, and a common language (thePuppetlanguage) with your colleagues, your organization becomes more efficient at getting changes deployed quickly and safely.

Gitand version control

Gitis aversion controlsystem that tracks changes in code. While version control is not required to usePuppet, it is highly recommended that you store yourPuppetcode in aGitrepository.Gitis the industry standard for version control, and using it will help your team gain the benefits of the DevOps and agile methodologies

When you develop and store yourPuppetcode in aGitrepository, you will likely have multiple branches — feature branches for developing and testing code and a production branch for releasing code. You test all of your code on a feature branch before you merge it to the production branch. This process, known asGitflow, allows you to test, track, and share code, making it easier to collaborate with colleagues. For example, if someone on your team wants to make a change to an application's firewall requirements, they can create a pull request that shows their proposed changes to the existing code, which everyone on your team can review before it gets pushed to production. This process leaves far less room for errors that could cause an outage.

The components that makeup Puppet

Puppetis made up of several components. Together these are called thePuppetplatform, which is what you use to manage, store and run yourPuppetcode. These components includePuppet Server,Puppet agent,Facter,Hiera, andPuppetDB.

Puppetis configured in an agent-server architecture, in which a primary node (system) controls configuration information for one or more managed agent nodes. Servers and agents communicate by HTTPS using SSL certificates.Puppetincludes a built-in certificate authority for managing certificates.Puppet Serverperforms the role of the primary node and also runs an agent to configure itself.

Facter,Puppet’s inventory tool, gathersfactsabout an agent node such as its hostname, IP address, and operating system. The agent sends these facts to the primary server in the form of a specialPuppetcode file called amanifest. This is the information the primary server uses to compile acatalog— a JSON document describing the desired state of a specific agent node. Each agent requests and receives its own individual catalog and then enforces that desired state on the node it's running on. In this way,Puppetapplies changes all across your infrastructure, ensuring that each node matches the state you defined with yourPuppetcode. The agent sends a report back to the primary server.

You keep nearly all of yourPuppetcode, such as manifests, inmodules. Each module manages a specific task in your infrastructure, such as installing and configuring a piece of software. Modules contain both code and data. The data is what allows you to customize your configuration. Using a tool calledHiera, you can separate the data from the code and place it in a centralized location. This allows you to specify guardrails and define known parameters and variations so that your code is fully testable and you can validate all the edge cases of your parameters. If you have just joined an existing team that uses Puppet, take a look at how they organize their Hiera data.

All of the data generated byPuppet(for example facts, catalogs, reports) is stored in thePuppet database(PuppetDB). Storing data inPuppetDBallowsPuppetto work faster and provides an API for other applications to access Puppet's collected data. OncePuppetDBis full of your data, it becomes a great tool for infrastructure discovery, compliance reporting, vulnerability assessment, and more. You perform all of these tasks withPuppetDBqueries.

Open source Puppet vs. Puppet Enterprise (PE)

Puppet Enterprise (PE) is the commercial version of Puppet and is built on top of the Puppet platform. Both products allow you to manage the configuration of thousands of nodes. Open source Puppet does this with desired state management. PE provides an imperative, as well as a declarative approach to infrastructure automation.

If you have a complex or large infrastructure that is used and managed by multiple teams,PEis a more suitable option, as it provides a graphical user interface, point-and-click code deployment strategies, continuous testing and integration, and the ability to predict the impact of code changes before deployment.

The Puppet ecosystem

AlongsidePuppetthe configuration tool, there are additionalPuppettools and resources to help you use and be successful. These make up thePuppetecosystem

Install existing modules fromPuppetForge

Modules manage a specific technology in your infrastructure and serve as the basic building blocks ofPuppetdesired state management. On thePuppetForge, there is a module to manage almost any part of your infrastructure. Whether you want to manage packages or patch operating systems, a module is already set up for you.

When using an existing module from theForge, most of thePuppetcode is written for you. You just need to install the module and its dependencies and write a small amount of code (known as a profile) to tie things together

Develop existing or new modules withPuppet Development Kit (PDK)

You can write your own Puppet code and modules using Puppet Development Kit (PDK), which is a framework to successfully build, test, and validate your modules. Note that most Puppet users won’t have to write full Puppet code at all, though you can if you want to...

WritePuppetcode with the VSCode extension

ThePuppet VSCode extensionmakes writing and managingPuppetcode easier and ensures your code is high quality. Its features includePuppetDSL IntelliSense, linting, and built-in commands. You can use the extension with Windows, Linux, or macOS.

Run acceptance tests with Litmus

Litmusis a command-line tool that allows you to run acceptance tests againstPuppetmodules for a variety of operating systems and deployment scenarios. Acceptance tests validate that your code does what you intend it to do.

Use cases

PuppetForgehas existing modules and code examples that assist with automating the following use cases:

  • Base system configuration
  • Manage web servers
  • Manage database systems
  • Manage middleware/application systems
  • Source control
  • Monitoring
  • Patch management
  • Package management
  • Containers and cloud-native
  • Networking
  • Secrets management
  • Continuous integration and delivery ofPuppetcode
  • Incident remediation

Conclusion

In this article, we have looked through many things connected with Puppet and DevOps. We also saw key components of Puppet and all the use cases related to puppet.

Vaibhav Umarvaishya

Vaibhav Umarvaishya

Cloud Engineer | Solution Architect

As a Cloud Engineer and AWS Solutions Architect Associate at NovelVista, I specialized in designing and deploying scalable and fault-tolerant systems on AWS. My responsibilities included selecting suitable AWS services based on specific requirements, managing AWS costs, and implementing best practices for security. I also played a pivotal role in migrating complex applications to AWS and advising on architectural decisions to optimize cloud deployments.

Enjoyed this blog? Share this with someone who’d find this useful


Confused about our certifications?

Let Our Advisor Guide You

Already decided? Claim 20% discount from Author. Use Code REVIEW20.