Puppet is a configuration management tool that uses a client-server model. The puppet master stores node configurations in a declarative domain-specific language (DSL). Puppet agents on nodes retrieve their configuration from the master and enforce it locally. Modules define reusable components for configuring packages, files, services, and other resources. Puppet supports environments for separate dev/qa workflows and uses external node classifiers and databases for scaling to large infrastructures.

2. Client – Server Model
Configuration management
Unix-like and Windows
Discover by Facter and send to agent

3. Procedural vs. Declarative
How vs. What
Shell vs. Puppet
package { "vim":
ensure => present,
}

4. Nodes Manifest and Modules
node /^wwwd+.example.com/ {
include sudo
}
node jira-dev.researchnow.com/ {
include sudo
}
…

5. --noop
$ puppet agent –test --noop

6. It’s own DSL…if/else, etc.
package { "ssh":
name => $operatingsystem ?
/(Red Hat|CentOS|Fedora|Ubuntu|Debian)/ =>
"openssh-server",
Solaris => "openssh",
},
ensure => installed,
}
My recommendation: RTFB …. Read The Fowler Book on DSL

7. Audit
file { '/etc/hosts':
audit => [ owner, group, mode ],
}
audit change: previously recorded value owner root
has been changed to owner daemon

8. Environments, Dev/QA…or Per
contributor
$ puppet agent –test –v –-environemnt testing

9. Scaling
• Default puppet master is using webrick
• You can host it on apache

10. Externalizing Puppet Configuration
• ENC – External Node Classification
• LDAP server classification
• Database
• Ruby script or Perl
• Dashboard
• Foreman

11. Foreman

12. TDD - rspec
require 'spec_helper'
describe 'logrotate::rule' do
let(:title) { 'nginx' }
it { should include_class('logrotate::rule') }
it do
should contain_file('/etc/logrotate.d/nginx').with({
'ensure' => 'present',
'owner' => 'root',
'group' => 'root',
'mode' => '0444',
})
end
context 'with compress => true' do
let(:params) { {:compress => true} }
it do
should contain_file('/etc/logrotate.d/nginx')
.with_content(/^s*compress$/)
end
end
context 'with compress => false' do
let(:params) { {:compress => false} }

13. TDD - cucumber
Feature: General catalog policy
In order to ensure applicability of a host's catalog
As a manifest developer
I want all catalogs to obey some general rules
Scenario Outline: Compile and verify catalog
Given a node specified by "features/yaml/<hostname>.example.com.yaml"
When I compile its catalog
Then compilation should succeed
And all resource dependencies should resolve
Examples:
| hostname |
| localhost |

14. Tips
• # install latest puppet
• wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb
• sudo dpkg -i puppetlabs-release-precise.deb
• sudo apt-get update sudo apt-get install puppetmaster
• # chaining
• # ntp.conf is applied first, and will notify the ntpd service
• # if it changes:
• File['/etc/ntp.conf'] ~> Service['ntpd']
• # Certification tips
• puppet cert clean liferay-dev.local
• rm -f /var/lib/puppet/ssl/certs/liferay-dev.local.pem
• find /var/lib/puppet -type f -print0 |xargs -0r rm
• # Debug
• puppet master --no-daemonize --debug --verbose –trace
• puppet config print manifest
• puppet config print all
• puppet config print modulepath

15. What do we have so far?
https://github.com/rsn-innovation/puppets