Managing Windows Systems with Puppet - PuppetConf 2013

Managing Windows
Systems with Puppet
James Sweeny
Professional Services | Puppet Labs
james.sweeny@puppetlabs.com
supercow on irc.freenode.net
@jsween_y
Friday, August 23, 13

puppetconf.com #puppetconf
Introduction
• Windows Agent overview
• Puppet resource model overview
• Managing Linux vs. managing Windows
• Windows speciﬁc challenges and solutions
• Windows oddities that will bite you

Supported Platforms
• Server 2003 and 2003 R2
• Server 2008
• Windows 7/Server 2008 R2
• Windows Server 2012

Installation

msiexec /qn /l*v install.log /i puppet-3.2.4.msi
INSTALLDIR="C:Program FilesPuppet LabsPuppet Enterprise"
PUPPET_MASTER_SERVER="master.domain.com"
PUPPET_AGENT_CERTNAME="agenthost.domain.com"

• C:Program Files (x86)Puppet LabsPuppet
– sys
– bin

• C:ProgramDataPuppetLabs
- or -
• C:Documents and SettingsAll Users
Application DataPuppetLabs
– puppetvar
• cached data
• plugins
– puppetetc
• puppet.conf
• ssl data

Anatomy of a Puppet run

Resources
The fundamental building
block

Resource Abstraction

Providers

Linux Resources

So what makes Windows
special?

Host Resource

Service Resource

Windows
Service

Cron Resource

Cron
Scheduled Task Resource

Files
• Line Endings
• Paths
Always ask yourself: “Where is this
evaluated”?

Files - Paths
• 'C:WINDOWSsystem32'
• 'C:/WINDOWS/system32'
• "C:WINDOWSsystem32"
All are OK, but forward slashes are safer...

Files - Paths
... except when a Windows program will
read them.

Files - Line Endings^M
^M
^M
• CRLF vs. LF^M
• Windows uses two characters for^M
newlines^M
• Puppet master always runs in Linux^M

Files - Line Endings
• File resources are written in binary
• source with Windows newlines will be
preserved
• content will always generate Linux
newlines, unless you add them

File Resource -
Permissions
• Still speciﬁed with Unix-style modes
• Mode must be speciﬁed if owner/group
are

File Resource -
Permissions
• Be careful of case
• Can't set SID

Exec Resource

• Execs run without a shell

32-bit Redirection
• %WINDIR%Sysnative
• %WINDIR%System32

Powershell Exec

Powershell Exec Provider

Modules
Modules are the best way to organize your
code and extend core Puppet
forge.puppetlabs.com
puppet module search <keyword>
puppet module install <author-module>

puppetlabs/registry

adenning/winntp

simondean/net_share

trlinkin/
domain_membership

More Windows Modules
• puppetlabs/mssql
• simondean/iis
• adenning/winfacts
• jonnyx/msuac
Search 'windows' on forge.puppetlabs.com

MSI Package Provider

Windows Package
Provider
• Deprecates msi provider
• Available in Puppet 3.0
• Backports available for Puppet 2.7
• Supports .exe and .msi seamlessly

Centralized Packages
• Versionable and Upgradable
• Linux has it easy
• yum
• apt-get
• zypper

Chocolately
• Third party Windows package manager
• http://chocolatey.org/
cinst my_package
See Rob Reynolds tomorrow in the Fountain
Room at 5:10PM!

rismoney/chocolatey

DISM
• Server 2008+ Roles and Features
• Install Windows server roles such as
• DNS Server
• DHCP Server
• IIS

puppetlabs/dism

Rebooting

Pending Reboots

Windows Reboot

Additional Resources
• http://docs.puppetlabs.com/windows
• http://docs.puppetlabs.com/references/
latest/type.html
• http://puppetlabs.com/blog/part-top-
questions-on-puppet-and-windows/
• Puppet Types and Providers by Dan Bode
and Nan Liu

Thank You - Questions?
James Sweeny
Professional Services | Puppet Labs
james.sweeny@puppetlabs.com
supercow on irc.freenode.net
@jsween_y
Collaborate. Automate. Ship.

Follow us on Twitter @puppetlabs
youtube.com/puppetlabsinc
slideshare.net/puppetlabs
Collaborate. Automate. Ship.

Managing Windows Systems with Puppet - PuppetConf 2013

More Related Content

What's hot

Viewers also liked

Similar to Managing Windows Systems with Puppet - PuppetConf 2013

More from Puppet

Recently uploaded

Managing Windows Systems with Puppet - PuppetConf 2013