puppet

< work in progress>

01/02/2010

I have spent time evaluating various configuration management systems. Most are familiar with tools such as CFEngine. I was looking for something that was more flexible, and capable of handling differences between operating system distributions. This is why I use Puppet. I like the idea of being able to create configuration rules, and have the OS differences handled directly within the rules. This simplifies the rule creation.

I've been doing personal research with Puppet for over a year now, and am ready to deploy into a production environment. The only caveat I've found is that not all distributions are up-to-date on their Puppet packages. As Puppet is written in Ruby, you can use Ruby Gems to install the latest version. However, the Gem installation of Puppet & PuppetMaster only includes the support files (i.e. /etc/init.d/puppet, etc) for distributions such as freebsd, fedora/centos, suse, etc., but not Debian. I found that the Debian Lenny Experimental repository appeared to have the latest version. With that said, be forewarned that if you use a packaged distribution of Puppet, it may be grossly out of date.

Puppet is simple to use. There is a PuppetMaster (puppetmasterd) agent that runs on a central server. This agent holds all of your configuration rules. All the client systems run an agent called puppetd. The client agent calls the master agent at pre-defined intervals, receives the rules and applies them. All communications between the client and the master are secured using openssl with certificates. The master agent would typically run as user id "puppet", while the client agent must run as user id "root". This is because the client must be able to make system configuration changes, as dictated by the configuration rules.

There is support available for Puppet. The company is "Puppetlabs.com".

Company website is at: http://www.puppetlabs.com

Wiki is at: http://www.puppetlabs.com/community/overview

< more to come later>

Here are some of my recipes:

I've added some files that I used when configuring Cobbler to install Ubuntu server. The ubuntu-server.preseed file contains a late-command section that will install the puppetlabs repo for the latest release, as well chains into a download of the postinstall program, which installs the firstboot service, which in turn installs the latest puppet client.