Welcome to Puppet Tutorials. The objective of these tutorials is to provide in depth understand of Puppet.

In addition to free Puppet Tutorials, we will cover common interview questions, issues and how to’s of Puppet.


Puppet is used to automate several routine sysadmin configuration tasks.

Puppet in an enterprise grade configuration management system.

It allows you to define the state of your IT infrastructure. Once it is defined, Puppet will automatically enforce the correct state on an on-going basis.

Managing software state on hundreds of thousands of servers can be a real challenge. What web server should be installed? What web server configuration should looks like? Which users should have access to certain machine or group of machines? Now multiply those questions and many more by the number of servers you have and you end up in a total madness.

Fortunately the year is 2014+ so welcome to the world where tools for various automation are all over the open source world and different people use different sets depending on their needs, use case and environment requirements.

Puppet configuration management tool

Puppet consists of a language, client-server processes and the Resource Abstraction Layer.

The language allows the description of a server configuration with an abstraction of the resources that an administrator already thinks in: users, groups, packages, files, cron, mount and services, to name a few.

The relationship between the resources are also specified. For example, a service depends on a configuration file, and that file depends on a package being installed. The relationships provide order as the policy is applied and allow Puppet to restart dependent services when their configurations change.

Desired to gain proficiency on Puppet? Explore the blog post 

on Puppet Training to become a pro in Puppet.

The resources can also be composed into logical collections. To reuse the previous example, a package, a configuration file and a service can be grouped together. The group can then be reused and treated as a single logical entity in other Puppet code. The client-server setup provides a secure mechanism for transporting the specific configurations from the central description to the individual hosts over HTTP with SSL authentication and encryption -- the same SSL used to secure online banking and e-commerce. Each host only receives its specifically compiled configuration to apply.

Configurations are audited and applied by querying current state, comparing the results with the desired state, and taking the appropriate action for each resource. Applying the configuration will take a base install operating system to a fully configured server. Changes to the central policy can also update configuration files or apply patches. The cycle of auditing and syncing systems with the assigned policy is then used to manage systems throughout the system lifecycle.

The auditing and syncing cycle can ensure consistency across the entire network. With traditional tools and techniques, the chance that two machines providing the same service are configured the same is quite small. As the server counts climb, inconsistencies created by configuration drift cause confusion and mistakes.

Meet Puppet. A software framework that allows you to easily make rapid changes across your infrastructure and enforce consistency with minimal efforts in four simple steps.

-Define what the final state of your machines and groups of machines should look like with simple rules

-Simulate enforcement of the rules to see how it goes

-Enforce the rules so the machine can enter the desired software state

-Receive reports about the changes, run time etc.

So how to get started with it so it can make your operations life easier? Well we should know how its basics works first, so we can take proper decisions and avoid wrong ones bite us later.

-Puppet runs/executes the so-called manifests files (recipes). Think of them like simple programs.

-Manifest files describe the final stage of the system with clear, easy to use and understand syntax.

-Group of manifest files are called modules

-Puppet have set of functions you can use to make your life easier

-Puppet is cool so it offers you functionality to write your own custom functions, classes and facts.

Puppet packages should be available for most major distros already. Just search for puppet using your package manager of choice. For example, on Ubuntu 10.04 you'd want puppet and puppet-common for the managed systems, and puppet master for the central server (if you have multiple systems). You might also want the vim-puppet package if you'll be writing Puppet manifests in Vim, or puppet-el if you want to write manifests in GNU Emacs.

When you're working with Puppet, you're working with resources. Users, packages, files, services, etc. A resource describes something on your system. You can find the standard types on the language resource guide on Puppet Labs' site. Some resources are standard across all OSes (like files) others are OS-dependent (like zfs and zone, which are Solaris-only).

For single systems, you'll usually use puppet to execute a manifest. Remember, a manifest is a file containing a set of resources and instructions on how that resource should be configured or manipulated.

Puppet also has a shell that you can use to execute Puppet commands and configure a local system. The Resource Abstraction Layer Shell (ralsh) can list resources, and operate on resources. Here's a simple example to verify whether a user exists on the system using ralsh:

ralsh user norm

If norm doesn't exist as a user account on the system yet, you'll see this:

user { 'norm':

ensure => 'absent'


This is Puppet providing the current system configuration, as expressed in the Puppet language. This is how you'd write a manifest to remove the usernorm from a system. What if we want to add norm as a user with ralsh? Easy:

ralsh user norm

Ridiculously easy, isn't it? That will create norm with some sane defaults. Here's the manifest that ralsh executes:

user { 'norm':

uid => '1001',

ensure => 'present',

gid => '1001',

home => '/home/norm',

shell => '/bin/sh'


You'd write that up as a manifest and run it using puppet on your local system. What if we want to make norm's shell bash instead of sh? Let's look at that as a manifest:

user { 'norm':

uid => '1001',

ensure => 'present',

gid => '1001',

home => '/home/norm',

shell => '/bin/sh'


Copy that to a file, like norm.pp, and change the shell line to shell => '/bin/sh'. Then run puppet norm.pp. Puppet will check the user, and make the changes necessary so that the user conforms to the manifest.

Check out the top Puppet Interview Questions now!

Features of Puppet

-Designed in such a way that it prevents duplication for everyone solving the same problem.

-Mature Tool

-Powerful Framework

-Simplify System Administrator’s Technical Task.

-System Administrator’s task is written in Puppet’s Native code and can be shared.

-Makes it possible to make rapid and repeatable changes automatically.

-Maintains System Consistency and Integrity.

-Helpful in managing Physical and Virtual devices as well as cloud.

Advantages of puppet over other tools

Normally most of the configuration management tool, deploy the required configuration on a machine, and leave them as it is. But puppet keeps on verifying the configuration at a specified interval(which you can modify as per requirement).

Puppet defines the configurations for a host with the help of a language which is very easy to learn and is only used for that purpose.

Puppet is used by major players in the industry like Google,red hat etc.

Larger open-source developer base

Wide number of platforms are supported in puppet.

Its works very smooth, even when deployed in a large infrastructure(thousands of hosts to manage)


Puppet automation tool seems robust, user friendly interface, as well as very declarative. Installation was very easy for me it was nothing to worry about dependencies at installation.