Puppet Architecture

 

 Puppet Setup

• System configuration in Puppet can be done in a client/server architecture,

• using the Puppet agent and Puppet master applications

• in a stand-alone architecture, using the Puppet apply application

• Starting with a catalog that describes the desired system state for a computer

• Catalog will list all resources as well as any dependencies between those resources, that need to be managed

• Puppet uses several sources of information to compile a catalog.


Puppet Architecture Master Agent

• The Puppet master server manages the configuration information of all nodes

• Managed nodes run the Puppet agent application as a background service

• Puppet Server runs the Puppet master application

• Puppet Agent gathers facts about the node using Facter

• Puppet agent sends its configuration requirements to the Puppet master

• Puppet Master in turn compiles and returns that node’s catalog, using Puppet Forge Content Marketplace

• Puppet agent upon receiving the catalog, applies it to the node

• If Agent finds any resources that are not in the state that they should be, it makes the necessary changes

• Agent sends a report to the Puppet master after applying changes

• Puppet agent nodes and Puppet masters communicate using HTTPS

• Each master and agent must have an identifying SSL certificate

• Upon examining other’s certificate they decide whether to allow an exchange of information


Puppet Master Agent Setup

• A Puppet server (running as 'puppet') listening on 8140 on the Puppet Master (the server )

• A Puppet client (running as 'root') on each managed node

• Client can be run as a service (default), via cron (with random delays), manually or via MCollective

• Client and Server have to share SSL certificates

• New client certificates must be signed by the Master CA

• It's possible to enable automatic clients certificates signing on the Master (be careful of security concerns)


Puppet Architecture Standalone

• Each Puppet node has its complete configuration info using which it compiles catalog

• Nodes run Puppet apply application

• Puppet Apply uses several sources of configuration data which it uses to compile catalog for the node

• Puppet Apply applies catalog after compiling the catalog

• Puppet Apply makes the changes necessary nodes based on catalog

• Puppet Apply stores a report on disk for applied changes


Cross Platform Puppet

• Puppet Master and Agents can run on:

• Linux

• Windows

• OS X

• Other Unix (anything that can support Ruby/RubyGems)

• Puppet can determine individual run time environment information using Factor


Puppet Master

• When set up as an agent/master architecture, a Puppet master server controls the configuration information, and each managed agent node requests its own configuration catalog from the master

• In this architecture, managed nodes run the Puppet agent application, usually as a background service

• One or more servers run the Puppet master application, Puppet Server

• Periodically, each Puppet agent sends facts to the Puppet master, and requests a catalog

• The master compiles and returns that node’s catalog, using several sources of information it has access to.

• Once it receives a catalog, Puppet agent applies it to the node by checking each resource the catalog describes.

• If it finds any resources that are not in their desired state, it makes the changes necessary to correct them.


Puppet Agent

• This is the main puppet client

• Its job is to retrieve the local machine's configuration from a remote server and apply it

• In order to successfully communicate with the remote server, the client must have a certificate signed by a certificate authority that the server trusts; the recommended method for this, at the moment, is to run a certificate authority as part of the puppet server (which is the default)

• The client will connect and request a signed certificate, and will continue connecting until it receives one

• Once the client has a signed certificate, it will retrieve its configuration and apply it


Puppet Agent

• Are software packages installed on each server

• “do the work” of installing and configuring software

• Can be configured to run regularly or on demand or not at all

• Can be executed in a “noop” mode for reporting purposes

• Can also execute the entire lifecycle with puppet apply locally (masterless puppet)

Comments

Post a Comment

Popular posts from this blog

Terraform

Image
  Terraform is an infrastructure as code tool that lets you build, change, and version cloud and on-prem resources safely and efficiently. HashiCorp Terraform is an infrastructure as code tool that lets you define both cloud and on-prem resources in human-readable configuration files that you can version, reuse, and share. You can then use a consistent workflow to provision and manage all of your infrastructure throughout its lifecycle. Terraform can manage low-level components like compute, storage, and networking resources, as well as high-level components like DNS entries and SaaS features. How does Terraform work? Terraform creates and manages resources on cloud platforms and other services through their application programming interfaces (APIs). Providers enable Terraform to work with virtually any platform or service with an accessible API. HashiCorp and the Terraform community have already written  thousands of providers  to manage many different types of resources and services.
Read more

Scrum Master Interview help - Bootcamp

Understanding the MoSCoW prioritization | How to implement it into your project Projects, irrespective of their size or complexity, often juggle numerous tasks and requirements. In such a scenario,  MoSCoW prioritization  becomes essential to ensure the successful completion of the project.  Besides, it is also a very effective way to manage project priorities. With a straightforward and adaptable approach, the MoSCoW method helps manage stakeholder expectations and improve project outcomes. What is the MoSCoW prioritization technique?  The MoSCoW method is a prioritization matrix widely used in project management and software development. The term MoSCoW is an acronym that stands for  Must have ,  Should have ,  Could have , and  Won’t have , each denoting a level of priority. Here is the breakdown of the MoSCoW method:  Must have:  These are critical requirements that the project cannot be completed without them. If these are not fulfilled, the project is con
Read more

Kubernetes

  Using containers to host applications and other processes has gone mainstream. As more and more workload is moved into containers, management systems are needed to handle the demands of containerized applications at scale. One of the most popular options for managing  container-based workload is Kubernetes . Kubernetes combines container management automation with an extensible API to create a cloud-native application management powerhouse. At its core, Kubernetes manages the placement of pods, which can consist of one or more containers, on a Kubernetes cluster node. Additionally, if one of these pods crashes, Kubernetes can create a new instance of it. If a cluster node is removed, Kubernetes can move any affected workload to a different node in the cluster. On top of that, Kubernetes pods can be scaled to provide more or less throughput to meet scale demands and these scale operations can be triggered manually or automatically using Kuberentes horizontal pod auto-scaling. Finally,
Read more