olly - Fotolia


Try a Puppet setup to learn configuration management and automation

Configuration management is vital to fast-moving IT ops, and Puppet is a popular tool. This Puppet setup tutorial gets users started on the open source version.

Puppet is among the most frequently used configuration management utilities, and it's easy to get a sense of how Puppet works by setting up a simple environment.

This Puppet setup includes a Puppet master and agent running on CentOS Linux version 7.3. Because this is a test setup, the Puppet master and Puppet agent roles run on the same computer; in a real Puppet environment, different nodes run each task.

To start, install or verify the presence of the Puppet software package; it is included in the repositories of some Linux distributions. On CentOS, install the extra packages for enterprise Linux (EPEL) repository -- which contains convenient but unsupported packages -- with yum install -y epel-release. Next, use yum -y install puppet to install Puppet. This pulls up the free open source version of Puppet, not the enterprise supported version.

Pull back the curtain on Puppet functionality

Puppet is a configuration management tool designed for easy use by non-programmers, such as IT administrators. If you're new to Puppet, learn how the tool achieves idempotent configurations, and review the main considerations of licensing the supported version of the software.

After installing Puppet, start creating manifest files. Puppet users define the desired state of a machine in a declarative language to create a manifest file. Puppet allows the administrator to manage various items through manifest files. For example, one manifest file creates a user. To run this test, create a file with the name adduser.pp, containing:

user { 'linda':

  ensure => 'present',

  home => '/home/linda',

  shell => '/bin/bash',


After creating this file, use the command puppet apply user.pp to create the user. You should see command output that looks as follows:

[[email protected] ~]# puppet apply user.pp

Notice: Compiled catalog for server3.example.com in environment production in 0.09 seconds

Notice: /Stage[main]/Main/User[linda]/ensure: created

Notice: Finished catalog run in 0.04 seconds

Now type getent passwd linda and verify that the user was successfully created. Type ls -l /home/linda, and you'll notice the home directory doesn't exist. The Puppet manifest file has defined that the user should have a property home, which is indeed created in the user specification. However, Puppet is not so smart that it will create the home directory automatically, even if it did create the group linda for the user. To create the home directory, add the following section to the manifest file and run puppet apply user once more:

file { '/home/linda':

  ensure => 'directory',

  owner => 'linda',

  group => 'linda'

  mode => '770',

  require => User['linda'],


You have now successfully created a user via a manifest file on your Puppet setup. For a list of other supported resources, type puppet resource --type. A long list of resource types will scroll by on the screen.

At your service

The service resource is among Puppet's most interesting options. It allows the user to manage the state of services on a given computer.

Start with the service resource by running the command puppet resource service sshd. Puppet displays the current status of the resource on the server: ensure indicates whether or not it's currently running, and enable shows if it is enabled for automatic starting after a reboot.

[[email protected] ~]# puppet resource service sshd

service { 'sshd':

  ensure => 'running',

  enable => 'true',


[[email protected] ~]# puppet resource service vsftpd

service { 'vsftpd':

  ensure => 'stopped',

  enable => 'false',


A Puppet user can usually figure out what they'll need in place to manage resources without additional help. As was the case for the user created earlier, a Puppet setup requires that the administrator install the service before managing it. The following Puppet manifest file shows how to do it:

package { 'vsftpd':

  ensure => 'present',



service { 'vsftpd':

  ensure => 'running',

  enable => true,

  require => Package['vsftpd'],


Try running this manifest file using puppet apply: It will start the service and, if necessary, install the package containing it.

Puppet can accomplish complex tasks in an automated manner. For example, in the manifest file above, the require parameter was used to make sure that the required software is installed automatically.

Once an IT administrator or developer has set up Puppet and is familiar with the language used in Puppet files, automation is relatively easy to implement.

Next Steps

Ready to up the ante? Here's a free book chapter on Puppet automation

The battle over Red Hat configuration management software

See what Puppet has in mind for its future

Dig Deeper on Configuration Management and DevOps