Puppet configuration
So far, we have discussed how to configure a system using Puppet. But what about Puppet's own configuration? Can the Puppet configuration be managed by Puppet itself?
The answer is yes, but if you decide to do so, do it with caution. Test your Puppet configuration changes thoroughly in isolation, and test it multiple times before pushing it into a live environment. It only requires a minor error in your configuration, and your Puppet agents become non-functional.
There are two ways to manage the Puppet configuration. The Puppet configuration can be managed from the command line by running the puppet config
commands. Or the configuration can be changed by editing the file in /etc/puppetlabs/puppet/puppet.conf
, if you are using the Puppet Enterprise edition as we are doing. In the open source Puppet, the configuration file path is /etc/puppet/puppet.conf
.
Let's view the contents of the file with the utility called less
, which enables us to browse the file with the arrow keys:
less /etc/puppetlabs/puppet/puppet.conf
The content of the puppet.conf
file is similar to the ini
configuration files, which are commonly used with Windows applications. The data structure basically is a key value pair separated by the =
equivalence sign.
There are also sections in the configuration file that are marked with the section name wrapped inside the block brackets. The sections are as follows:
- The
[main]
section - The
[master]
section - The
[agent]
section
The [main]
section contains the configuration that is shared by the [master]
and [agent]
sections.
The [master]
section contains the configuration for the Puppet master, which we will discuss in detail later in this book.
The [agent]
section contains the configuration for the Puppet agent, which we have already been using when managing resources on the command line.
When you take a look at the second line in the /etc/puppetlabs/puppet/puppet.conf
file, you can see a configuration key called certname
with the learning.puppetlabs.vm
value. Using the arrow keys, when scrolling down to the [agent]
section, we find a key called environment with the value production
.
Do you recall seeing these values before? You probably do from the output of the puppet apply
command that we ran earlier. Here is the output that I'm referring to:
Notice: Compiled catalog for learning.puppetlabs.vm in environment production in 0.15 seconds
The Compiled catalog for learning.puppetlabs.vm
string and the environment production are defined in the Puppet configuration file. When running Puppet in the standalone mode, as we are at this point, the configuration is not that relevant; but later on in this book, when we link the Puppet Agents with the Puppet Master, we will benefit from knowing how to change the Puppet configuration.
To change the Puppet Agent configuration, we can use the Nano text editor and edit the file manually, but as an alternative, we can use the Puppet command-line utility to change the configuration.
As an exercise, we can change the Puppet Agent's identity with the following command:
puppet config set certname brandnew
While we are at it, let's change the environment as well. As we are developing Puppet, a suitable environment name for it is development
, which we can set with the following command:
puppet config set environment development
Puppet expects to find an environment-specific directory in the filesystem, so let's create one with the following command:
mkdir /etc/puppetlabs/puppet/environments/development
Now run the puppet apply user.pp
command, and you can see that the configuration changes have become effective:
Notice: Compiled catalog for brandnew in environment development in 0.13 seconds Notice: Finished catalog run in 0.27 seconds
Now we can try changing the configuration manually in the Nano editor. Open the configuration file:
nano /etc/puppetlabs/puppet/puppet.conf
Press Ctrl + W to search for a certname
key and replace the brandnew
value with the learning.puppetlabs.vm
string .
Then, search for an environment
key name, and Nano will take you a couple of lines down to the end of the [main]
configuration section. This line got added when we changed the configuration with the puppet config set
command. Now repeat the search with Alt + W, and you will find another key called environment
in the [agent]
configuration block with the original value production
. Why duplicate keys? Well, by default, the puppet config set
command manages the configuration under the [main]
block of the configuration file. The keys specified in this section will take priority over the configuration in the [master]
and [agent]
sections.
So, to revert to the environment value production, we can just remove the environment development
from the [main]
configuration block.
Once the line has been removed, save the puppet.conf
file by pressing Ctrl + X, confirm the save operation by pressing Y for Yes, and then press Enter.
To confirm that the configuration changes were successfully applied, we can query specific keys in the configuration file with the puppet config print
command:
puppet config print certname environment
The output of the command should show that the configuration was successfully changed. Here is a screenshot of the puppet config print certname environment
command before and after the change.