Puppet is a configuration management tool. It allows you to automate all your IT configurations by giving you the control of what you do to each node (Puppet agent), and also, focusing on when and how you do the configurations. In this context, Puppet is a cross-platform tool that is widely used for Unix-like and Microsoft Windows systems. However, it has been popularly used for Unix-like systems. This book provides insights into using Puppet for Windows administration tasks, such as server setup, application updates, and service management.
This book kicks off with the fundamentals of Puppet by helping you with the installation of Puppet on a Windows Server, and progresses with the introduction of the Foreman interface to manage Puppet nodes. Next, you will deal with the installation of Puppet agents on multiple clients and how to connect them to your Puppet server by grouping your nodes for easy management. Then, you will become familiar with the scripting of Puppet manifests along with an understanding of the module structure in Puppet. You will further move on to the installation of the Puppet Forge modules and their usage in Windows along with advanced topics such as facts, functions, and templates.
Moreover, you will venture into the security aspects for Windows by gaining insights into the various security settings that will make your server and clients more secure from hackers that use different attack vectors. You will also use Puppet and Chocolatey to install and update software.
Finally, you will round off by learning how to check the details of reporting and status monitoring along with the automation of installing and updating software for multiple Windows clients, arming you with ample artillery to tame Puppet for your future projects.
Chapter 1, Installing Puppet Server and Foreman, starts with an introduction to Puppet. It continues with the installation of the operating system of the server. Next, it deals with the installation of Puppet Server and Foreman. Finally, this chapter ends with the security settings of the server.
In this chapter, we start by learning what Puppet is. Then, we continue with the differences of Puppet implementation. We get hands-on experience by installing Puppet Server and Foreman. The last step is to learn how to keep your server secure. In the next chapter, we will deal with the Puppet agents and their installation on the hosts.
Chapter 2, Installing Puppet Agents, starts with setting up agents for single hosts. Next, it continues with modifying the MSI package for Puppet agent installation. After modifying the MSI file, this chapter shows how to use it to install the Puppet agents on multiple hosts by a third-party software and domain group policy. Lastly, the chapter finishes with the management of host certificates and host groups.
Chapter 3, Your First Modules, starts with writing your first module and continues with some basic module examples for file, directory, service, and user management. It also shows how to import the classes to Foreman and assign them to the hosts or host groups.
Chapter 4, Puppet Forge Modules for Windows, takes us into the world of Puppet Forge, where you can find many ready-to-use modules for Windows. The modules that are explained are registry, ACL, firewall, and reboot.
Chapter 5, Puppet Facts, Functions, and Templates, explains how to write Puppet facts, functions, and templates. This chapter shows how to display facts and write your custom facts. Also, it explains the templates to create dynamic content files. It gives details of the stdlib functions and how to create a custom function.
Chapter 6, Using Puppet for Windows Security, shows practices to make Windows more secure using Puppet. The purpose of this chapter is to make hacking activity harder for hackers and keep our systems as secure as possible. The sample practices are locking the startup folder and hosts file, starting the necessary services and stopping the unnecessary ones, setting the firewall rules, and finally, making the local administrator passwords unique.
Chapter 7, Reporting and Monitoring, shows many details about monitoring and checking the statuses of the host, such as how to see the statuses of the hosts in a summary, what information is available for the hosts, reporting the details of Foreman, and checking the definitions, statuses, and facts of the hosts in the terminal. Finally, this chapter deals with how to see the access and error logs for Foreman and Puppet.
Chapter 8, Installing Software and Updates, shows how to install a software using the Puppet package resource. Next, we continue with the details and usage of Chocolatey. Later, we use Puppet and Chocolatey together to make our installations and updates much easier. This chapter checks some of the commonly used software and how to always keep them updated. Finally, this chapter shows how to update the Puppet agents and uninstall the software.
To learn and try the examples in this book, a computer with at least 8 GB of RAM and 100 GB of free hard disk space will be enough. You can use VMware or VirtualBox to install your server and test the clients. For system administrators, a server for Puppet, a domain controller, and some of the clients for testing will be enough.
This book is for the Windows administrators who are looking for ways to automate the management tasks of Windows servers and clients. The target audience should have an experience in Windows administration and a basic knowledge of Linux and Puppet.
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "Use the ssh-keygen command to generate the keys."
A block of code is set as follows:
class firewallrules {
windows_firewall::exception { 'WINRM':
ensure => present,
direction => 'in',
action => 'allow',
enabled => 'yes',
protocol => 'TCP',
local_port => '3389',
remote_ip => '10.10.10.20,10.10.10.21',
display_name => 'Windows RDP Rule allow ips',
description => 'Inbound rule for Windows RDP allow [TCP 3389]',
}
}Any command-line input or output is written as follows:
$ sudo puppet module install puppetlabs-reboot
New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "For the dashboard, from the Monitor menu click on Dashboard".
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
You can download the example code files from your account at http://www.packtpub.com for all the Packt Publishing books you have purchased. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from: https://www.packtpub.com/sites/default/files/downloads/B04731_1877EN_Graphics.pdf.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
You can contact us at <[email protected]> if you are having a problem with any aspect of the book, and we will do our best to address it.