Imagine you're sitting at home one day after a long day of work. Suddenly, you get a phone call that a new security vulnerability was found and all 300 of your servers will need to be patched. How would you handle it?
With Puppet, finding which one of your servers was vulnerable would be an easier task than doing so by hand. Furthermore, with a little additional work, you could ensure that every one of your servers is running a newer nonvulnerable version of the Puppet package.
In this chapter, we will touch on the following concepts:
What is Puppet?
Declarative versus imperative systems
The Puppet client-server model
Other components of the Puppet ecosystem used for security
Installing Puppet
How Puppet fits into a security role
Once this is complete, we will build the environment we'll use to run examples in this book and then run our first example.
Much of the information in this chapter is presented as a guide to what we will accomplish later on in this book.