About Puppet Server
Puppet is configured in an agent-server architecture, in which a primary server node manages the configuration information for a fleet of agent nodes.
Puppet Server acts as the primary server node. Puppet Server is a Ruby and Clojure application that runs on the Java Virtual Machine (JVM).
Puppet Server runs Ruby code for compiling Puppet catalogs and for serving files in several JRuby interpreters. It also provides a certificate authority through Clojure.
About Service name
The Puppet Server service name is puppetserver. To start and stop the service, use commands such as
$ service puppetserver restart
$ service puppetserver status
User which is running Puppet
If you are running Puppet Enterprise: Puppet Server user runs as pe-puppet.You must specify the user in /etc/sysconfig/pe-puppetserver.
If you are running open source Puppet: Puppet Server needs to run as the user puppet.
You must specify the user in /etc/sysconfig/puppetserver.
Ports which is running Puppet
By default, Puppet’s HTTPS traffic uses port 8140. The OS and firewall must allow Puppet Server’s JVM process to accept incoming connections on port 8140. If necessary, you can change the port in webserver.conf.
Logging in Puppet Server
All of Puppet Server’s logging is routed through the JVM Logback library. By default, it logs to /var/log/puppetlabs/puppetserver/puppetserver.log. The default log level is ‘INFO’. By default, Puppet Server sends nothing to syslog. All log messages follow the same path, including HTTP traffic, catalog compilation, certificate processing, and all other parts of Puppet Server’s work.
Puppet Server’s Component
Web Server – Jetty
Puppet Server uses a Jetty-based web server embedded in the service’s JVM process. No additional or unique actions are required to configure and enable the web server. You can modify the web server’s settings in webserver.conf. You might need to edit this file if you use an external CA or run Puppet on a non-standard port.
Puppet API Service
Puppet Server provides APIs that are used by the Puppet agent to manage the configuration of your nodes.
Certificate Authority Service
Signing and revoking certificates over the network is disabled by default. You can use the auth.conf file to allow specific certificate owners the ability to issue commands.
Puppet Server includes a certificate authority (CA) service that:
- Accepts certificate signing requests (CSRs) from nodes.
- Serves certificates and a certificate revocation list (CRL) to nodes.
- Optionally accepts commands to sign or revoke certificates.
The CA service uses .pem files to stores credentials. You can use the puppetserver ca command to interact with these credentials, including listing, signing, and revoking certificates.
Admin API Service
Puppet Server includes an administrative API for triggering maintenance tasks. The most common task refreshes Puppet’s environment cache, which causes all of your Puppet code to reload without the requirement to restart the service. Consequently, you can deploy new code to long-timeout environments without executing a full restart of the service.
JRuby Interpreters
Most of Puppet Server’s work is done by Ruby code running in JRuby. JRuby is an implementation of the Ruby interpreter that runs on the JVM. Note that you can’t use the system gem command to install Ruby Gems for the Puppet primary server. Instead, Puppet Server includes a separate puppetserver gem command for installing any libraries your Puppet extensions might require.
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
- Best AI tools for Software Engineers - November 4, 2024
- Installing Jupyter: Get up and running on your computer - November 2, 2024
- An Introduction of SymOps by SymOps.com - October 30, 2024
