All notes



Puppet is an open-source configuration management tool. It runs on many Unix-like systems as well as on Microsoft Windows.

Puppet is produced by Puppet Labs, founded by Luke Kanies in 2005. It is written in Ruby and released as free software under the GNU General Public License (GPL) until version 2.7.0 and the Apache License 2.0 after that.

The user describes system resources and their state, either using Puppet's declarative language or a Ruby DSL (domain-specific language). This information is stored in files called "Puppet manifests". Puppet discovers the system information via a utility called Facter, and compiles the Puppet manifests into a system-specific catalog containing resources and resource dependency, which are applied against the target systems. Any actions taken by Puppet are then reported.

Puppet Apply

puppetDoc: architecture.

Puppet apply is an application that compiles and manages configurations on nodes. It acts like a self-contained combination of the Puppet master and Puppet agent applications.


Copy shared files in Windows top questions on puppet and Windows.

On the Linux side, Puppet leverages Yum or Apt repositories to perform the install media retrieval. On the Windows side, there currently isn't a ubiquitous abstraction that we can leverage in a package provider.

In an environment with Windows file shares available a "depot" can be set up containing the installation media for all managed software. Puppet can be used to connect to this software depot and use it for package sources. The following pseudo-code demonstrates the pattern.

Because we are not currently aware of a native type/provider for mounting windows shares, an exec resource is used as a stand-in directive to ensure that the depot location is mounted and available. The exec could relatively easily be replaced with a full native "net_use" type and provider written along the same lines as the simondean/net_share module from Puppet Forge.

# The depot share path and connection information. Could be stored
# in hiera instead
$username = 'domain\puppet'
$password = 'passw0rd'
$share =  '\\depot\packages'
$safeshare = regsubst($share, '[\\$]', '.', 'G')

# The `net use` command for the depot_mount exec resource
$netuse = 'C:\Windows\system32\cmd.exe /c net use'

# An exec resource that makes sure the depot is connected. If it's
# already connected, do nothing. If it isn't connected, connect
# to it.
exec { 'depot_mount':
  command => "$netuse $share /USER:$username $password",
  unless  => "$netuse | FindStr /R \"^OK.*$safeshare\"",

# A package resource. Note specifically that it lists the
# depot_mount exec as a requirement.
package { 'Orca':
  ensure          => installed,
  source          => "$share\\orca\\orca-3.0.3790.msi",
  install_options => { 'INSTALLDIR' => 'C:\orca' },
  require         => Exec['depot_mount'],