Puppet is configured in an agent-server architecture, in which a primary server node manages the configuration information for a fleet of agent nodes.<\/p>\n\n\n\n
Puppet Server acts as the primary server node. Puppet Server is a Ruby and Clojure application that runs on the Java Virtual Machine (JVM).<\/p>\n\n\n\n
Puppet Server runs Ruby code for compiling Puppet catalogs and for serving files in several JRuby interpreters. It also provides a certificate authority through Clojure.<\/p>\n\n\n\n
The Puppet Server service name is puppetserver. To start and stop the service, use commands such as
$ service puppetserver restart
$ service puppetserver status<\/p>\n\n\n\n
If you are running Puppet Enterprise: Puppet Server user runs as pe-puppet.You must specify the user in \/etc\/sysconfig\/pe-puppetserver.<\/p>\n\n\n\n
If you are running open source Puppet: Puppet Server needs to run as the user puppet.
You must specify the user in \/etc\/sysconfig\/puppetserver.<\/p>\n\n\n\n
By default, Puppet’s HTTPS traffic uses port 8140. The OS and firewall must allow Puppet Server’s JVM process to accept incoming connections on port 8140. If necessary, you can change the port in webserver.conf.<\/p>\n\n\n\n
All of Puppet Server’s logging is routed through the JVM Logback library. By default, it logs to \/var\/log\/puppetlabs\/puppetserver\/puppetserver.log. The default log level is ‘INFO’. By default, Puppet Server sends nothing to syslog. All log messages follow the same path, including HTTP traffic, catalog compilation, certificate processing, and all other parts of Puppet Server’s work.<\/p>\n\n\n\n
Puppet Server uses a Jetty-based web server embedded in the service’s JVM process. No additional or unique actions are required to configure and enable the web server. You can modify the web server’s settings in webserver.conf. You might need to edit this file if you use an external CA or run Puppet on a non-standard port.<\/p>\n\n\n\n
Puppet Server provides APIs that are used by the Puppet agent to manage the configuration of your nodes.<\/p>\n\n\n\n
Signing and revoking certificates over the network is disabled by default. You can use the auth.conf file to allow specific certificate owners the ability to issue commands.<\/p>\n\n\n\n
Puppet Server includes a certificate authority (CA) service that:<\/p>\n\n\n\n
The CA service uses .pem files to stores credentials. You can use the puppetserver ca command to interact with these credentials, including listing, signing, and revoking certificates.<\/p>\n\n\n\n
Puppet Server includes an administrative API for triggering maintenance tasks. The most common task refreshes Puppet\u2019s environment cache, which causes all of your Puppet code to reload without the requirement to restart the service. Consequently, you can deploy new code to long-timeout environments without executing a full restart of the service.<\/p>\n\n\n\n
Most of Puppet Server’s work is done by Ruby code running in JRuby. JRuby is an implementation of the Ruby interpreter that runs on the JVM. Note that you can\u2019t use the system gem command to install Ruby Gems for the Puppet primary server. Instead, Puppet Server includes a separate puppetserver gem command for installing any libraries your Puppet extensions might require.<\/p>\n","protected":false},"excerpt":{"rendered":"
About Puppet Server Puppet is configured in an agent-server architecture, in which a primary server node manages the configuration information for a fleet of agent nodes. Puppet Server acts as the primary server node. Puppet Server is a Ruby and Clojure application that runs on the Java Virtual Machine (JVM). Puppet Server runs Ruby code…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","_joinchat":[],"footnotes":""},"categories":[2],"tags":[],"class_list":["post-32589","post","type-post","status-publish","format-standard","hentry","category-uncategorised"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/32589","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=32589"}],"version-history":[{"count":1,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/32589\/revisions"}],"predecessor-version":[{"id":32590,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/32589\/revisions\/32590"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=32589"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=32589"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=32589"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}