From ArchWiki
Jump to navigation Jump to search

From Puppet web site:

Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to patch management and compliance. Using Puppet, you can easily automate repetitive tasks, quickly deploy critical applications, and proactively manage change, scaling from 10s of servers to 1000s, on-premise or in the cloud.


puppet is available in the official repositories.

If you want to install from Puppet's git repo, puppet-gitAUR is available through the AUR.

If you want to install a puppet master you can install the puppetserverAUR package from the AUR the documentation for which is on the page Puppet server.


Puppet's main configuration file is puppet.conf which is located at /etc/puppetlabs/puppet/puppet.conf.

There are 3 sections to place settings depending if it is a master/agent: [main], [agent] and [master].

Bare minimum of settings are:

  • server: The hostname of the puppet server. Default: puppet
  • report: Most users should set this to true.
  • pluginsync: Most users should set this to true.
  • certname: The certified name of the machine (unique identifier). Default: fqdn

Puppet will look for node configuration in /etc/puppetlabs/code/environments/production/manifests/site.pp.

After starting puppet by daemon/cron/standalone, it will generate certificates in /etc/puppetlabs/puppet/ssl/ directory. You need to accept this certificate in the puppet master with: sudo puppet cert sign <name>.

Notes on bindaddress for puppet master.

The default value for bindaddress is "", which makes puppet listen on IPv4 only: bindaddress =

To make puppet master listen on IPv6, set the binaddress value to: bindaddress = ::

To make puppet listen on both interface, set the value to: bindaddress = *


Facter is a companion program of puppet that gathers facts about the system it runs on.

# puppet facts find facter
# facter -p
Note: Facter is installed by default as a dependency of puppet.

Puppet Resources


"Pacman" is supported by puppet. Installing packages works out of the box since puppet 3.1.0.


Since puppet 3.2.1 systemd on archlinux is fully supported.
The systemd provider in Puppet today only uses two commands for the service enable state:

 systemctl is-enabled <unit>, checking return code for the current enable state
systemctl enable/disable <unit> to change it.

Otherwise service running will use:

 # systemctl start/stop/restart <unit>

Using the full unit name unit.service is supported.


PuppetDB is the fast, scalable, and reliable data warehouse for Puppet.
It caches data generated by Puppet, and gives you advanced features at awesome speed with a powerful API.
Puppetdb is in aur install puppetdbAUR and puppetdb-terminusAUR
[More information: https://github.com/puppetlabs/puppetdb]

Puppet Bolt

Puppet Bolt is standalone piece of software that was introduced by puppet to allow applying tasks without the need for puppet agent and puppet server (like Ansible/Salt). Of course many advantages of the master/agent-design are then lost but if you need to send one-time commands puppet bolt is the right tool for you.

For example restarting a webserver or deleting the mailqueue is done better with puppet bolt whereas keeping a a package to the most current version should be done with standard puppet configuration management.

The only needed package can be installed with the AUR package puppet-boltAUR. More information can be found here: Documentation / official hands-on lab[dead link 2021-05-17 ⓘ]