In this chapter, we looked at how we can implement central configuration management using Puppet. Although we only looked at it on CentOS, the configuration can work across many operating systems including Linux, Windows, and Unix. The main server is the Puppet master and agents connected on the TCP port 8140 to download the site manifest. This manifest can include other classes but will determine the desired configuration for a node.

As we move onto the next chapter, we will look at how we can use pluggable authentication modules (PAM) to help harden the CentOS host, as well as venture into the world of SELinux.