You are previewing Learning Puppet for Windows Server.
O'Reilly logo
Learning Puppet for Windows Server

Book Description

Organize your Windows environment using Puppet tools to unload administrative burdens in a short time!

About This Book

  • Learn to install and implement a Puppet server for Windows administration
  • Script Puppet manifests, functions, templates and facts for Windows
  • A step-by-step guide that helps you to make your Windows environment more secure with Puppet
  • Who This Book Is For

    This book is for Windows administrators who are looking for ways to automate management tasks of Windows servers and clients. Prior experience in Windows administration and a basic knowledge of Linux and Puppet will help you create wonders using this book.

    What You Will Learn

  • Install Puppet on a Windows server and Foreman interface to have a user-friendly Puppet working environment
  • Discover how to install Puppet agents to single or multiple computers and get your hosts connected to Puppetmaster in one shot
  • Understand all about creating modules, writing manifests, managing files, services and, users in Puppet
  • Learn how to install Puppet Forge modules to complete tasks such as registry management, ACL, and firewall.
  • Explore the usage of Puppet facts, functions and modules to have a deeper understanding of how Puppet functions
  • Manage installation and updates of third party software using Puppet with Chocolatey to completely forgo the manual update chores in your daily plan
  • Use Puppet for Windows security to have a more secure environment
  • In Detail

    Puppet is a configuration management tool. It allows you to automate all your IT configurations by giving you control of what you do to each “node” (Puppet agent), focusing also on when and how you do it. In context, Puppet is a cross-platform tool that is widely used for Unix-like and Microsoft Windows systems declaratively. However, it has been used more popularly for Unix-like systems. This book provides insights into using Puppet for Windows administration tasks such as server setup, application updates, and service management.

    This book kicks off with the fundamentals of Puppet by helping you with the installation of Puppet on a Windows server and progresses with the introduction of the Foreman interface for managing Puppet nodes. Next, you deal with the installation of Puppet agents on multiple clients and how to connect them to your Puppet server by grouping your nodes for easy management. You then become familiarized with the scripting of Puppet manifests along with an understanding of the module structure in Puppet. You further move on to the installation of Puppet Forge Modules and their usage in Windows along with advanced topics such as facts, functions and templates.

    Moreover, you also venture into the security aspects for Windows by gaining insights into various security settings that will make your server and clients more secure from hackers using different attack vectors. You will also use Puppet and Chocolatey to install and update software.

    You finally round off by learning how to check the details of reporting and status monitoring along with the automation of installing and updating software for multiple Windows clients arming you with ample artillery to tame Puppet for your future projects.

    Style and approach

    This book uses a step-by-step and easy-to-learn approach that helps make your Windows environment manageable with Puppet. Each chapter is explained in detail and with many screenshots. Almost all the scenarios and examples are taken from real-world scenarios.

    Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.

    Table of Contents

    1. Learning Puppet for Windows Server
      1. Table of Contents
      2. Learning Puppet for Windows Server
      3. Credits
      4. About the Author
      5. About the Reviewers
      6. www.PacktPub.com
        1. Support files, eBooks, discount offers, and more
          1. Why subscribe?
          2. Free access for Packt account holders
          3. Instant updates on new Packt books
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Downloading the example code
          2. Downloading the color images of this book
          3. Errata
          4. Piracy
          5. Questions
      8. 1. Installing Puppet Server and Foreman
        1. The differences between using Puppet with Windows and with Linux
        2. Installing Puppet Server
          1. Connecting your server with SSH
          2. Installing Puppet
            1. Setting the hostname
            2. Setting FQDN
            3. Setting static IP, gateway, and DNS
            4. Adding the Puppet repositories
            5. Installing Puppet
        3. Installing Foreman
        4. The Foreman interface
        5. Keeping your server secure
          1. Backups
          2. Keeping your server up to date
          3. Do not enable root account
          4. The user password policy
            1. Do not use old passwords that have been used before
            2. Using at least a 10 char complex password
            3. Expiring password in 90 days
            4. Locking account
          5. Using SSH with key file to connect
            1. Creating the public and private key
            2. Getting the key to your computer and converting it into the PuTTY format
            3. Connecting from Linux
            4. Disabling the SSH logins with a password
          6. The firewall rules
            1. Checking which ports to keep open
            2. Defining firewall rules
              1. Allowing ingress traffic for the SSH port 22
              2. Allowing ingress traffic for HTTP port 80
              3. Allowing ingress traffic for HTTPS port 443
              4. Allowing ingress traffic for Foreman proxy port 8443
              5. Allowing ingress traffic for Puppetmaster port 8140
              6. Allowing all that is established from us
              7. Denying all the incoming traffic
            3. Making the iptables rules persistent
        6. Summary
      9. 2. Installing Puppet Agents
        1. Downloading and installing the Puppet agent
          1. Signing the certificate
        2. Installing the Puppet agent on multiple clients
          1. Modifying the MSI file
          2. Using software to push the agents
          3. Using a domain controller to push the agents
        3. Managing the node certificates
          1. Displaying the certificates
          2. Signing the certificates
          3. Deleting the certificates
        4. The host groups
          1. Managing the host groups
          2. Assigning the hosts to hosts groups
        5. Summary
      10. 3. Your First Modules
        1. The module structure
        2. The module layout
        3. Modules for creating the files and folders
          1. The Hello World module
          2. Creating the directory structure
          3. Creating the manifest file
        4. Importing the module class in Foreman
          1. Assigning the class to a host
          2. Assigning the class to a host group
        5. Uploading files
        6. Creating folders
        7. Managing services
        8. Running commands
          1. Running the command on certain conditions
        9. Managing users
        10. Summary
      11. 4. Puppet Forge Modules for Windows
        1. Installing modules from Puppet Forge
        2. Managing the registry
          1. Writing the manifests
          2. Limitations with the registry module
        3. The access control list
          1. Changing the permissions of a folder
          2. Purging permissions
          3. Purging permissions and locking a file from user changes
        4. Firewall
          1. The firewall rule example
        5. The reboot module
        6. Summary
      12. 5. Puppet Facts, Functions, and Templates
        1. Puppet facts
          1. Using the facts in manifests
        2. Adding the custom facts
          1. Adding Windows users as custom facts
            1. Making sure our code works only for Windows
            2. Including the necessary libraries
            3. Defining your variables with empty values
            4. Finding the registry values
        3. The Puppet templates
          1. An example template to edit the registry keys
        4. The Puppet functions
          1. The stdlib functions
            1. Some string functions – downcase, upcase, and capitalize
            2. The pw_hash function
          2. Your first function
        5. Summary
      13. 6. Using Puppet for Windows Security
        1. Locking the Startup folder
        2. Locking the hosts file
        3. Stopping unnecessary services
        4. Making sure that the security-related services are running
        5. Denying all incoming traffic and allowing only the necessary ports
        6. Making the local administrator passwords unique
          1. The password function
          2. The module
          3. The Ruby code to generate the password
          4. The test
        7. Summary
      14. 7. Reporting and Monitoring
        1. Checking the infrastructure statistics
        2. Checking the statuses of hosts from Foreman
          1. Audits
          2. Facts
          3. Reports
          4. YAML
        3. Checking the report details of hosts from Foreman
        4. Checking the statuses of hosts from the terminal
          1. node.rb
          2. The host YAML files
          3. Facts
          4. The Puppet SSL certificates
          5. Checking the logs from the terminal
        5. Summary
      15. 8. Installing Software and Updates
        1. Installing a software with package resource
        2. What is Chocolatey?
          1. Installing Chocolatey
          2. Installing a software with Chocolatey
          3. Uninstalling a software with Chocolatey
        3. Using Chocolatey to install a software
          1. Installing Firefox as an example
          2. Installing Chocolatey using Puppet
        4. Using Chocolatey to update a software
        5. Using Puppet and Chocolatey to update mostly used software
        6. Updating the Puppet agents
          1. Updating the server
          2. Updating the agents with Chocolatey
        7. Uninstalling a software
          1. Uninstalling an older version of a software that cannot be differentiated by its name
        8. Summary
      16. Index