Getting Started with Puppet - Hello World!

Last updated by Alan Sharp-Paul on August 11, 2019

scroll down

As Puppet is one of the leading IT automation tools on offer, I thought I'd post a tutorial about getting started. In particular I wanted to see how simple it is to go from zero to "Hello World" *. This way I get to play a first-time user, which is kinda fun too.

* Yes, I'm borrowing a programming concept here, the notion that printing "Hello World" to a screen is the simplest way to demonstrate basic functionality.

So, let's see how we go.

1. To Google!

Let's Google Puppet Getting Started.

When this article was first posted in 2016, the first link was this one. Unfortunately it's a deprecated page for mcollective. Hmm, an inauspicious start.

Now, in 2018, we have a much better first result! The beginners guide is helpful, and points me to a bunch of resources including videos and a learning VM (Virtual Machine). Very helpful, but I just want to run a "Hello World" test, so I'm going to install on my Mac.

2. Documentation

I see a Docs link in the very top nav. From there I drill into Puppet Enterprise and finally to the Getting Started section. OK, this feels more promising.

3. Serverless Puppet

Part 1 in the learning series is for serverless Puppet. Sounds good to get me playing around. Hmm, 8 articles though and none of them seem to be a nice, easy getting started tutorial. I guess I have some reading to do. Here's my summary of the key stuff from those articles:

4. Learning about Resources and the RAL

Puppet calls configuration items (files, users, groups, packages, services etc) resources and the collection of them their Resource Abstraction Layer (RAL). Rather than code, resources are defined in json format. Here's an example resource definition for a user:

user { 'dave':
  ensure     => present,
  uid        => '507',
  gid        => 'admin',
  shell      => '/bin/zsh',
  home       => '/home/dave',
  managehome => true,

4. Learning about Manifests

Resources are combined within files (*.pp) called manifests which can then be applied to machines. OK, this is interesting. I've found an example manifest that looks like it will form the basis of my "Hello World" test (I make one small tweak to a file contents specification). All it does is create one file, one directory, an alias and also send some notifications:

file {'/tmp/test1':
  ensure  => present,
  content => "Hello World!",

file {'/tmp/test2':
  ensure => directory,
  mode   => 0644,

file {'/tmp/test3':
  ensure => link,
  target => '/tmp/test1',

notify {"I'm notifying you.":}
notify {"So am I!":}

There are 7 more articles (dependencies, variables, modules etc) but I'm lazy and they feel too advanced for what I'm trying to achieve so I'll skip them for now :)

5. Lemme at it!

Now, how do I run this thing? Ah, there's another section towards the bottom of the Learning Puppet page called Get Equipped. It wants me to make use of a pre-baked VM. That's handy but I really just want a "Hello World" test so I'm going to install on my Mac instead. Back to Google.

6. Installation

OK. Found the install details for Mac (info for other OS's is also on this page) here. Let's give it a go.

7. Download all the things!

So I need to download and install the most recent Facter, Hiera and Puppet packages which are found on this page. Making me choose is annoying, but if you scroll down the list you eventually find choices for facter-latest, hiera-latest and puppet-latest. I install in that order as instructed.

8. Configurationing

I'm told to go to the terminal and do some manual configuration. Before I do that I want to ensure that I've correctly installed the above packages, so I scan my machine with UpGuard. By diffing the current state of my laptop against what it was fifteen minutes ago I can see all the changes from the Puppet setup. 

Screen Shot 2017-05-03 at 2.38.46 PM.png

I see that the following has been added:

Files- /etc/facter.conf- /etc/hiera.yaml- /etc/puppet- /etc/puppet/auth.conf

- puppet

- puppet

- /Volumes/hiera-1.3.4
- /Volumes/puppet-3.8.7
- /Volumes/facter-2.4.6

9. Creating puppet group and user

I'm told that I need to run some commands to create the group and user but I can see in UpGuard that they are already there. OK, cool, so Puppet has made some improvements to the set up process that aren't documented; it could be worse. I'll run them anyway just to be safe.

Create the puppet group:

sudo puppet resource group puppet ensure=present

Create a puppet user:

sudo puppet resource user puppet ensure=present gid=puppet shell='/sbin/nologin'

I'll skip the daemon set up.

10. Make it tight

While I'm here I'll save those elements in an UpGuard policy so I'll know if I break anything. Because I created the policy from the actual state of my machine, all my tests are currently passing. Hey, that feels good for a change.

Screen Shot 2017-05-03 at 2.53.51 PM.png

11. No really, I better come back and make it tight

Whether the current state is secure is another question: these are the defaults designed to get Puppet running in standalone mode. Probably not the way I want to leave thing. In the future I'll revisit my policy to define a less permissive configuration and use that to validate the changes when I've adjusted my files accordingly. 

Screen Shot 2017-05-03 at 2.50.01 PM.png

12. Post-install

I see a link Continue Reading Here and click it for post-install instructions.

It tells me that the conf file is stored here:


Hmm, that's weird. I know it wasn't created because the scan didn't find it. I guess I need to create it. There's a specific link for Configuring Puppet but there are also basic instructions in the post-install section.

13. Standalone Nodes Config

OK, so the section "On Standalone Nodes" looks to be what I want. It tells me:

Settings for standalone puppet nodes should go in the [main] block of puppet.conf.

Puppet’s default settings are generally appropriate for standalone nodes. No additional configuration is necessary unless you intend to use centralized reporting or an external node classifier.

Now I'm a bit confused. I still don't know what goes in my puppet.conf file. I search around for an example of a default settings puppet.conf without any joy. You know what? I'm just going to try and apply my test manifest and see what happens. After all, this is starting to take longer than I'd wanted to spend on it. It's almost lunch!

14. Create and apply a Manifest

So I save the above manifest example as hello_world.pp and then run the following from the terminal, as specified in the same manifest article that gave me the example:

puppet apply hello_world.pp


Here's the output:

Notice: /Stage[main]//File[/tmp/puppet/test1]/ensure: created
Notice: /Stage[main]//File[/tmp/puppet/test3]/ensure: created
Notice: So am I!
Notice: /Stage[main]//Notify[So am I!]/message: defined 'message' as 'So am I!'
Notice: I'm notifying you.
Notice: /Stage[main]//Notify[I'm notifying you.]/message: defined 'message' as 'I'm notifying you.'
Notice: /Stage[main]//File[/tmp/puppet/test2]/ensure: created
Notice: Finished catalog run in 0.08 seconds

I check my tmp directory and I do indeed have a new file, test1, a new directory, test2 and an alias, test3 -> test1. test1 has the contents:

"Hello World!"

15. Wrapping Up

Well there you have it. Zero to Hello World! with Puppet. A few complaints with the process in that the documentation didn't flow very nicely, some things were hard to find and it wasn't at all clear that the config file was optional.

I'm sure Puppet would say that they're not targeting this type of use case but I think it's important. Some people don't have a lot of time to evaluate software so first impressions count. Seeing something in action quickly means a lot.

Hope you found this useful anyway. Next time, Chef!

Request a Free Demo

Related posts

Learn more about the latest issues in cybersecurity