Learning Puppet for Windows Server
By Fuat Ulugay
()
About this ebook
Organize your Windows environment using Puppet tools to unload administrative burdens in a short time!
About This Book- Learn to install and implement a Puppet server for Windows administration
- Script Puppet manifests, functions, templates and facts for Windows
- A step-by-step guide that helps you to make your Windows environment more secure with Puppet
This book is for Windows administrators who are looking for ways to automate management tasks of Windows servers and clients. Prior experience in Windows administration and a basic knowledge of Linux and Puppet will help you create wonders using this book.
What You Will Learn- Install Puppet on a Windows server and Foreman interface to have a user-friendly Puppet working environment
- Discover how to install Puppet agents to single or multiple computers and get your hosts connected to Puppetmaster in one shot
- Understand all about creating modules, writing manifests, managing files, services and, users in Puppet
- Learn how to install Puppet Forge modules to complete tasks such as registry management, ACL, and firewall.
- Explore the usage of Puppet facts, functions and modules to have a deeper understanding of how Puppet functions
- Manage installation and updates of third party software using Puppet with Chocolatey to completely forgo the manual update chores in your daily plan
- Use Puppet for Windows security to have a more secure environment
Puppet is a configuration management tool. It allows you to automate all your IT configurations by giving you control of what you do to each “node” (Puppet agent), focusing also on when and how you do it. In context, Puppet is a cross-platform tool that is widely used for Unix-like and Microsoft Windows systems declaratively. However, it has been used more popularly for Unix-like systems. This book provides insights into using Puppet for Windows administration tasks such as server setup, application updates, and service management.
This book kicks off with the fundamentals of Puppet by helping you with the installation of Puppet on a Windows server and progresses with the introduction of the Foreman interface for managing Puppet nodes. Next, you deal with the installation of Puppet agents on multiple clients and how to connect them to your Puppet server by grouping your nodes for easy management. You then become familiarized with the scripting of Puppet manifests along with an understanding of the module structure in Puppet. You further move on to the installation of Puppet Forge Modules and their usage in Windows along with advanced topics such as facts, functions and templates.
Moreover, you also venture into the security aspects for Windows by gaining insights into various security settings that will make your server and clients more secure from hackers using different attack vectors. You will also use Puppet and Chocolatey to install and update software.
You finally round off by learning how to check the details of reporting and status monitoring along with the automation of installing and updating software for multiple Windows clients arming you with ample artillery to tame Puppet for your future projects.
Style and approachThis book uses a step-by-step and easy-to-learn approach that helps make your Windows environment manageable with Puppet. Each chapter is explained in detail and with many screenshots. Almost all the scenarios and examples are taken from real-world scenarios.
Fuat Ulugay
Fuat Ulugay is currently the IT and ERP director for SOCAR Turkey. He lives in Istanbul, Turkey. Also, he has worked as an SAP ABAP and SAP CRM consultant for more than 10 years. He is a great fan of open source projects. He implements and teaches them whenever possible. He is good at penetration testing, network security monitoring, industrial control systems security, system administration, and virtualization. Also, he is leading and teaching the security team at his company. He has a blog at http:/hacktr.org, where he writes on open source and security-related topics.
Related to Learning Puppet for Windows Server
Related ebooks
Troubleshooting CentOS Rating: 0 out of 5 stars0 ratingsDaniel Arbuckle’s Mastering Python Rating: 0 out of 5 stars0 ratingsPractical OneOps Rating: 0 out of 5 stars0 ratingsDocker Networking Cookbook Rating: 0 out of 5 stars0 ratingsMicrosoft System Center Orchestrator 2012 R2 Essentials Rating: 0 out of 5 stars0 ratingsMastering Cloud Development using Microsoft Azure Rating: 0 out of 5 stars0 ratingsSplunk Developer's Guide Rating: 0 out of 5 stars0 ratingsHands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsLearning Apache Thrift Rating: 0 out of 5 stars0 ratingsMonitoring Docker Rating: 0 out of 5 stars0 ratingsInstant Debian - Build a Web Server Rating: 0 out of 5 stars0 ratingsLearning AirWatch Rating: 5 out of 5 stars5/5Instant Citrix Security How-to Rating: 0 out of 5 stars0 ratingsSecure Your Network for Free Rating: 0 out of 5 stars0 ratingsVagrant Virtual Development Environment Cookbook Rating: 5 out of 5 stars5/5Learning PowerShell DSC Rating: 0 out of 5 stars0 ratingsCombating Spyware in the Enterprise: Discover, Detect, and Eradicate the Internet's Greatest Threat Rating: 4 out of 5 stars4/5SELinux System Administration - Second Edition Rating: 0 out of 5 stars0 ratingsDevOps Practices Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsImplementing SSL / TLS Using Cryptography and PKI Rating: 0 out of 5 stars0 ratingsNative Docker Clustering with Swarm Rating: 0 out of 5 stars0 ratingsWindows Server 2012 Unified Remote Access Planning and Deployment Rating: 0 out of 5 stars0 ratingsMastering Microsoft Exchange Server 2016 Rating: 0 out of 5 stars0 ratingsVMware vSphere Security Cookbook Rating: 0 out of 5 stars0 ratingsMicrosoft Virtualization: Master Microsoft Server, Desktop, Application, and Presentation Virtualization Rating: 0 out of 5 stars0 ratingsLearning Windows Server Containers Rating: 0 out of 5 stars0 ratingsOpenNebula 3 Cloud Computing Rating: 0 out of 5 stars0 ratingsDocker Swarm Mode A Clear and Concise Reference Rating: 0 out of 5 stars0 ratings
Operating Systems For You
Mastering Windows PowerShell Scripting Rating: 4 out of 5 stars4/5Linux Command Line and Shell Scripting Bible Rating: 3 out of 5 stars3/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Excel : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Excel Programming: 1 Rating: 5 out of 5 stars5/5PowerShell: A Comprehensive Guide to Windows PowerShell Rating: 4 out of 5 stars4/5OneNote: The Ultimate Guide on How to Use Microsoft OneNote for Getting Things Done Rating: 1 out of 5 stars1/5Linux Bible Rating: 0 out of 5 stars0 ratingsBash Command Line Pro Tips Rating: 5 out of 5 stars5/5Exploring Windows 11: The Illustrated, Practical Guide to Using Microsoft Windows Rating: 0 out of 5 stars0 ratingsHacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5The Linux Command Line Beginner's Guide Rating: 4 out of 5 stars4/5Learn Windows PowerShell in a Month of Lunches Rating: 0 out of 5 stars0 ratingsWindows 11 All-in-One For Dummies Rating: 5 out of 5 stars5/5Raspberry Pi Cookbook for Python Programmers Rating: 0 out of 5 stars0 ratingsLinux: Learn in 24 Hours Rating: 5 out of 5 stars5/5CompTIA Linux+ Study Guide: Exam XK0-004 Rating: 0 out of 5 stars0 ratingsLinux Command-Line Tips & Tricks Rating: 0 out of 5 stars0 ratingsLearn SQL Server Administration in a Month of Lunches Rating: 3 out of 5 stars3/5Linux All-in-One For Dummies Rating: 3 out of 5 stars3/5Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Rating: 4 out of 5 stars4/5Make Your PC Stable and Fast: What Microsoft Forgot to Tell You Rating: 4 out of 5 stars4/5The Mac Terminal Reference and Scripting Primer Rating: 4 out of 5 stars4/5Hacking for Beginners: Mastery Guide to Learn and Practice the Basics of Computer and Cyber Security Rating: 0 out of 5 stars0 ratingsTor Darknet Bundle: Master the Art of Invisibility Rating: 0 out of 5 stars0 ratingsNetworking for System Administrators: IT Mastery, #5 Rating: 5 out of 5 stars5/5Apple Card and Apple Pay: A Ridiculously Simple Guide to Mobile Payments Rating: 0 out of 5 stars0 ratings
Reviews for Learning Puppet for Windows Server
0 ratings0 reviews
Book preview
Learning Puppet for Windows Server - Fuat Ulugay
Table of Contents
Learning Puppet for Windows Server
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Instant updates on new Packt books
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Downloading the color images of this book
Errata
Piracy
Questions
1. Installing Puppet Server and Foreman
The differences between using Puppet with Windows and with Linux
Installing Puppet Server
Connecting your server with SSH
Installing Puppet
Setting the hostname
Setting FQDN
Setting static IP, gateway, and DNS
Adding the Puppet repositories
Installing Puppet
Installing Foreman
The Foreman interface
Keeping your server secure
Backups
Keeping your server up to date
Do not enable root account
The user password policy
Do not use old passwords that have been used before
Using at least a 10 char complex password
Expiring password in 90 days
Locking account
Using SSH with key file to connect
Creating the public and private key
Getting the key to your computer and converting it into the PuTTY format
Connecting from Linux
Disabling the SSH logins with a password
The firewall rules
Checking which ports to keep open
Defining firewall rules
Allowing ingress traffic for the SSH port 22
Allowing ingress traffic for HTTP port 80
Allowing ingress traffic for HTTPS port 443
Allowing ingress traffic for Foreman proxy port 8443
Allowing ingress traffic for Puppetmaster port 8140
Allowing all that is established from us
Denying all the incoming traffic
Making the iptables rules persistent
Summary
2. Installing Puppet Agents
Downloading and installing the Puppet agent
Signing the certificate
Installing the Puppet agent on multiple clients
Modifying the MSI file
Using software to push the agents
Using a domain controller to push the agents
Managing the node certificates
Displaying the certificates
Signing the certificates
Deleting the certificates
The host groups
Managing the host groups
Assigning the hosts to hosts groups
Summary
3. Your First Modules
The module structure
The module layout
Modules for creating the files and folders
The Hello World module
Creating the directory structure
Creating the manifest file
Importing the module class in Foreman
Assigning the class to a host
Assigning the class to a host group
Uploading files
Creating folders
Managing services
Running commands
Running the command on certain conditions
Managing users
Summary
4. Puppet Forge Modules for Windows
Installing modules from Puppet Forge
Managing the registry
Writing the manifests
Limitations with the registry module
The access control list
Changing the permissions of a folder
Purging permissions
Purging permissions and locking a file from user changes
Firewall
The firewall rule example
The reboot module
Summary
5. Puppet Facts, Functions, and Templates
Puppet facts
Using the facts in manifests
Adding the custom facts
Adding Windows users as custom facts
Making sure our code works only for Windows
Including the necessary libraries
Defining your variables with empty values
Finding the registry values
The Puppet templates
An example template to edit the registry keys
The Puppet functions
The stdlib functions
Some string functions – downcase, upcase, and capitalize
The pw_hash function
Your first function
Summary
6. Using Puppet for Windows Security
Locking the Startup folder
Locking the hosts file
Stopping unnecessary services
Making sure that the security-related services are running
Denying all incoming traffic and allowing only the necessary ports
Making the local administrator passwords unique
The password function
The module
The Ruby code to generate the password
The test
Summary
7. Reporting and Monitoring
Checking the infrastructure statistics
Checking the statuses of hosts from Foreman
Audits
Facts
Reports
YAML
Checking the report details of hosts from Foreman
Checking the statuses of hosts from the terminal
node.rb
The host YAML files
Facts
The Puppet SSL certificates
Checking the logs from the terminal
Summary
8. Installing Software and Updates
Installing a software with package resource
What is Chocolatey?
Installing Chocolatey
Installing a software with Chocolatey
Uninstalling a software with Chocolatey
Using Chocolatey to install a software
Installing Firefox as an example
Installing Chocolatey using Puppet
Using Chocolatey to update a software
Using Puppet and Chocolatey to update mostly used software
Updating the Puppet agents
Updating the server
Updating the agents with Chocolatey
Uninstalling a software
Uninstalling an older version of a software that cannot be differentiated by its name
Summary
Index
Learning Puppet for Windows Server
Learning Puppet for Windows Server
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: August 2015
Production reference: 1170815
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78528-187-7
www.packtpub.com
Credits
Author
Fuat Ulugay
Reviewers
Rudi Broekhuizen
Jordan Olshevski
Commissioning Editor
Nadeem N. Bagban
Acquisition Editor
Harsha Bharwani
Content Development Editor
Dharmesh Parmar
Technical Editor
Tanmayee Patil
Copy Editor
Kausambhi Majumdar
Project Coordinator
Vijay Kushlani
Proofreader
Safis Editing
Indexer
Rekha Nair
Production Coordinator
Melwyn D'sa
Cover Work
Melwyn D'sa
About the Author
Fuat Ulugay is currently the IT and ERP director for SOCAR Turkey. He lives in Istanbul, Turkey. Also, he has worked as an SAP ABAP and SAP CRM consultant for more than 10 years.
He is a great fan of open source projects. He implements and teaches them whenever possible. He is good at penetration testing, network security monitoring, industrial control systems security, system administration, and virtualization. Also, he is leading and teaching the security team at his company. He has a blog at http:/hacktr.org, where he writes on open source and security-related topics.
I would like to thank my wife, Cigdem, for her continuous support while writing this book. Also, I would like to thank my little son, Omer Faruk, for his patience and playtime sacrifice when I was working on this book.
About the Reviewers
Rudi Broekhuizen is a system administrator at Naturalis Biodiversity Center in the Netherlands. From 2005 to 2013, his main focus was on Microsoft products, VMware virtualization, and networking.
Since 2013, he has been involved in transforming the IT organization to take a more DevOps-oriented approach. His main focus shifted to Linux, automated configuration management using Puppet, monitoring and analytics, OpenStack, and replacing closed source software with open source software.
To see what Rudi is currently working on, take a look at some of his code at https://github.com/rudibroekhuizen and https://github.com/naturalis.
Also, do not hesitate to leave a comment on his blog at https://rudibroekhuizen.wordpress.com/.
Jordan Olshevski is a professional services engineer at Puppet Labs. He has a background in software engineering and systems administration. He frequently consults enterprise organizations and has a passion for improving the lives of engineers through DevOps tooling and Agile methodologies. In his spare time, he enjoys listening to jazz music and contributing to the open source community.
www.PacktPub.com
Support files, eBooks, discount offers, and more
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why subscribe?
Fully searchable across every book published by Packt
Copy and paste, print, and bookmark content
On demand and accessible via a web browser
Free access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access.
Instant updates on new Packt books
Get notified! Find out when new books are published by following @PacktEnterprise on Twitter or the Packt Enterprise Facebook page.
Preface
Puppet is a configuration management tool. It allows you to automate all your IT configurations by giving you the control of what you do to each node (Puppet agent), and also, focusing on when and how you do the configurations. In this context, Puppet is a cross-platform tool that is widely used for Unix-like and Microsoft Windows systems. However, it has been popularly used for Unix-like systems. This book provides insights into using Puppet for Windows administration tasks, such as server setup, application updates, and service management.
This book kicks off with the fundamentals of Puppet by helping you with the installation of Puppet on a Windows Server, and progresses with the introduction of the Foreman interface to manage Puppet nodes. Next, you will deal with the installation of Puppet agents on multiple clients and how to connect them to your Puppet server by grouping your nodes for easy management. Then, you will become familiar with the scripting of Puppet manifests along with an understanding of the module structure in Puppet. You will further move on to the installation of the Puppet Forge modules and their usage in Windows along with advanced topics such as facts, functions, and templates.
Moreover, you will venture into the security aspects for Windows by gaining insights into the various security settings that will make your server and clients more secure from hackers that use different attack vectors. You will also use Puppet and Chocolatey to install and update software.
Finally, you will round off by learning how to check the details of reporting and status monitoring along with the automation of installing and updating software for multiple Windows clients, arming you with ample artillery to tame Puppet for your future projects.
What this book covers
Chapter 1, Installing Puppet Server and Foreman, starts with an introduction to Puppet. It continues with the installation of the operating system of the server. Next, it deals with the installation of Puppet Server and Foreman. Finally, this chapter ends with the security settings of the server.
In this chapter, we start by learning what Puppet is. Then, we continue with the differences of Puppet implementation. We get hands-on experience by installing Puppet Server and Foreman. The last