Directories and Files in Puppet

Config Directory

It is denoted by confdir. It holds information about configuration files and SSL (Secure Socket Layer) data. 

 

Contents of Config Directory 

For all nodes, agent and primary server

Directories/Files	Description
ssl directory	It contains information about the Secure Socket Layer certificate information.
puppet.conf	It is the main configuration file of Puppet.
csr_attributes.yaml	It is the data that is to be added to new certificate requests.

 

For primary server nodes, and standalone nodes that run Puppet apply

Directories/Files	Description
auth.conf	It stores primary server’s access control rules information.
fileserver.conf	Configuration for additional fileserver mount points.
hiera.yaml	It stores the global configuration for Hiera data lookup.
routes.yaml	It stores the Advanced configuration of indirector behavior.

 

On certificate authority servers

Directories/Files	Description
autosign.conf	It stores the pre-approved certificate requests list.

 

On nodes acting as a proxy for configuring network devices

Directories/Files	Description
device.conf	It stores configuration for network devices. This configuration is managed by puppet device command.

Usage of $confdir

$confdir can be used in puppet.conf as it is set before any other setting. In case of non-standard configuration, using $confdir can help in escaping absolute paths and keep puppet-related files together. 

Location

For *nix root users: /etc/puppetlabs/puppet

For Non-root users: ~/.puppetlabs/etc/puppet

For Windows: %PROGRAMDATA%\PuppetLabs\puppet\etc

SSL directory

It is denoted by ssldir. It stores the cryptographic information like Puppet certificates, private keys, certificate signing requests. 

Contents of SSL directory

On agent and primary server, it contains- 

⭐ A private key: private_keys/<certname>.pem

⭐ A signed certificate: certs/<certname>.pem

⭐ A copy of the CA certificate: certs/ca.pem

⭐ A copy of the certificate revocation list (CRL): crl.pem

⭐ A copy of its sent CSR: certificate_requests/<certname>.pem

On Puppet CA, it contains-

private and public keys, certificates and primary server copy of the CRL. It maintains a list of all the certificates and their copies. 

All of the data is stored in the ca subdirectory. 

Directory structure of ssldir

Keep the ssldir permission mode to 0771.

 

Directory/File Name	Description	Mode	Setting
certificate_requests (directory)	The CSRs generated during the preparation for submission to the CA are stored in this directory. After signing and submitting also, the CSRs are stored in this directory.	0775	requestdir
certs (directory)	All the signed certificates present on the node are kept here.	0775	certdir
<certname>.pem	This is node’s certificate.	0644	hostcert
ca.pem	A local copy of the CA certificate.	0644	localcacert
crl.pem	A copy of the certificate revocation list (CRL) retrieved from the CA, for use by agents or primary servers.	0644	hostcrl
private(directory)	Usually, does not contain any files.	0750	privatedir
password	Password to a node’s private key.	0640	passfile
private_keys	Contains the node’s private keys.	0750	privatekeydir
<certname>.pem	This node’s public key.	0644	hostpubkey

 

Location

It is a subdirectory of confdir. From the puppet.conf change the location of ssldir. 

Run the following command

puppet config print ssldir to see the location of ssldir.
 

Cache directory (vardir)

Puppet creates some data that is stored in the cache directory, which is denoted by vardir. The data stored here can be fetched for analysis. 

 

Contents

The data is stored in many subdirectories. The amount of data stored in these directories is generally variable. 
 

Directory name	Config setting
bucket	bucketdir
client_data	client_datadir
clientbucket	clientbucketdir
client_yaml	clientyamldir
devices	devicedir
lib/facter	factpath
facts	factpath
facts.d	pluginfactdest
lib	libdir, plugindest
puppet-module	module_working_dir
puppet-module/skeleton	module_skeleton_dir
reports	reportdir
server_data	serverdatadir
state	statedir
yaml	yamldir

 

 

The state directory contains the following files and directories:

 

Frequently Asked Questions

What is Puppet and how does it work?

Puppet is a DevOps platform for configuration management. It is a system management tool for automating and centralizing the configuration management process. It uses a declarative model based approach, that is, in Puppet, we describe the state of the system and not the steps needed to get there. It uses a Domain Specific Language (DSL) called the Puppet Code.

Which script paradigm does Puppet use?

Puppet uses the client-server script paradigm with a primary server called the master and many agent servers called nodes. 

Can Puppet Server be installed in Windows?

No. Puppet Server can only be installed in a Linux environment. However, we can create a linux environment using a virtual machine in a windows system to use the Puppet server. 

Conclusion

Yay!🥳 You have come to the end of this blog. In this blog we discussed the directories and files in Puppet. We looked into the location where the directories are kept, contents stored inside the directories and the interpolation of the directories. 

Do not stop learning! We recommend you read some of our articles on Puppet - 

🔥 Ansible vs Puppet

🔥 Overview of Puppet Server

🔥 Overview of Puppet Database

Head to the Guided Path on the Coding Ninjas Studio and upskill in Data Structures and Algorithms, Competitive Programming, System Design, and many more courses.

If you want to Practice top Coding Problems, attempt mock tests, or read interview experiences, head to the Coding Ninjas Studio, our practice platform.

We wish you Good Luck!🎈 Please upvote our blog 🏆 and help other ninjas grow.