Overview of Puppet Server HTTP API

Types of Puppet Server HTTP API

There are two main types of the Puppet Server HTTP API:

• An API for configuration-related services
• An API for the certificate authority (CA).

In this, all the configuration endpoints end with the word /puppet, while all of the Certificate Authority endpoints use the prefixed as  /puppet-ca. All of the endpoints are versioned: the provided prefix should always be followed by a string, for example, /v3 (a separator for a directory, the letter ‘v,’ and the version number of the API).

V1/V2 HTTP APIs

Here we will see v1/v2 for Puppet Server HTTP API. Puppet 4.0.0 removed the V1 and V2 APIs. The directories that were formerly under the / or /v2.0 can now get under the /puppet-ca/v1 API or /puppet/v3 API.

When we start from version 2.1, the ‘Puppet Server 2.x’ series gives both the API endpoints for the current and previous, and it can also serve the nodes that are running the Puppet agent 4.x and 3.x. However, WEBrick masters, Rack masters, and Puppet Server 2.0 could not serve the nodes that are running Puppet 3.x.

Configuration management services

In Puppet Server HTTP API, the Puppet agent application uses these services directly to manage the configuration of the node.

These endpoints accept payload formats that are formatted as the JSON (MIME type of application/json), except for the File Bucket File and File Content, which always use application/octet-stream.

Environments endpoint

In Puppet Server HTTP API, the endpoint /puppet/v3/environments use a format that is different from the informational services and configuration management endpoints.

The endpoint accepts only payloads formatted as JSON. Only Payloads are accepted by the endpoints that are formatted as JSON.

Error responses

Here, we can see the problem occurs when requesting and its HTTP API error response code. Below are the request problem and error response codes in Puppet Server HTTP API.

The above table shows the HTTP response codes for various requests. 

CA V1 HTTP API

All the endpoints that support Puppet's public key infrastructure (PKI) system are contained by the certificate Authority API.

The Certificate Authority V1 API endpoints used the same format as the Puppet V3 API uses because it is based on the interface of Puppet's indirector-based CA. However, Puppet Server's certificate authority is applied in Clojure. Both of these have their own different prefixes and versions other than the V3 API.

They follow the form for their endpoints as  /puppet-ca/v1/:indirection/:key, where:

• : indirection is the indirection where the request is dispatched.
• : the key is the "key" portion of the indirection call.

As of the Puppet V3 API, making use of this API requires a great understanding of how the internal services of Puppet's are structured.

Authorization

Authorization of the /puppet endpoints can be controlled with the help of the Puppet’s auth.conf authorization system.

auth. conf can be ignored for /puppet-ca endpoints by Puppet Server. The access of the certificate_status endpoint can be configured in Puppet Server ca.conf file. And, the remaining Certificate Authority endpoints are always accessible. auth.conf is used by Rack Puppet master servers for /puppet-ca.

While specifying the authorization in auth. conf, the version number and prefix (e.g. /puppet/v3) on paths must be there, since the Puppet matches the authorization rules with the complete request path.

Schemas (JSON)

Below JSON files contain schemas for many HTTP API objects in Puppet Server HTTP API.

• catalog.json
• environments.json
• error.json
• facts.json
• file_metadata.json
• host.json
• json-meta-schema.json
• node.json
• report.json
• Status.json

PSON

PSON is also a type of JSON that is used by puppet for serializing data to transfer across all the network or store it on the drive. The JSON requires that the serialized form is valid unicode (mostly UTF-8), PSON is 8-bit ASCII, which allows it to represent arbitrary byte sequences in strings.

Difference between PSON and JSON

PSON is not different from JSON in the representation of arrays, objects, booleans, numbers, and null values. PSON serializes strings in a different way from JSON.

A PSON string is a series of 8-bit ASCII encoded data. It must start and end with " (ASCII 0x22) characters. Some of the individual characters are denoted by a sequence of characters.

Decoding PSON Using JSON Parsers

Most of the languages already have JSON parsers, which can be used to parse PSON data. Although, the JSON requires that it should be encoded as unicode most parsers will provide usable results from PSON if they are instructed to interpret the input as Latin-1 encoding.

Python Example:

>>> import json
>>> json.load(open("data.pson"), "latin_1")
{u'data': u'\x07\x08\xc3\xc3'}

You can also try this code with Online Python Compiler

Run Code

Frequently Asked Questions

What is Puppet programming?

Puppet is an open-source software deployment tool and configuration management. It's most commonly used on Windows and Linux to pull the strings on multiple application servers simultaneously. We can use Puppet on multiple platforms like IBM, Cisco switches, Mac OS, and mainframe servers.

What is Puppet DevOps tool?

It is a tool that helps you to automate and manage the configuration of servers. It provides us to make separate and different configurations for every host.

What is a puppet server?

Puppet Server is a  Ruby and Clojure application that runs on the Java Virtual Machine (JVM). It also provides certificate authority through Clojure. It works as the primary server node.

How does Puppet server work?

The Puppet server uses a pull mode, where agents poll the master at regular intervals to retrieve node-specific and site-specific configurations.

Conclusion

In this article, we have learned the overview of puppet Server HTTP API. We have seen the different versions and information in the puppet server HTTP API. We have discussed about CA v1, HTTP API error response code, etc.

Recommended Readings: 

What is DevOps

You can learn the basics of Java and data structures and algorithms in Java on Coding Ninjas. Refer to our guided path on code studio to learn more about DSA Competitive Programming, Javascript System Design, etc. Enroll in our courses and refer to the mock test and problems available. Also, look at the interview experiences for placement preparations.

Happy Learning Ninjas.