Learning Puppet for Windows Server电子书

Learning Puppet for Windows Server

Table of Contents

Learning Puppet for Windows Server

Credits

About the Author

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Instant updates on new Packt books

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Downloading the color images of this book

Errata

Piracy

Questions

1. Installing Puppet Server and Foreman

The differences between using Puppet with Windows and with Linux

Installing Puppet Server

Connecting your server with SSH

Installing Puppet

Setting the hostname

Setting FQDN

Setting static IP, gateway, and DNS

Adding the Puppet repositories

Installing Puppet

Installing Foreman

The Foreman interface

Keeping your server secure

Backups

Keeping your server up to date

Do not enable root account

The user password policy

Do not use old passwords that have been used before

Using at least a 10 char complex password

Expiring password in 90 days

Locking account

Using SSH with key file to connect

Creating the public and private key

Getting the key to your computer and converting it into the PuTTY format

Connecting from Linux

Disabling the SSH logins with a password

The firewall rules

Checking which ports to keep open

Defining firewall rules

Allowing ingress traffic for the SSH port 22

Allowing ingress traffic for HTTP port 80

Allowing ingress traffic for HTTPS port 443

Allowing ingress traffic for Foreman proxy port 8443

Allowing ingress traffic for Puppetmaster port 8140

Allowing all that is established from us

Denying all the incoming traffic

Making the iptables rules persistent

Summary

2. Installing Puppet Agents

Downloading and installing the Puppet agent

Signing the certificate

Installing the Puppet agent on multiple clients

Modifying the MSI file

Using software to push the agents

Using a domain controller to push the agents

Managing the node certificates

Displaying the certificates

Signing the certificates

Deleting the certificates

The host groups

Managing the host groups

Assigning the hosts to hosts groups

Summary

3. Your First Modules

The module structure

The module layout

Modules for creating the files and folders

The Hello World module

Creating the directory structure

Creating the manifest file

Importing the module class in Foreman

Assigning the class to a host

Assigning the class to a host group

Uploading files

Creating folders

Managing services

Running commands

Running the command on certain conditions

Managing users

Summary

4. Puppet Forge Modules for Windows

Installing modules from Puppet Forge

Managing the registry

Writing the manifests

Limitations with the registry module

The access control list

Changing the permissions of a folder

Purging permissions

Purging permissions and locking a file from user changes

Firewall

The firewall rule example

The reboot module

Summary

5. Puppet Facts, Functions, and Templates

Puppet facts

Using the facts in manifests

Adding the custom facts

Adding Windows users as custom facts

Making sure our code works only for Windows

Including the necessary libraries

Defining your variables with empty values

Finding the registry values

The Puppet templates

An example template to edit the registry keys

The Puppet functions

The stdlib functions

Some string functions – downcase, upcase, and capitalize

The pw_hash function

Your first function

Summary

6. Using Puppet for Windows Security

Locking the Startup folder

Locking the hosts file

Stopping unnecessary services

Making sure that the security-related services are running

Denying all incoming traffic and allowing only the necessary ports

Making the local administrator passwords unique

The password function

The module

The Ruby code to generate the password

The test

Summary

7. Reporting and Monitoring

Checking the infrastructure statistics

Checking the statuses of hosts from Foreman

Audits

Facts

Reports

YAML

Checking the report details of hosts from Foreman

Checking the statuses of hosts from the terminal

node.rb

The host YAML files

Facts

The Puppet SSL certificates

Checking the logs from the terminal

Summary

8. Installing Software and Updates

Installing a software with package resource

What is Chocolatey?

Installing Chocolatey

Installing a software with Chocolatey

Uninstalling a software with Chocolatey

Using Chocolatey to install a software

Installing Firefox as an example

Installing Chocolatey using Puppet

Using Chocolatey to update a software

Using Puppet and Chocolatey to update mostly used software

Updating the Puppet agents

Updating the server

Updating the agents with Chocolatey

Uninstalling a software

Uninstalling an older version of a software that cannot be differentiated by its name

Summary

Index