Intro to Puppet, PuppetLabs Learning VM

Puppet is a powerful configuration management tool, which is very popular in enterprise config management. Built by Puppet Labs, Puppet is all over the enterprise landscape and used in everything from automation to infrastructure management. Puppet can also play a large role in the security world, it can be leveraged as both a defender (keeping software up-to-date, with unified configurations, across an entire fleet) and as a penetration tester (pushing commands out to systems through an existing control infrastructure). In my search for some learning material to familiarize myself with Puppet I was over-inundated with training and guides offering to teach me the rich framework, but I couldn't choose which source was quality and best to start with. Eventually I came across the epic and free Puppet Labs Learning VM and this is undoubtedly the best resource for getting a hands-on grasp with the fundamental concepts of Puppet Enterprise. This VM is great because it covers the hands-on activities of writing puppet modules and implementing, all locally in a virtual machine. The VM also includes an interactive quest commands that guides the student, as well a web server with a complete walk-through of the quest hosted locally, which allows the entire thing to be done offline, in the Learning VM.  The lab machine is simultaneously running a Puppet Master Server and a Puppet Agent, giving you all the resources to explore the functionality of Puppet (but with none of the scaling). The lab covers the following Quests and Tasks:

Or in a more digestible format:

Begin

Welcome

Task 1: Use puppet -v to check the puppet version
Task 2: View the options for the quest tool
Task 3: Check the quest progress

Power of Puppet

Task 1: Use the puppet module tool to search for graphite
Task 2: Install the dwerder-graphite module
Task 3: Use facter to find the LEarning VM's IP address
Task 4: Trigger a puppet agent run to install and configure Graphite

Resources

Task 1: Inspect the root user resource
Task 2: View the description of the use resource
Task 3: Create the user galatea
Task 4: Give the galatea user the comment Galatea of Cyprus

Modules

Task 1: Use puppet master --configprint find the modulepath
Task 2: Create a directory for your vimrc module
Task 3: Create manifests, examples, and files subdirectories
Task 4: Copy the .vimrc into the module files directory
Task 5: Add the 'set nu' command to the vimrc file
Task 6: Define the vimrc class
Task 7: Include the vimrc class in a test manifests
Task 8: Apply the test to add the 'set nu' command to your .vimrc

NTP

Task 1: Install the puppetlabs-ntp module
Task 2: Include the ntp class in your 'learning.puppetlabs.vm' node definition
Task 3: Trigger a puppet run to install and configure NTP
Task 4: Set the servers parameter to specify non-default servers
Task 5: Trigger a puppet run to apply your server configuration changes

MySQL

Task 1: Install the puppetlabs-mysql module
Task 2: Define the mysql class
Task 3: Trigger a puppet agent run to install MySQL
Task 4: Apply the mysql::server::account_security class
Task 5: Create a new database, user, and grant

Manifests and Classes

Task 1: Define the cowsayings::cowsay class
Task 2: Include the cowsayings::cowsay class in a test manifest
Task 3: Apply the test manifest to install the cowsay package
Task 4: Define the cowasyings::fortune class
Task 5: Include the cowsayings::fortune class in a test manifest
Task 6: Apply the test manifest to install the fortune package
Task 7: Define the cowsayings class
Task 8: Include the cowsayings class in a test manifest
Task 9: Apply the test manifest to install the fortune and cowsay packages

Variables and Parameters

Task 1: Create the directory structure for your web module
Task 2: Define the web class
Task 3: Include the web class in a test manifest
Task 4: Apply your test manifest to create your website files
Task 5: Add $page_name and $message parameters and create a file using their values
Task 6: Declare the web class with parameters in your test manifest
Task 7: Apply your test manifest to generate a new file with parameterized values

Conditional Statements

Task 1: Create the directory structure for your accounts module
Task 2: Define the account class
Task 3: Declare the accounts class in a test manifest
Task 4: Run a noop with operatingsystem set to debain
Task 5: Run a noop with operatingsystem set to an unsupported values
Task 6: Apply your manifest to ensure the user dana is present and in the wheel group

Resource Ordering

Task 1: Create the sshd module directory with manifests, examples, and files subdirectories
Task 2: Define the sshd class
Task 3: Create a s test manifest, and apply it with '--noop' and '--graph' flags
Task 4: Use the 'dot' tool to generate an image of your relationships graph
Task 5: Copy the sshd_config file to the module's files directory
Task 6: Disable the GSSAPIAuthentication in the module's sshd_config file
Task 7: Add a 'file' resource to manage the 'sshd' configuration file
Task 8: Apply your test manifest with the '--noop' and '--graph' flags
Task 9: Add a 'subscribe' metaparameter to your 'sshd' resource

Defined Resource Types

Task 1: Create the web_user module directory with the manifests and examples subdirectories
Task 2: Define a simple web_user::user resource type
Task 3: Create a test manifest to apply your new defined resource type
Task 4: Apply your test manifest
Task 5: Extend your web_user::user resource type to create a public_html directory and an index.html document
Task 6: Apply your test manifest again to create your user's public_html directory and index.html document
Task 7: Add $content and $password parameters to your defined resource type
Task 8: Declare a new web_user::user in your test manifest with parameters
Task 9: Apply your test manifest a final time to make use of your specified paramaters

As you can see, the Learning VM really covers a ton, installing and configuring packages, setting up users, inspecting resources, writing modules, applying custom service configurations, setting up rich database services, writing custom classes which combine services, specifying the install order of resources for services, defining custom resource types, and all kinds of Puppet control logic. Further the Learning VM uses several practical IT admin examples, such as fleet metric graphing with Graphite, resource lookup usings Facter, custom Vim configurations, time optimizations with NTP, updating web content, applying specific administrative Linux user groups, and even custom SSHD configurations. The Learning VM is open source and even has it's own devoted issue tracker. Puppet Labs also provides extensive documentation, for both Enterprise and Open Source versions of Puppet. In fact, Puppet Labs provide tons of online training and in-person training. Puppet Labs also hosts routine Puppet conferences and publishes the con videos online. Hopefully this intro helps people grasp the basics of Puppet, and gives them more resources to explore based on their own needs. The following is The Getting Started with Puppet [Automation] talk from PuppetConf 2013, which I found insightful beyond just using Puppet, and for asking the larger questions of what are you automating and why: