# Puppet 基於 Ruby 的系統組態管理工具，採用 Client / Server 的部署架構，概念為 Infrastructure as Code 的工具，可以把平常的系統管理工作程式碼化，用戶端預設每個半小時會與伺服器溝通一次，來確定是否有更新。 > Infrastructure as Code (IaC) Puppet 中一個基礎元素為 resource，一個 resource 可以是file、package 或者是 service 等，透過 resource 我們可以查看環境上檔案、套件、服務狀態等。 通常會撰寫 manifest 檔案來定義 resource。而這些 resource 在執行時會以同步的方式完成。而因為是同步執行，會有相依性的問題產生。這時候可以用 `before` / `require` 關鍵字來配置先後順序。 > Puppet code is declarative, which means that you **describe the desired state of your systems**, not the steps needed to get there. > **Puppet master** is the server that stores the code that defines your desired state. The **Puppet agent** translates your code into commands and then executes it on the systems you specify, in what is called a **Puppet run**. > **Facter**, Puppet’s inventory tool, gathers facts about an agent node such as its hostname, IP address, and operating system. The agent sends these facts to the master in the form of a special Puppet code file called a **manifest**. This is the information the master uses to compile a **catalog** — a JSON document describing the desired state of a specific agent node. Each agent requests and receives its own individual catalog and then enforces that desired state on the node it's running on. In this way, Puppet applies changes all across your infrastructure, ensuring that each node matches the state you defined with your Puppet code. The agent sends a report back to the master. > >  > >  ## Catalogs Puppet 會把 Node 所需要的設定封裝成 Catalogs，再由 Node 將 Catalogs 解析後 Deploy，Catalogs 又分為兩個階段來 Deploy catalogs： - Compile catalog - Apply catalog ## Hiera Hiera 是 Puppet 內建的數據查找系統，透過 Three layout 架構並且實現 defaults, with overrides 在不同的環境給予不同的參數，讓 Node 可以找到適合自己的值（例如：在 Dev 時取到的參數和 Production 的不同） ## 參考文件 - [Puppet doc](https://puppet.com/docs/puppet/latest/puppet_overview.html) - [Infrastructure-as-code 如何改善我們的生活品質？ / Neil Wei](https://medium.com/kkstream/infrastructure-as-code-%E5%A6%82%E4%BD%95%E6%94%B9%E5%96%84%E6%88%91%E5%80%91%E7%9A%84%E7%94%9F%E6%B4%BB%E5%93%81%E8%B3%AA-ee11e9d67b71)