From shell scripts to declarative configuration
Managing the configuration of dozens or hundreds of Linux servers through shell scripts and manually synchronised template files becomes unsustainable beyond a certain scale. The system administration community has sought answers since the 1990s with tools like CFEngine (Mark Burgess, 1993), later bcfg2, and with the emergence of Infrastructure as Code.
Puppet — developed by Luke Kanies and his company Reductive Labs — took shape from 2005 as a modern answer. Written in Ruby, Puppet proposes a declarative model: the administrator describes the desired state of the machine, not the steps to get there.
Version 0.24.6, released on 3 April 2009, consolidates a year of improvements stabilising the 0.24 series as the reference maturation release of 2009. The licence is GPLv2.
The declarative model
Puppet’s DSL describes resources — fundamental configuration units — with an ensure/state model:
package { 'nginx':
ensure => present,
}
file { '/etc/nginx/nginx.conf':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('nginx/nginx.conf.erb'),
require => Package['nginx'],
notify => Service['nginx'],
}
service { 'nginx':
ensure => running,
enable => true,
require => Package['nginx'],
}Puppet parses the manifest, builds a catalog with resource dependencies, and applies necessary changes. If the system is already in the desired state, Puppet does nothing — native idempotency.
The agent/master architecture
As of 2009 Puppet uses a client/server architecture:
- Puppet Master — central server compiling manifests into catalogs per node. Typically a WEBrick or Passenger/Apache application
- Puppet Agent — daemon on each managed node; every 30 minutes (default) contacts the master, downloads the catalog, applies changes, sends a report
- Facter — introspection tool collecting system facts (OS, kernel, network interfaces, RAM, CPU) made available in manifests
- Foreman (plugin) — web interface for node management, dashboards, reporting
Manifests are versionable in Git/Subversion, reviewable, testable. The concept of configuration as code starts to solidify.
Modules and ecosystem
0.24 establishes the Puppet modules pattern — reusable packages encapsulating the configuration of a specific component (Apache, MySQL, PostgreSQL, PHP, Postfix, BIND, …). As of 2009 dozens of community modules already exist, shared via GitHub, blog posts, mailing lists.
Emerging competitors
In 2009 the IaC field is forming:
- Puppet — dominant at the moment, agent/master model, Ruby declarative DSL
- CFEngine 3 — released 2008-2009, historical precursor with promise theory philosophy
- Chef — under preparation by Opscode (founded 2008 by Adam Jacob), first public release January 2009. Slightly more imperative Ruby model than Puppet
- bcfg2 — Argonne National Laboratory, less widespread
Puppet has first-mover advantage and a built community; Chef enters with a slightly different model (Ruby recipes plus DSL) and targets the emerging DevOps community.
Institutional adoption
As of 2009 Puppet has significant adopters:
- Google — internal use for configuring parts of production infrastructure
- Red Hat — integrates Puppet into Satellite (for RHEL configuration management)
- Stanford University — campus server management
- Twitter — early deployments (later growing toward Chef)
- Wikipedia (WMF) — partial
In the Italian context
As of 2009 Italian Puppet adoption is still very niche:
- System administrators with large-scale Linux server clusters
- Hosting providers managing hundreds of VMs
- Universities and research centres with substantial server parks (INFN, CNR, CNAF)
- Startups with Amazon EC2 cloud environments — Puppet solves new-instance provisioning
Adoption is bound to grow in the coming years with the DevOps model’s diffusion, bringing many teams to adopt IaC tools as standard practice.
Puppet’s message
Puppet’s conceptual legacy — declarativity, idempotency, catalog as desired-state representation, Facter as introspection — is bound to remain stable across the evolution of subsequent tools. The idea that configuration is versioned, reviewed code is entering the common vocabulary.
References: Puppet 0.24.x (2008-2009), Luke Kanies, Reductive Labs. GPLv2 licence. Facter for introspection. Apache/Passenger, WEBrick as master. CFEngine as historical precursor. Chef (Opscode, January 2009) as competitor.