Automate IT and infrastructure, manage complex workflows, and mitigate risk at scale.
Try the full-featured Puppet Enterprise for free on 10 nodes.
Find and prevent compliance failures
Continuous Delivery for Puppet Enterprise
Build, test, and deploy infrastructure as code faster and easier
Compliance Enforcement Modules
Remediate to stay in compliance
Content & Modules
Pre-built scripts to automate common tasks
Get Puppet Enterprise
First 10 nodes are free!
Try it now
Request a demo
Find thousands of component modules built by the community and guidance on using them in your own infrastructure.
Visit Puppet Forge >>
Open Source PuppetPerfect for individuals and small infrastructure
BoltAutomate tasks in orchestration workflows
See all open source projects >>
Contribute to open source projects >>
Whether you’re a current customer looking to expand across your Windows estate, or thinking of deploying Puppet across your infrastructure for the first time, we hope this blog post — based on real-world customer questions and problems — can help answer some of the questions you may have about Puppet.
Table of Contents:
Cross-functionality is critical, no matter what kind of operating system you are working with. It's important that you understand how deployments will differ and will work with, not against, systems that your organization already uses.
Chances are, the choice to use Windows as your organization's operating system has already been well-decided. Which is where our first real question comes in to play:
A: Absolutely! Over 2.2 million Windows servers across the world are managed with Puppet.
Puppet Enterprise (PE) introduced Windows support in 2011, and we have been developing and expanding our Windows capabilities ever since. For the most part, interacting with Puppet is the same regardless of your operating system, but there are some differences in the way that you interact with Puppet and which products you may integrate with Puppet. We’ll cover some of these differences throughout this post.
A: Puppet Server cannot be installed on a traditional Windows machine. Instead, you install agents on your Windows node (desktop, server, virtual machine etc) and manage it with a Linux machine. You can operate this Linux machine remotely from your Windows machine.
A: We have a Getting Started with Puppet class, where you choose whether you want to take the class on a Windows or Linux machine. If you opt for Windows, the course provides Visual Studio (VS) Code and Puppet Development Kit (PDK) tooling for you to work with, and we have Windows examples for every exercise. Several members of our Windows development team have taken this course.
A: Puppet Enterprise (PE) and Microsoft’s SCCM (System Center Configuration Manager) share similar concepts. In some respects they compete, but on the whole they are complementary tools.
Using the two tools in conjunction creates a complementary toolchain to fully manage the lifecycle of desktops, servers, and virtual machines. PE provides an imperative (work-flow based) and declarative (model-based), infrastructure-as-code approach to managing infrastructure, and enables foundational DevOps practices such as peer review, version control, sharing implementations, and continuous delivery. SCCM complements PE’s continuous infrastructure management by providing initial cloud provisioning of the Windows operating system. In successful deployments, SCCM installs and configures an operating system enough to hand off to Puppet, which then brings the new system into the desired state for its intended role.
Whatever your use case, we like to meet you where you are. The key problems we encounter with SCCM are when it hasn't been maintained, and you end up with generations of SCCM scripts in various implementation languages that become unwieldy and unmaintainable. This can be a massive overhead to manage and a problematic service to integrate with Puppet. Replacing this with Puppet can help bring these under control. Alternatively, a well managed SCCM is a great tool for Puppet to leverage and complement.
Related >> How Puppet can help now that SCCM for Linux and UNIX is EOL
A: Like Microsoft, we also believe that a declarative language is highly advantageous — it is both repeatable and consumable. Puppet shares these same qualities, and we also bake it into a tried-and-true distribution platform. Just like all modules on the Puppet Forge, the DSC modules let you declare DSC Resources in your Puppetfile and then use them in your code base. Puppet then takes care of all the details — deployment, running DSC and reporting on changes.
Puppet provides you with the mechanism to encapsulate DSC in a reusable language, providing automated deployment and application at scale. Even better, it's the only solution on the market that gives you property-by-property change reporting — enhancing what DSC already gives you. Also, when you use these modules with the Puppet VSCode extension, you get a strongly typed parameter autocomplete. More on the VSCode extension in Question 8.
A: With the release of Puppet Enterprise 2019.8, Puppet provides pre-built automation content for patching systems. You can review available patches across your Windows nodes, apply the patches, and report on the patch success or failure to ensure your systems are back to a healthy state. You’ll also get visibility into all of the patches across your estate, regardless of operating system. This allows you to use one tool to apply your patches.
You can also manage patch baselines directly in WSUS. Our WSUS client module can configure your machines and receive updates, and then you can use our patching workflow to orchestrate the patching execution. To attach Puppet to a Windows box running WSUS, install the Puppet agent using native PowerShell commands from a primary Puppet server as a source repository or as a native package using Chocolatey. To get started with the WSUS module, see the WSUS client module on the Forge.
If you’re looking to improve your Windows patching processes or want some extra guidance, take a look at our new patching service. A Puppet expert will work with your team to implement a standardized workflow.
A: At Puppet, the Windows agent, the Windows Remote Management protocol, and core resources are first class citizens in terms of development and support. All our core Puppet features work and we are always looking for opportunities to update, extend and improve. We also integrate with key technologies such as the Windows DSC, and Windows applications and tools such as SQL Server, Chocolatey and Visual Studio Code.
A: Content is a huge part of the Puppet experience. Puppet provides a Puppet Development Kit (PDK) to set up your own development environment. With this comes integrated testing tools and a command line interface to help you develop, validate, and test high quality modules.
Puppet also works with some of the most popular text editors, such as Visual Studio Code and vim, and even has its own VS Code extension. The extension provides rich support for the Puppet language, complete with intellisense, autocompletion, inline documentation, code navigation, integration with PDK to automate creating content, and much more! To see a full list of features and to get started, see the documentation.
A: In the same way that you manage any other operating system. Puppet is agnostic to the platform and supports Windows fully with the same code that you use on Linux or any cloud platform. We natively support EXE and MSI-based software packages and also have a package manager for Chocolatey. Package Inspector in Puppet Enterprise also natively works with the software in “Add/Remove Programs.” For more information on the packages that you can manage, see our packages documentation.
A:Bolt, our open source orchestration tool, provides workflow orchestration that can be used stand-alone or in Puppet Enterprise (PE) with the PE orchestrator service, enabling API-driven orchestration. We can orchestrate this automation against anything, including SSH, native cloud APIs, Windows remote management and PE Task Management. To get started, we recommend giving our step-by-step Bolt lab a try.
A: Yes — use the Puppet API provided by the Puppet Enterprise (PE) console service to query the state of Puppet runs, and then use the package inventory to query the packages on the hosts. All other resources can be executed through Puppet Tasks and Plans to return ad hoc data outside of the Puppet catalog, classified for the nodes in question. PuppetDB provides the completed data.
We hope this has helped answer some of your questions. If you don’t see yours here, please reach out to your Puppet representative.
Try Puppet Enterprise for Free
Associate Technical Writer, Puppet by Perforce