Puppet’s command line
interface (CLI) consists of a single
puppet command with many subcommands.
Puppet Server and Puppet’s companion utilities Facter and Hiera , have their own CLI.
Puppet agent is a core service that manages systems, with the help of a Puppet primary server. It requests a configuration catalog from a Puppet primary server server, then ensures that all resources in that catalog are in their desired state.
Puppet Agent on *nix systems
Puppet Agent on Windows systems
Puppet Agent’s man page
Using Puppet code and various other data sources, Puppet Server compiles configurations for any number of Puppet agents.
Puppet Server is a core service and has
its own subcommand,
puppetserver, which isn’t prefaced by the usual
Puppet apply is a core command that manages systems without contacting a Puppet primary server. Using Puppet modules and various other data sources, it compiles its own configuration catalog, and then immediately applies the catalog.
Puppet ssl is a command for managing SSL keys and certificates for Puppet SSL clients needing to communicate with your Puppetinfrastructure.
Puppet ssl usage:
puppet ssl <action> [--certname <name>]
submit request: Generate a certificate signing request (CSR) and submit it to the CA. If a private and public key pair already exist, they are used to generate the CSR. Otherwise, a new key pair is generated. If a CSR has already been submitted with the given
certname,then the operation fails.
download_cert: Download a certificate for this host. If the current private key matches the downloaded certificate, then the certificate is saved and used for subsequent requests. If there is already an existing certificate, it is overwritten.
verify: Verify that the private key and certificate are present and match. Verify the certificate is issued by a trusted CA, and check the revocation status
bootstrap: Perform all of the steps necessary to request and download a client certificate. If autosigning is disabled, then puppet will wait every
waitforcertseconds for its certificate to be signed. To only attempt once and never wait, specify a time of 0. Since
waitforcertis a Puppet setting, it can be specified as a time interval, such as 30s, 5m, 1h.
For more information, see the SSL man page.
Puppet module is a multi-purpose administrative tool for working with Puppet modules. It can install and upgrade new modules from the Puppet Forge, help generate new modules, and package modules for public release.
Puppet resource is an administrative tool that lets you inspect and manipulate resources on a system. It can work with any resource type Puppet knows about. For more information, see Puppet Resource’s man page.
Puppet config is an administrative tool that lets you view and change Puppet settings.
Puppet parser lets you validate Puppet code to make sure it contains no syntax errors. It can be a useful part of your continuous integration toolchain. For more information, see Puppet Parser’s man page.
Puppet help and Puppet man
Puppet help and Puppet man can display online help for Puppet’s other subcommands.
Full list of subcommands
For a full list of Puppet subcommands, see Puppet’s subcommands.