Chapter 1. Puppet as a Security Tool
Imagine you're sitting at home one day after a long day of work. Suddenly, you get a phone call that a new security vulnerability was found and all 300 of your servers will need to be patched. How would you handle it?
With Puppet, finding which one of your servers was vulnerable would be an easier task than doing so by hand. Furthermore, with a little additional work, you could ensure that every one of your servers is running a newer nonvulnerable version of the Puppet package.
In this chapter, we will touch on the following concepts:
- What is Puppet?
- Declarative versus imperative systems
- The Puppet client-server model
- Other components of the Puppet ecosystem used for security
- Installing Puppet
- How Puppet fits into a security role
Once this is complete, we will build the environment we'll use to run examples in this book and then run our first example.
Much of the information in this chapter is presented as a guide to what we will accomplish later on in this book.