Cisco Puppet Automation Tool Overview

Cisco Puppet is a configuration management and automation tool that runs on a cross-platform client-server architecture. Puppets allow you to manage and configure numerous sorts of devices at the same time. This can be used on a variety of devices, including Catalyst Switches, Nexus Switches, and the Cisco Unified Computing System (UCS) server platform. This is one of the most utilized automation tools among the vendors and works with a wide range of clients. It manages many servers’ software and configurations. Puppets can be used throughout the device’s lifecycle, including initials deployment and configuration, management, reusing, and removing devices in a network.

The Puppet environment can be broken down into puppet master (server) and Puppet agent (client). The changes and automation of the task are performed in a puppet console, which is shared between the puppet master and the puppet agent.

  •   Puppet Master (server) is the place where puppet codes are written and stored.
  •   Puppet Agent (client) is installed to communicate with the Puppet Master.

Cisco Puppet

In the main server (puppet master) environment, there is a Puppet Database (PuppetDB) where all the modification or automation tasks are stored. This allowed the client to simply request them if they need something.

Puppet may also check the configuration of devices on a regular basis. This can be set to any network frequency that is available. The operations staff believes it is necessary. Then, if a configuration is altered, an alert can be sent out as well as being reverted to the old setup. Puppet supports three main installation types.

Three Main Types of Cisco Puppet Installation

1. Monolithic which supports up to 4000 nodes

2. Monolithic with compile masters supports 4000 to 20,000 nodes

3. Monolithic with compile masters and standalone PE-PostgreSQL supports more than 20,000 nodes

A common and recommended deployment type is a monolithic installation that supports up to 4000 nodes. However, it is useful from a deployment use case perspective. In this case, some of the best practices such as high ability and centralized management should be considered important. You may need a Master of Master (mom) to manage a distributed puppet master and its database.

Cisco Puppet Components

Puppet Modules – leave the configuration of practically anything which will be configured manually.

Templates – are used to set up configuration files, allowing for the use of variables and other features intended to make files more versatile and reusable.

Files– are the static content that can be downloaded by the puppet agent.

Manifests – is a script for configuring the clients or nodes running the puppet agent. These manifests are delivered to devices through SSL, which necessitates the installation of certificates to assure the security of connections between the puppet master and the puppet agents.

Puppet includes a wide range of modules for many vendors and device kinds. Each of these manifests is used in some way to change the running configuration on Cisco Catalyst devices. Manifests can be saved as separate files with a specific file extension “. pp” (means Puppet policy) extension.  An example of a manifest file named NTP_Server.pp is shown below:



The NTP_Server is set to129.6.15.28, and VLAN 42 is used as the source interface in this case. The line ensure => ‘present’ indicates that the NTP_Server configuration should be present in the Catalyst IOS device’s operating configuration. Remember that Puppet can run on a regular basis to verify that a given configuration is present. The NTP_Server.pp manifest can be executed on a regular basis to see if an NTP server is configured.

Puppet uses a domain-specific language (DSL) as its “programming language,” which is mostly based on Ruby and allows network operators to create bespoke manifests to complete their specialized configuration chores without having to be software engineers.  An example of a manifest file is named MOTD.pp used to configure the message-of-the-day shown below:


Puppet Forge is a community where you can share puppet modules, manifests, and code. Puppet Forge is free to use, and it’s an excellent way to get started with Puppet. Despite the fact that this chapter does not cover installation procedures, you can find that information, as well as code examples and specifications on how to design and install a Puppet environment from scratch, at the Puppet Forge website,, which contains all of the modules and manifests used in this chapter.

Network administrators may automate Day One, Day Two, and Day Three operations with the native NX-OS Puppet agent for Nexus 9000, 7000, 6000, 5000, and 3000 switches by simply expressing the desired state of the network in Puppet code, using the Cisco Puppet module accessible on the Puppet Forge.

Advantages of using infrastructure as code to manage your network:

  • DevOps proliferation: Not only should DevOps collaboration approaches be used in networking, but they should also be used in computing.
  • Operational unity: Manage your network similarly to how you manage your computing resources. Make your change management tools and processes more efficient.
  • Insight: Get change management and change intelligence for all of your infrastructures.

How does Puppet Software work?

  1. To begin, Factor is used to collect data from controlled nodes. There is a portion called Factor in Puppet agent nodes that assists Puppet discovery nodes. These components are installed after the Puppet Software is installed.
  2. Second, Puppet Agent sends these gathered details to Puppet Master.
  3. Puppet Master compiles Manifests into the Catalogs.
  4. Puppet Agent then retrieves these Catalogs from Puppet Master. “Your configuration should be like this!” states the catalog. ”.
  5. Puppet Agent then configures the device.
  6. Puppet Agent delivers Puppet Master a report.

Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.

We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training: