Top 35 Puppet Interview Questions And Answers

Puppet is an open-source configuration management tool. In this tutorial we have provided most frequently asked Puppet Interview Questions & Answers:

In the current agile development environment, developers integrate their code multiple times in a day and work extra hours to deliver their tasks.

Operations teams work along with application developers for integrating their code using version control tools, code review to maintain design and implementation consistency amongst multiple developers, deploy various build for testing. Besides this, they have to maintain systems and servers in a running state.

Puppet Interview Questions

Various systems and servers when run continuously become prone to malfunction. In large organizations with an enormous customer base, maintenance of infrastructure becomes a daunting task.

In the case of newly installed infrastructure or to maintain existing ones in a good state, DevOps install configuration tools like Puppet that automatically set the default configuration for new machines and resets configuration of failed infrastructures keeping them in running state.

What Is Puppet Software Tool

Puppet is an open-source configuration management tool that automates and manages server configuration. Its code written in Domain-Specific Language (DSL) is declarative, wherein the desired state of our systems is described. This tool automates updating the state of these systems as described with help of puppet master and their agent.

In case of server failure, the code helps the server roll back to their previous working states. In addition, tool deploys servers on-demand and imposes security on them.

With this configuration management tool, one can manage Network Time Protocol (NTP), Sudo privileges to identify users with elevated access privileges, besides this Domain Name System (DNS) name server, and firewall can also be managed with it.

Most Frequently Asked Puppet Interview Questions

Q #1) Explain Puppet Enterprise.

Answer: Puppet enterprise is configuration tool or said as an automated code where infrastructure information such as software and their settings are already defined for system and server so that these can be installed, the environment can be set up when new infrastructure is installed and periodic verification is done to ensure that these systems and servers remain in the desired state.

Q #2) Describe Puppet architecture.

Answer: Puppet follows declarative programming approach where code specifies what to do, but does not inform steps on how to do it.

Based on Pull based deployment, agent nodes check on a regular interval of 30 minutes with a master node for anything change at the agent. In case of change requirement, the agent pulls specific code from the master and performs required actions at agent node.

  • Agent sends Facts, i.e. its state in key/value data pair, to the master. State includes the system’s operating system, up-time i.e. time system is operational, IP address i.e. physical or virtual machine.
  • Using facts information, master compiles a Catalog that describes how the agent should be configured. Catalog, a document explains the desired state for the agent’s resources, master manages on the agent.
  • Agent responds to the master with information about completion of configuration, which can be viewed in the Puppet dashboard.


Q #3) Explain Working of Puppet.

Answer: It is explained as follows:

Entities required for running include Puppet Master and Puppet Agent.

Agent or nodes are daemons running on client servers. These servers need some configurations or being managed using Puppet. This agent verifies configurations at regular intervals with the master for any change. Master consists of all configurations stored for different hosts and runs as a daemon on the master server. Agent and master are connected via Secure Sockets Layer (SSL).

Node connects master, master analyzes what configuration and how it can be applied to the node. After analysis, master collects resources and configurations, compiles and makes a catalog, and sends it to the agent of the node. After applying the configuration, the agent submits the report of configuration that was applied to the master server.

Q #4) Describe the Puppet Module.

Answer: Modules are basic building blocks of the puppet in a directory structure that contains classes, tasks, functions, resource providers and their types, and plug-ins like facts or custom types. It is mandatory to have modules installed in the puppet module path. These modules are used to manage tasks such as installation or configuration of software on to system or server.

Click here for available readymade modules.

Q #5) What is Catalog in Puppet?

Answer: Catalog is a document with state details of each resource master that manages on the node. Master compiles a catalog and sends back to the agent. It has data provided by agent at the node, external data, and details related to puppet manifests.

Q #6) Define Classes in Puppet.

Answer: Classes are blocks of code, invoked by their names, present in modules. Classes are used for the functionality of all packages, services, and configuration files needed to run an application. These can be added into the node’s catalog in two possible ways, i.e. declaring these classes in manifests or by assigning from external node classifier.

Classes can be declared in manifest in the following two ways:

Using include class_name OR using class { ‘classname’ : }

Puppet Class structure is explained in figure below:

class structure

Q #7) What is Manifest in Puppet?

Answer: All Puppet programs written in Ruby programming language and saved with an extension of .pp, and are built with an intension of creating and managing any host machine in target are called a Manifest.

It contains Files (puppet selects and moves these files to a target location), Templates (used to create configuration files on the node), Nodes (client node related definitions are described at nodes), Resources, and Classes.

Q #8) Describe in detail about Facter in Puppet.

Answer: Facter is a system-profiling cross-platform library that discovers and reports per-node system information known as facts present as variable with values in the key-value format in manifests.

Facters and Facts are available across Puppet code as global variables, they can be used in code without any reference at any point, any place in the code. Facter is a library that identifies the details of the facts that may contain the operating system being used, SSH keys, IP address, verification for the virtual machine or not, MAC addresses, etc.

Various fact types used are explained below:

  • Core Facts: These are information on resources such as cloud, disks, memory, OS, path, processors, and partitions. We can use the following command to view the complete list of facts and their corresponding values in key-value format.
    • $ run puppet facts
  • Custom Facts: Using export FACTER {fact’s_name} we can add Custom Facts to the node. These facts are customized in order to attend specific requirements by DevOps.
  • External Facts: To apply facts at the provisioning stage, we can use external facts, apply metadata to virtual machines at AWS, OpenStack cloud providers.

Q #9) What do you mean by Puppet Kick?

Answer: Puppet Kick deprecated in the current version is a utility that triggers agent from the master. As per Ubuntu manuals, ‘puppet kick’ is a script to be run as root to access Secure Sockets Layer (SSL) certificates, connect set of machines that run the agent, and trigger them to run their configurations.

In addition, this command also looks up in Lightweight Directory Access Protocol (LDAP), for hosts matching that configuration, connects with each of them and triggers to run their configuration. In order to kick work, the agent should identify and sense for incoming connections and should have access to permission to run endpoints.

Q #10) Describe functionality of MCollective in Puppet.

Answer: MCollective or Marionette Collective is a framework for creating automated coordination, management, and arrangement of complex infrastructure i.e. Systems and Servers known as Orchestration. Administrative tasks on clusters of servers can be automatically executed using MCollective.

Their components are Servers, Clients, and Middleware. Using MCollective commands we can query the value of facts, start and stop services, start configuration tool itself, as well as query and update software.

Q #11) What is special about Puppet’s model-driven design?

Answer: Previously system administrators were following series of steps to configure and manage infrastructure, which comprises multiple groups of systems and servers. In a model-driven design approach, Puppet, which is an automated code written in Ruby, contains all the configuration details that are compiled into a catalog.

This catalog is sent to every node and shares resources, values, and their relations, the required modification of configuration is made for failed systems to reinstate them back to normal running state.

Q #12) Give a few use cases for Puppet.

Answer: Puppet is used to manage and standardize infrastructure deployment.

Requirement: Startup Company has moved its infrastructure to Cloud service providers such as Amazon web server or Google Cloud services. End User is responsible for the creation, standardization, and maintenance of systems and servers on different platforms, applications, and services and wants to install and use Puppet to ease their task.

Scenario 1: Administrators utilize tools for standardizing their servers and systems, like the creation of a manifest file which has steps written in configuration code to build their new server.

For example,

  • Installation of the operating system, say Linux.
  • Verifying Linux disc space using software File light, or DUC.
  • Installing Java.
  • Installing Tomcat.
  • Installing SQL server as RDBMS.
  • Installing patch for an application to be built and tested for software development trainee.

Scenario 2: Creation of file, listing all the above steps in manifest, which can be run using puppet command to perform the steps automatically mentioned in manifest file. This way standardization of steps is followed while deploying new system using manifest and command.

Scenario 3: Manifest created will be utilized to build Cloud server through the API so that all the manual tasks can be automatically done.

Q #13) Explain the “etckeeper-commit-post” and “etckeeper-commit-pre” commands.

Answer: Following is the difference between both the commands

  • etckeeper-commit-post is a command written in the configuration file, which can be executed after pushing configuration on the agent.
  • etckeeper-commit-pre is a command written in the configuration file, which can be executed before pushing configuration on the agent.

Q #14) List characters that are allowed in a class name, module name, and identifiers?

Answer: Following are acceptable characters while declaring the Class name and Module name:

  • Must begin with a lowercase letter.
  • Can include lowercase letters, digits, and underscores.
  • Scope Resolution Operator i.e. “::” are namespace separator in class name definition.

With Variable name, characters accepted are as mentioned below:

  • Can begin with uppercase and lowercase letters.
  • May contain numerals and underscores (‘_’).
  • If the first character is an underscore, then the variable can only be accessible from its own local scope.
  • Variables are case sensitive.

Q #15) What to expect if you don’t sign a Contributor License Agreement?

Answer: It is a mandatory condition to sign a Contributor License Agreement (CLA) for code contributors to Puppet or Facter, without which their code cannot be accepted. To find and download Puppet or Facter code written in Ruby, the user should log in to their GitHub account and sign an agreement.

Q #16) Explain the importance and location of codedir in Puppet?

Answer: codedir is used by Master and apply command, but not by the agent. It is the main directory for data and code that uses an environment containing manifests and modules, global module directory, and Hiera data and configuration.

This codedir is located at following local directories

In case of Windows: C:\ProgramData\PuppetLabs\puppet\etc

Whereas for Linux: /etc/dir/PuppetLabs/code

Q #17) Describe Hiera.

Answer: Hiera is a lookup system for configuration data in key-value format. It helps in retrieving data from Puppet code. This code utilizes this system for explicit parameter lookup calls for classes from a catalog. This system uses Puppet’s facts to identify data sources. Its 5th version supports data files in JSON, YAML, and EYAML formats.

It searches configuration data in three independent layers of configuration starting from global then environment and finally module layer of configuration.

Q #18) Describe Virtual Resources in Puppet.

Answer: During the Puppet setup, duplicated resource declaration error occurs in case the same resource is used more than once. This tool resolves this issue by introducing a virtual resource. Declaring virtual resource makes its resource available to collectors and realizes function. As well manages state when the resource is realized.

You can find unrealized virtual resources marked inactive included in the catalog. Virtual resources are applied for management of resources whose multiple conditions across classes are met and for overlapped resource sets by multiple classes.

Q #19) Describe module-path.

Answer: Master service and with puppet apply command where Puppet manifests are applied locally, load their content from modules (installed in the puppet modulepath) from one or more of the directories. It is the ordered list of directories searched for modules by Puppet. These directories from modulepath list are separated by a separator character.

In Linux, it is colon (:) and in Windows, it is semi-colon (;).

Q #20) Give details about base modulepath.

Answer: Global module directories list is the base modulepath for applying with all the environments, configured with base modulepath setting, with default value as below:

In case of Linux: $codedir/modules:/opt/puppetlabs/puppet/modules

In case of Windows: $codedir\modules

Q #21) Describe about Cache directory in Puppet.

Answer: Puppet during normal operations, stores generated data in a cache directory called vardir. This data can be mined for analysis. In case of agent and apply command, Cache directory can be found at one of the following locations:

In case of Windows, it is C:\programed\PuppetLabs\puppet\cache

Whereas in Linux it is /opt/puppetlabs/puppet/cache, alternatively, using –vardir option at the command line, will specify puppet cache directory location. We can change the location of vardir files and directories, by changing puppet.conf settings.

Q #22) Explain about “Environments” in Puppet.

Answer: Environment is a logical distribution that separates modules and manifests into separate sections or folders for nodes in order to get bit of code depending on which environment node belongs to, it is statically set in puppet.conf. It is a feature to divide infrastructure configuration into environments Admin can use a single master to serve multiple isolated configurations.

environment structure

Q #23) Describe Resources in Puppet.

Answer: Puppet Resources uses build, design, and manage system or server infrastructure. This tool has multiple types of resources to build and define new resources to define system architecture. Puppet code block in the manifest file (resource declaration) is created using Declarative Modeling Language (DML).

It contains Resource Type, Resource Parameter, Attributes, and Values.


Q #24) Explain types of resources in Puppet.

Answer: Puppet managed system components are analyzed with the help of resource types. Few common resource types are group, package, user, file, and service.

There are two types of resources, built-in types and custom types. Some of the built-in resource types are group, package, user, file, and service. You can find custom types distributed in puppet modules referred from

Q #25) Explain Node Definition in Puppet.

Answer: Node definition or statement is a puppet code block that matches with node’s catalog. It allows the assignment of a specific configuration to the affected node.

Their syntax looks similar to that of class definitions with node keyword, node definition name, opening curly brace, a mixture of class and resource declarations, collectors, variables, conditional statements, functions, and chaining relationships, finally a closing curly brace.

Q #26) Describe functions in Puppet.

Answer: Puppet Functions are plug-ins that are used during catalog compilation. Function call by manifest makes function run and return value and modifies the catalog as a side effect.

One can create their own functions that accept arguments through parameters to transform data and construct values. These are plug-ins or expressions called in order to resolve to value and can either be a built-in or customized.

Q #27) Give examples to configure systems using Puppet

Answer: Some examples to the system configured with puppet are listed below:

  • Manage NTP service: Network Time Protocol (NTP) is the most essential services that can be managed and configured using puppet, to synchronize time all across nodes.
  • Manage Sudo privileges: Sudo command on your agents will identify system users with elevated access privileges.
  • Manage a DNS name server file: Name server that maps IP addresses understood by computers with human-readable URLs can be managed using this configuration tool.
  • Manage firewall rules: Various rules and policy like application ports (TCP/UDP), network ports, IP address, and access-deny statements can be designed with firewall, with tool’s firewall policies can be managed.

Q #28) Describe main or site manifest in puppet.

Answer: Agent sends state of resources called facts to master, based on the information received. Master will compile catalog in the form of a single manifest file, known as main or site manifest. The master utilizes the main manifest file, either a single or directory of .pp files, configured by the current node’s environment, which with help of manifest setting in environment.conf, determines the main manifest.

Q #29) What do you mean by puppet apply?

Answer: Puppet apply is a standalone execution command for apply to individual manifest. This code when applied to modulepath via command line or config file, acts like catalog. ‘puppet apply’ is a command-line code for applying a configuration.

Q #30) List companies that use Puppet.

Answer: Few multinational enterprise organizations that use Puppet in their infrastructure management and configuration are:

  • KPN – Dutch landline and mobile telecommunications company, Netherlands
  • CERN – European Organization for Nuclear Research
  • Aegon UK – financial services provider
  • NYSE – New York Stock Exchange
  • ICE – Intercontinental Exchange
  • ANZ Bank
  • Cisco
  • Splunk
  • Google

Q #31) Explain what pre-installation preparations you will require before installing Puppet Open Source.

Answer: There are some preparations and requirements before installing Puppet Open Source

  • Selection of server as the master.
  • Validate servers and network are ready and prepared for installation with the following instructions:
    • Selection of deployment type for the selected server. We can use Docker compose based stack–puppet ware or in case you already have Docker, then clone the repo.
    • run docker-compose up command
  • Installing agents
  • Once Puppet Server is configured, we need to install the agent package on node machine on which configuration management tool is needed.
    • Based on your operating system, you have Linux, OS X, and Microsoft Windows to select.
  • You can use NTP and sudoers to automate Puppet code for designing configuration.

Q #32) Explain Puppet Enterprise.

Answer: Puppet Enterprise is scalable across various teams, systems, on-premise, or over cloud servers, by implementing compliance policies and security along with configuration for on-premise and cloud migrating infrastructure with zero downtime.

It also generates reports on the status of code that are built, and information on who and what changes were made on an infrastructure code, trigger analysis checks on regular intervals on infrastructure to assess any impact before any incidence.

Q #33) Describe Puppet Remediate.

Answer: It scans the infrastructure and produces data on vulnerabilities in traceable and auditable formats to prioritize their resolutions. Remediate balances tools that assess vulnerabilities, and prioritize tasks that need immediate resolution, attends such tasks by running pre-built tasks like manage package, services or run the shell script and fix issues immediately.

Q #34) Explain the working of Puppet Relay.

Answer: Puppet Relay monitors your infrastructure and runs automation scripts that not only trigger alerts in case of any incidents using APIs, DevOps tools available by connecting on-premise or cloud connected systems but resets instance using default configuration details present in catalogs from the manifest and finally inform the team of the instance.

Q #35) What is Bolt?

Answer: Bolt automates coordination, management, and setup of computer systems and related services that were processed manually previously, and maintains the entire infrastructure of an organization.


Puppet is an automated configuration management tool for in-premise and virtual infrastructure which follows the client-server model, where one machine is master and other machines act as agent or nodes. Its main purpose is to manage resources on the server of your infrastructure. Resource is a code that manages characteristics of server like a user account or software content.

This configuration management tool gives us power to express server configuration in code to automatically manage your infrastructure.

We are sure this tutorial on Puppet interview questions will help you prepare for your upcoming interview.