Go to main content

Developing System Services in Oracle® Solaris 11.4

Exit Print View

Updated: November 2020

Puppet Stencil Service

Puppet is a toolkit for managing the configuration of many systems. For information about using Puppet on Oracle Solaris, see Using Puppet to Perform Configuration Management in Oracle Solaris 11.4.

On Oracle Solaris, the Puppet application is managed by SMF.

High Level View of Puppet Services

When you install the system/management/puppet package, you get the following SMF service instances:

$ svcs puppet
STATE          STIME    FMRI
disabled        8:17:58 svc:/application/puppet:agent
disabled        8:17:58 svc:/application/puppet:main
disabled        8:17:58 svc:/application/puppet:master
disabled        8:17:58 svc:/application/puppet:user
online          8:36:42 svc:/application/puppet:upgrade
  • The master instance serves configuration to agents.

  • The agent instance controls configuration of a particular node.

  • The main instance holds shared configuration values.

  • The user instance is used by the puppet apply command, as well as many of the less common puppet subcommands.

  • The upgrade instance performs migration and cleanup steps if needed.

Puppet writes to log files in the following locations:

$ svcprop -p config/logdest puppet:master
$ svcprop -p config/logdest puppet:agent

Puppet Configuration File

Puppet expects to use a configuration file named /etc/puppetlabs/puppet/puppet.conf. The /usr/sbin/puppet application reads configuration information from /etc/puppetlabs/puppet/puppet.conf and not from properties set in the application/puppet service instances.

To provide the required configuration file, each puppet instance provides a configfile type property group. The configfile type property group tells the svcio utility to run and create the specified configuration file. The stencil file is used to write data from service property values to the configuration file in the correct format.

The following command shows all puppet service properties that are in a property group of type configfile. This output shows that all instances of the puppet service have the same configfile properties with the same values. Each puppet service instance provides the path to the configuration file, the mode of the configuration file, and the path to the stencil file.

$ svcprop -g configfile puppet

The following command shows the values set in the parent service:

$ svccfg -s puppet listprop puppet_stencil
puppet_stencil         configfile
puppet_stencil/mode    astring     0444
puppet_stencil/path    astring     /etc/puppetlabs/puppet/puppet.conf
puppet_stencil/stencil astring     puppet.stencil

If you run the following command for each instance, you see that the service instance properties are inherited from the parent service. The instances do not set custom values for any of these properties:

$ svccfg -s puppet:master listprop puppet_stencil

Though every instance specifies the same stencil file, stencil defines property groups are not used because every instance also specifies the same configuration file: Puppet expects to find all configuration in the one file, not in multiple configuration files. In addition, other services also use values from this puppet.conf configuration file.

If your site requires more instances, for example puppet:agent1 and puppet:agent2, add instances and customize property values and add properties for each instance as shown in Modifying the Puppet Configuration File.

Puppet Stencil File

The content of the stencil file tells you what properties and other information are written to the configuration file. The puppet.stencil path that is the value of the puppet_stencil/stencil property is relative to /lib/svc/stencils. The following is the content of the stencil file, /lib/svc/stencils/puppet.stencil:

# See puppet.conf(5) and http://docs.puppet.com/guides/configuring.html
# for details.
# service: puppet:main
# main is the global section used by all commands and services. It can be
# overridden by the other sections.
; walk the main instance and extract all properties from the config PG
$%/(svc:/$%s:(main)/:properties)/ {
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }

# service: puppet:master
# master is used by the Puppet master service and the Puppet cert command.
; walk the master instance and extract all properties from the config PG
$%/(svc:/$%s:(master)/:properties)/ {
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }

# service: puppet:agent
# agent is used by the Puppet agent service.
; walk the agent instance and extract all properties from the config PG
$%/(svc:/$%s:(agent)/:properties)/ {
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }

# service: puppet:user
# user is used by the Puppet apply command, as well as many of the less common
# Puppet subcommands.
; walk the user instance and extract all properties from the config PG
$%/(svc:/$%s:(user)/:properties)/ {
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }

Expressions used in this stencil file have the following meanings. See the smf_stencil(5) man page for more information.

Table 3  Expressions Used in Stencil Files
Service instance name: main, master, agent, user
Each property name in the specified property group, config

For example, given the following config property group properties, the following section in the stencil file produces the following block in the configuration file.

$ svcprop -p config puppet:main
config/confdir astring /etc/puppetlabs/puppet
config/rundir astring /var/run/puppetlabs
config/vardir astring /var/cache/puppetlabs

Stencil file:

$%/(svc:/$%s:(main)/:properties)/ {
$%/$%1/config/(.*)/ {
$%3 = $%{$%1/config/$%3} }

Configuration file:


confdir = /etc/puppetlabs/puppet
rundir = /var/run/puppetlabs
vardir = /var/cache/puppetlabs

Modifying the Puppet Configuration File

As you can see in Puppet Stencil File, all the property values in the config property group for each instance except puppet:upgrade are written to the configuration file. To modify the configuration file, modify property values in the config property group.

Configuration in the [main] block applies to both the agent and the master. For the Puppet master, agent, and user, configuration in the corresponding block overrides the same configuration in the [main] block.

The following commands show how to add configuration to your Puppet configuration file for the puppet:agent service instance.

$ svccfg -s puppet:agent
svc:/application/puppet:agent> setprop config/report=true
svc:/application/puppet:agent> setprop config/pluginsync=true
svc:/application/puppet:agent> refresh
svc:/application/puppet:agent> exit
$ svcadm restart puppet:agent

Following the restart, the /etc/puppetlabs/puppet/puppet.conf configuration file contains the following lines in the agent block:


logdest = /var/log/puppetlabs/puppet/puppet-agent.log
pluginsync = true
report = true

Similar commands can be used to remove properties and change property values. See Chapter 4, Configuring Services in Managing System Services in Oracle Solaris 11.4.