puppet deep dive

1) How do you execute a master/node puppet run?
puppet agent –test, puppet agent -t

2) What is wrong with this manifest? # create_file.pp file { ‘/temp/some_file.txt’: mode => ‘0600’ owner => ‘root’, group = ‘root’, }
“ensure => file,” should be the first attribute., The mode attribute should end with a comma., The group attribute needs to use a hash rocket instead of a the equals sign.

3) How do your get a list all available resource types?
puppet describe list, puppet describe -l

4) What component does Puppet use to mange resource abstraction?
Resource Types

5) What two config settings are bare minimum needed in the puppet.conf on an agent node?
server, certname

6) What is the Puppet catalog?
It describes the desired state for each resource on a node.

7) Which one of these resource types is not valid?

8) If an environment is not specified in puppet.conf, what is the default environment?

9) Which command can you use to get information about a resource?
Puppet resource

10) Puppet agent will send a report to the puppet master with all facts and information about the node, this is the node object.

puppet config print modulepath –section master –environment test
sudo puppet config set <SETTING NAME> <VALUE> –section <CONFIG SECTION>

1) Which command is used to view all certificates “waiting” to be signed?
puppet cert list

2) What ports are required for the puppet agent to run, including the ability for orchestration management?
8140, 61613

3) To automate the configuration of a Puppet master, you could pass a pe.conf file to the puppet-enterprise-installer. To do this, which flags could you use?

4) What format does the pe.conf use to declare parameters and values?

5) After installing Puppet Enterprise a pe.conf is generated. Where is it located?

6) Where are the install logs located?

7) On an agent node, you must first sign the certificate before you can have a successful Puppet run.

8) What ports are required for the web-based installation of the Puppet master?

9) What is the primary Puppet service log file?

10) What is the name of the primary Puppet service?

11) In the pe.conf file, what key is used to set the DNS alternate names?
1) Which of the following is true about defined resource types?
They act like a new resource type., They are blocks of code that can be evaluated multiple times with different parameters., Definitions should be stored in the manifests/ directory.

2) It’s valid to have multiple classes or resource type definitions (defined types) in the same file in the manifests directory of the module.

3) Which of the following should be contained in the metadata.json file?
The module name., The module version., Which operating systems the module supports., The module’s author.

4) A soft tab is 8 space.

5) The chaining arrows accept the following kinds of operands:
Resource references, Resource declarations, Arrays of resource references

6) How do you declare a resource collector?
User <| groups ==’admin’ |>

7) Classes are singletons.

8) How would you assign a value to the ensure attribute for the file resource below?: file { ‘/temp/file.txt’: … }
ensure => file

9) Defined resource types are singletons.

10) Which of these conditional statements can return a value?
case, selector

11) Is this valid syntax for a selector conditional statement?: $file_mode = $facts[‘os’][‘family’] { ‘Debian’ => ‘0007’, ‘RedHat’ => ‘0776’, default => ‘0700’, }
It’s missing the “?” between $facts[‘os’][‘family’] and “{“. $file_mode = $facts[‘os’][‘family’] ? { ‘Debian’ => ‘0007’, ‘RedHat’ => ‘0776’, default => ‘0700’, }

12) Which of the following is true about using a function data provider?
The function ::data can be a Puppet manifest file or a Ruby function., It takes no arguments and returns a hash.

13) Ensure is always the first attribute of a Puppet resource type.

14) Each namespace segment for a class or defined type must begin with a lowercase letter and can include:
Lowercase letters, Underscores, Digits

15) In which version of Puppet is params.pp no longer used?

16) Which of the following functions will load the contents of an ERB template?
template, inline_template

17) Statements functions…
do not return arguments.

18) Which of the following is not a metaparameter?

19) The service resource will be applied before the package resource.\ Service[‘service_name’] <- Package[‘package_name’]

20) Every attribute and parameter must include trailing commas.
1) How many roles should be assigned to a node.
Only a single role should be assigned to a node.

2) Profiles can include other profiles.

3) Select all that apply. What are the benefits of using roles and profiles?
reliable, configurable, refactorable

4) What is a profile?
Wrapper classes that use multiple component modules to configure a layered technology stack.

5) Is this a valid role? lass role::lamp { include profile::base include profile::apache include profile::php include profile::mysql }

6) Is this a valid profile? class profiles::apache( String $apache_vhost_name, String $apache_vhost_docroot, String $apache_vhost_port = 80, ) { include ::apache apache::vhost { $apache_vhost_name: port => $apache_vhost_port, docroot => $apache_vhost_docroot, } }

7) Hiera or Puppet lookup should be used in a role.

8) You should avoid using conditional logic to decide profiles in a role.

9) When declaring a profile class, why do we use the include statement rather than a class declaration?
You want to make sure you can safely include any profile multiple times.

10) Roles should not set class parameters for any profiles.
Puppet Professional Practice Exam (PPT-204)
Practice Exam
Thank you for your interest in the Puppet Professional Certification! The following is a practice test designed to give you an idea of the types of questions you will find on the certification exam. Please note that this is not a reliable indicator of your anticipated performance on the certification exam.

Please provide an answer for each question and then click the submit button. Your practice test will be instantly scored and we will let you know your percentage of correct responses.
1. According to the Puppet Language Style Guide, which comment is correctly formatted?
// Configures Apache
# Configures Apache
/* Configures Apache */
; Configures Apache
2. According to the Puppet Language Style Guide, which string is correctly formatted?
3. Referring to the below exhibit, which resource change will correct the cyclical dependency?

class ssh {
package { ‘ssh’:
ensure => present,
require => Service[‘sshd’],

service { ‘sshd’:
ensure => running,
enable => true,
subscribe => File[‘/etc/ssh/sshd_config’],

file { ‘/etc/ssh/sshd_config’:
ensure => file,
mode => ‘0644’,
require => Package[‘ssh’],

package { ‘ssh’:
ensure => installed,
require => File[‘/etc/ssh/sshd_config’],
package { ‘ssh’:
ensure => installed,
service { ‘sshd’:
ensure => running,
enable => true,
before => Package[‘ssh’],
file { ‘/etc/ssh/sshd_config’:
ensure => file,
mode => ‘0644’,
before => Package[‘ssh’]
4. You want to create a new module from an existing module skeleton.

Which two commands will accomplish this task? (Choose two.)
puppet module generate exam\answers
puppet module generate exam-answers
puppet module generate exam=answers
puppet module generate exam/answers
5. You are writing a new class named apache::virtual_host.

Which module file path should contain this class definition?

Add apache/manifests/virtual_host/init.pp.
Add apache/manifests/virtual_host.pp.
Add apache/classes/virtual_host.pp.
Add apache/lib/classes/virtual_host.pp.
6. You have written a new module which depends on an existing java module to function properly.

How do you declare this dependency?

Add include java to your init.pp file.
Add import java anywhere in your module.
Add use java to your init.pp file.
Add module ‘java’ to your requirements.pp file.
7. Which two capabilities does the PuppetDB API provide the administrator? (Choose two.)
List the nodes that failed the most recent catalog run.
List the nodes that have been classified with the apache::vhost class.
Run Puppet on all nodes that have the kernel fact equal to Linux .
Return the live status of all nodes in the infrastructure.
8. When creating three Puppet master servers, you want to use round-robin DNS to balance Puppet agent requests between the three Puppet masters.

Which setting must be configured to accomplish this task?

9. Which two aspects set defined types apart from native types? (Choose two.)
Defined types do not have a built in concept of providers.
Native types are written in Ruby, defined types are written in Puppet.
Resource declarations of defined types do not have to be unique in a catalog.
Defined types do not have access to data generated by facter.
10. What defines the system commands to be used for inspection and enforcement of resources?
11. After installing a new Puppet agent, you want to establish trust between the new agent and the master.

Which two prerequisites must be met? (Choose two.)

Time must be correct on both master and agent.
The server port must be reachable from the agent.
The agent certificate must have dns_alt_names set correctly.
Auto-sign must be enabled.
12. The class profile::webserver is to be assigned to a node.

Which two class definitions would cause an error in catalog compilation? (Choose two.)

class profile::webserver {
contain apache
class { ‘apache’:
listen_address => ‘’,
class profile::webserver {
class { ‘apache’:
listen_address => ‘’,
include apache
class profile::webserver {
class { ‘apache’:
listen_address => ‘’,
contain apache
class profile::webserver {
include apache
class { ‘apache’:
listen_address => ‘’,
13. As your SaaS product becomes more popular, you find that manually assigning the dozen classes necessary to configure each application server node takes up more time. Your nodes have tokenized hostnames indicating their role, as well as a custom role fact.

Which three actions would simplify this process? (Choose three.)
Abstract the dozen classes with a single role-style wrapper class and assign this wrapper class to each node.
Use Mcollective to initiate a puppet run on all nodes, filtering based on your custom role fact.
Create a node definition in your default manifest that uses regex matching to declare the dozen classes for any node with an appropriately tokenized hostname.

Create a group in the Node Classifier with rules that match your application server nodes (based on your custom role fact) and use this group to assign the dozen classes automatically.

Reconfigure the puppet agent run mode on all of your agents to request catalogs from the SaaS environment.

14. A colleague has written a module to manage the installation and configuration of the backend components of an intranet software system. Someone else has written a module to manage the Web server and deploy the application code. You are asked to write a class which does the following:

— implements all prerequisite technology modules,
— retrieves data from an external data store, and
— injects the site-specific data into your colleagues’ modules.

According to Puppet best practices, what is the way to describe this type of class?

a resource class
a role class
a profile class
a component class
15. Which statement describes a purpose of role-based access control (RBAC) in Puppet Enterprise?

RBAC allows a Puppet master to look up data about a node in an external directory service such as LDAP or Active Directory.
RBAC allows for granular control over the data that nodes can access in PuppetDB.
RBAC allows for granular control over the amount of access users have to the Puppet Enterprise console.
RBAC allows for granular control over the amount of access users have to PuppetDB.

16. Which two types of data from reports are displayed by the Puppet Enterprise console? (Choose two.)

17. What are three types of data that PuppetDB stores? (Choose three.)
18. You would like to set the $parameter_one parameter of myclass using Hiera. Given the following Puppet code:

class myclass ($parameter_one = ‘text’) {
file {‘/tmp/foo’:
ensure => file,
content => $parameter_one,

How would you format this parameter definition within your Hiera data source?

myclass.parameter_one: “parameter set via Hiera”
$myclass::parameter_one = “parameter set via Hiera”
myclass::parameter_one: “parameter set via Hiera”
myclass[‘parameter_one’] = “parameter set via Hiera”
19. Refer to the exhibit below.

# hiera.yaml

– yaml
– “%{datacenter}/%{role}”
– “%{clientcert}”
– “%{environment}”
– global

:datadir: /etc/puppetlabs/code/environments/%{environment}/hieradata/
# /etc/puppetlabs/code/environments/production/hieradata/primarydc/ecommerce.yaml

mysql_location: ‘db-primary.puppet.com’
# /etc/puppetlabs/code/environments/production/hieradata/ecommerce1.puppet.com.yaml

mysql_location: ‘db-ecommerce.puppet.com’
# /etc/puppetlabs/code/environments/production/hieradata/production.yaml

mysql_location: ‘db-production-general.puppet.com’
# Facter Output
datacenter => primarydc
role => ecommerce

You have a node in the production environment with a certname of ecommerce1.puppet.com as shown in the exhibit.

Which value would be returned for this node, for the hiera call hiera(‘mysql_location’)?

20. Referring to the below exhibit.

Facter.add(:bootcmd) do
confine :kernel => ‘Linux’
setcode do
Facter::Core::Execution.exec(‘cat /proc/cmdline’)

Referring to the Ruby custom fact code shown in the exhibit, which result would you expect when running facter -p bootcmd in a Power Shell terminal on Windows
the text “/proc/cmdline”
command used to boot host
an error
Please tell us a bit about yourself.
First Name *This question is required.

Last Name *This question is required.


Organization *This question is required.

City *This question is required.

State/Providence *This question is required.


Email Address *This question is required.

21. How long have you used Puppet? *This question is required.
0 to 6 months
6 months to 1 year
1 to 2 years
3 to 4 years
4 + years
22. What title best describes your role in your organization? *This question is required.
System Administrator
Security Specialist
Systems Engineer
Network Operator
Network Engineer
Database Administrator
Database Analyst
IT Manager
Senior Manager
23. Which of the following do you or your organization use? *This question is required.
Puppet Enterprise
Puppet Open Source
We don’t use Puppet
24. What’s the state of the Puppet (or Puppet Enterprise) implementation in your organization? *This question is required.
No current plans to implement Puppet
Planning to implement Puppet in the next few months
Evaluating Puppet in a proof of concept
In the process of implementing Puppet
Puppet is running in production
Puppet is in production and being actively expanded in scope and/or implemented by other teams
25. May Puppet contact you for future certification, marketing, and sales related purposes? *This question is required.
1) Which of the following is not a valid Hiera function?

2) Facts can be used in hiera.yaml.

3) What is Hiera?
A key/value datastore for looking up data.

4) Referencing the example below, is the data in common.yaml correct?
profile/manifest/apache.pp class
String $apache_vhost_name,
String $apache_vhost_docroot,
Bolean $apache_default_vhost = true,
String $apache_vhost_port = 8080,
) {
class { ‘apache’: default_vhost => $apache_default_vhost, }
apache::vhost { $apache_vhost_name:
port => $apache_vhost_port,
docroot => $apache_vhost_docroot, } }


profiles::apache::apache_vhost_name: “webserver.mylabserver.com”
profiles::apache::apache_vhost_docroot: “/var/www/html”
profiles::apache::apache_default_vhost: false
profiles::apache::apache_vhost_port: 80


5) Where can you find hiera.yaml?

6) Hiera lookups should be done in your profile.

7) For the hierarchy setting in hiera.yaml, the least specific goes at the top.

8) Hiera lookups should be done in your component modules.

9) Select the valid Hiera backends.

10) Reference the example below. Assuming the trusted certname is webserver.mylabserver.com, the environment is production and hieradata is the directory of your Hiera data , what would be the full path to the hiera data file for trusted certname? — :backends: – yaml :yaml: :datadir: “/etc/puppetlabs/code/environments/%{environment}/hieradata” :hierarchy: – “nodes/%{::trusted.certname}” – common


1) What command lets you test to see if Code Manager has been configured properly?
r10k deploy display –fetch

2) Node scope is code that is outside any class definition, type definition, or node definition exists at top scope. Variables and defaults declared at top scope are available everywhere.

3) Hashes map keys to values.

4) Which directory was removed from the Puppet module structure?

5) What command would be used to remove a certificate from the CA?
puppet cert revoke

6) What is Facter?
Puppet’s cross-platform system profiling library.

7) What is the top scope operator?

8) The puppet.conf file is Puppet’s main config file.

9) If you declare an explicit relationship between resources, it will override this default ordering.

10) What port is used by the Puppet master and agents to communicate?

11) All data types are of type Type.

12) Which service is used by the Puppet master server and manages the Puppet master component?

13) What is the pe.conf file?
A HOCON formatted file that declares parameters and values needed to install and configure Puppet Enterprise.

14) The -> and <- chaining arrows are used to refresh resources.

15) You can use r10k to manage your Puppet code instead of Code Manager.

16) Which port is used by Orchestration services?

17) Which of the following are built in report processors?
http, store

18) Which of the following is used for expression-printing in ERB template syntax?
<% = @value %>

19) Defined resource types are also called defined types or defines.

20) To declare an exported resource, prepend ____ to the resource type of a standard resource declaration

21) You must include trailing commas after all resource attributes and parameter definitions.

22) Certain resource types can have automatic relationships with other resources. Select these automatic relationships.
autorequire, autonotify

23) Which of the following are Core Data Types?
Array, Default

24) Hiera can be used to set node-specific data without repeating yourself.

25) Which of the follow are resource collector operators?
==, and

26) Hash rockets (=>) in a resource’s attribute/value list may be aligned.

27) Roles can include other roles.

28) Single quotes can contain variables.

29) Camel case is an expectable naming convention for variable names.

30) What is the Resource Abstraction Layer?
Describing/declaring the state of a resource., Providers enforce the desired state.

31) Arrays are ordered lists of key/values pairs.

32) How would you append [‘c’] to $variable = [‘a’, ‘b’]?
$variable += [‘c’]

33) When managing directories with the file resource type what must be set?

Correct answer
ensure => directory

34) These are valid variable names: $ThisIsAGoodVariableName $so-is-this

35) When configuring the your deployment user for Code Manager what group does the user need to be a member of?
Code Deployers role

36) It is acceptable to hardcode data in a profile.

37) If a name is not specified for a resource type it will use the resource type’s title.

38) Which of the following is not a conditional statement in Puppet’s DSL?
switch statement

39) Exported resources do not require catalog storage and searching to be enabled on your Puppet master.r

40) The unless statement can have a elsif and else clause.

41) Built-in resource types that can be refreshed.
service, exec

42) The create_resources function converts a hash into a set of resources and adds them to the catalog.

43) How many spaces is a soft tab?

44) Puppet applies resources in the order they’re declared in their manifest.

45) Which of the following metaparameters can be used to trigger a refresh?
notify, subscribe

46) Variables store values so they can be accessed later.

47) Resource collectors cannot be used in chaining statements.

48) YAML is not a valid Hiera backend.

49) Which of the follow is not an iteration function.

50) Which directory contains custom functions written in the Puppet language?

1) What is the default node_terminus in puppet.conf?

2) You have web01.mylabserver.com as a node definitions in site.pp; what will match first?

3) When using the built in Puppet classifier, where are classes defined?
Class can be assigned to node group in the PE console.

4) To use Hiera as your ENC, what mush be included in the default node definition?

5) ENCs can co-exist with standard node definitions in site.pp.
1) On the PE console, where would you find Facts about a node?
On the Facts tab of the node details page.

2) Which steps below are valid for removing a node from the Puppet master?
puppet node purge , puppet agent -t, service pe-puppetserver restart

3) Using puppet master –configprint certname will print out the first occurrence of certname found in puppet.conf.

4) The puppet resource command can be used to view a resource on a node as well as configure a resource on a node.

5) When troubleshooting Puppet Enterprise what ports should you check to make sure are accessible?
8140, 61613, 443

6) When removing a node from the Puppet master what should you do first?
Stop the puppet service on the node being removed.

7) What is RBAC used to manage?
Types, Permissions and Objects

8) A node is having issues connecting to the Puppet master. Which port should you try telnetting to?

9) What is config retrieval on the viewing node reports?
How long it took to retrieve the node’s configuration.
1) What is the purpose of the Puppetfile?
To define what modules will be deployed to the Puppet master.

2) What component does Code Manager use to deploy code on to your Puppet master?

3) When using Code Manager, what file defines the path to the environments directory?

4) You should use r10k over Code Manager.

5) What is the default branch of the control repository?

6) Is this a valid entry for the Puppetfile? — mod: -module: ‘apache’ – git: ‘https://github.com/puppetlabs/puppetlabs-apache.git&#8217; -ref: ‘master’

7) Which class is used to configure Code Manager?

8) The control repository can be used to manage Hiera data.

9) What is the command to deploy Puppet modules using code management?
puppet-code deploy –all -w

10) The control repository is used by Code Manger to deploy Puppet modules on to your Puppet master.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s