Downloading Puppet¶

• The latest stable release is 2.7.13
• The latest maintenance release is 2.6.16

We recommend you always use the stable version for production environments.

There are Release Notes that detail the major feature and language changes between versions. We recommend you read this if upgrading Puppet from an earlier version.

There is also a Development/Code Names .

• Tarball
• Puppet
• Puppet Dashboard
• Facter
• Ruby Gems
• Puppet
• Facter
• Other Packages
• Apple Mac OS X Packages
• ArchLinux Packages
• Debian Packages
• FreeBSD Packages
• Gentoo Packages
• Mandriva Packages
• NetBSD Packages
• OpenBSD Packages
• RPM Packages
• SuSE Packages
• Solaris and OpenSolaris Packages
• Ubuntu Packages
• Install From Source
• Verifying Puppet Downloads
• Import the release signing key
• Verifying the fingerprint
• Verifying the puppet releases

Tarball¶

Puppet¶

• Stable Release- Puppet 2.7.13 (tar+gzip) (signature)

• Maintenance Release – Puppet 2.6.16(tar+gzip) (signature)

Puppet Dashboard¶

• Stable

  • Puppet Dashboard 1.2.7 (tar+gzip) (signature)

• DEB Packages are available at our APT repository

• RPM Packages are available at our YUM repository

Facter¶

• Stable Release – Facter 1.6.7 (tar+gzip) (signature)

Ruby Gems¶

Puppet¶

Puppet is available via RubyGems.

Facter¶

Facter is available via RubyGems.

Other Packages¶

Apple Mac OS X Packages¶

Apple Mac OS X packages are provided by Puppet Labs at: http://downloads.puppetlabs.com/mac

Alternatively, OS X packages are available through MacPorts.

ArchLinux Packages¶

ArchLinux now contains packages for Puppet and Facter. You can find ArchLinux Puppet and ArchLinux Facter packages in the ArchLinux AUR.

Debian Packages¶

Debian packages are available from the Debian Packages site.

FreeBSD Packages¶

Puppet is included in FreeBSD’s ports tree, and packages are available in the appropriate FreeBSD ports collection.

Gentoo Packages¶

Thanks to José González Gómez, Puppet is now officially in Portage.

Mandriva Packages¶

Mandriva packages are available from the Mandriva contrib repository.

NetBSD Packages¶

Puppet is included in NetBSD’s ports tree, and packages are available in the appropriate NetBSD ports collection.

OpenBSD Packages¶

Puppet is included in OpenBSD’s ports tree, and packages are available in the appropriate packages directory on OpenBSD mirrors. Some unofficial (but more recent) packages are provided as is for a limited set of OpenBSD releases and architectures on openbsd.glei.ch.

RPM Packages¶

Puppet is available in RPM form as part of Fedora and EPEL. A simple yum install puppet or yum install puppet-server on such systems should be all you need. EPEL users should be aware that EPEL only moves packages from testing to stable repositories very infrequently – if you are on RHEL or CentOS, you might have to enable the epel-testing repository to get the very latest version of puppet.

SuSE Packages¶

Martin Vuk has set up the SuSE build service to create Puppet and Facter SuSE packages. Older versions of Puppet can still be retrieved from Martin’s old yum repository.

More recent versions of Puppet are part of the standard OpenSUSE release .

Solaris and OpenSolaris Packages¶

There are OpenSolaris pkgs from Code Nursery, plus SysV packages for regular Solaris from Blastwave and OpenCSW. More details on our Puppet Solaris page.

Ubuntu Packages¶

Ubuntu packages are available from the Ubuntu Packages site.

Install From Source¶

If you’re interested in developing your own extensions for Puppet, or you’d like to contribute to the project — or even if you just prefer to build straight from the tree — we’ve got a public Git repository for the project. Use git clone git://github.com/puppetlabs/puppet to check out the code, then run sudo ./install.rb from within the resulting repository. If you don’t have git installed, you can browse to a online Git repository instead.

You can also find some instructions for running Puppet Source.

Verifying Puppet Downloads¶

The releases for Puppet are OpenPGP-signed, which provides authentication that the released tarball has not been tampered with and really originated from the Puppet developers. This signature does not ensure that the Puppet Labs servers themselves have not been compromised, however if there is an intrusion, then we will revoke the key and publish that revocation certificate as quickly as possible.

Import the release signing key¶

To have a cryptographic verification of the release, you will want to import the Puppet Labs public key after verifying its integrity. This key is certified by several of the puppet developers, and should be available from the public keyservers. You can import it by doing the following:

$ gpg --recv-key 4BD6EC30
gpg: requesting key 4BD6EC30 from hkp server pool.sks-keyservers.net
gpg: key 4BD6EC30: public key "Puppet Labs Release Key <info@puppetlabs.com>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

Verifying the fingerprint¶

You should be able to verify the fingerprint like this:

$ gpg --list-key --fingerprint 4BD6EC30
pub   4096R/4BD6EC30 2010-07-10 [expires: 2012-07-09]
Key fingerprint = 47B3 20EB 4C7C 375A A9DA  E1A0 1054 B7A2 4BD6 EC30
 uid Puppet Labs Release Key (Puppet Labs Release Key) <info@puppetlabs.com>

You can also verify the fingerprints by doing this:

$ gpg --list-sigs 4BD6EC30

Verifying the puppet releases¶

Once you have properly verified this key, you can now use it to cryptographically verify the package integrity by doing the following:

Using GnuPG, verifying the release signature on a puppet tarball would look something like this:

$ gpg --verify puppet-2.6.12.tar.gz.asc puppet-2.6.12.tar.gz
gpg: Signature made Mon Oct  9 23:48:38 2000 PDT using DSA key ID 4BD6EC30
gpg: Good signature from "Puppet Labs Release Key <info@puppetlabs.com>"

If you have not taken the necessary steps to build a trust path, through the web of trust, to one of the signatures on the release key, you will see a warning similar to the following when you verify the signature:

Could not find a valid trust path to the key.
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

This is normal if you do not have a trust path to the key, do not be alarmed if you see this, the archive integrity is still verified, you just have no trust path to certify that the people signing the release key are who they say they are.

The current Puppet Labs Release key is:

http://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0x1054B7A24BD6EC30

This is the key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.10 (GNU/Linux)

mQINBEw3u0ABEAC1+aJQpU59fwZ4mxFjqNCgfZgDhONDSYQFMRnYC1dzBpJHzI6b
fUBQeaZ8rh6N4kZ+wq1eL86YDXkCt4sCvNTP0eF2XaOLbmxtV9bdpTIBep9bQiKg
5iZaz+brUZlFk/MyJ0Yz//VQ68N1uvXccmD6uxQsVO+gx7rnarg/BGuCNaVtGwy+
S98g8Begwxs9JmGa8pMCcSxtC7fAfAEZ02cYyrw5KfBvFI3cHDdBqrEJQKwKeLKY
GHK3+H1TM4ZMxPsLuR/XKCbvTyl+OCPxU2OxPjufAxLlr8BWUzgJv6ztPe9imqpH
Ppp3KuLFNorjPqWY5jSgKl94W/CO2x591e++a1PhwUn7iVUwVVe+mOEWnK5+Fd0v
VMQebYCXS+3dNf6gxSvhz8etpw20T9Ytg4EdhLvCJRV/pYlqhcq+E9le1jFOHOc0
Nc5FQweUtHGaNVyn8S1hvnvWJBMxpXq+Bezfk3X8PhPT/l9O2lLFOOO08jo0OYiI
wrjhMQQOOSZOb3vBRvBZNnnxPrcdjUUm/9cVB8VcgI5KFhG7hmMCwH70tpUWcZCN
NlI1wj/PJ7Tlxjy44f1o4CQ5FxuozkiITJvh9CTg+k3wEmiaGz65w9jRl9ny2gEl
f4CR5+ba+w2dpuDeMwiHJIs5JsGyJjmA5/0xytB7QvgMs2q25vWhygsmUQARAQAB
tEdQdXBwZXQgTGFicyBSZWxlYXNlIEtleSAoUHVwcGV0IExhYnMgUmVsZWFzZSBL
ZXkpIDxpbmZvQHB1cHBldGxhYnMuY29tPokCPgQTAQIAKAUCTDe7QAIbAwUJA8Jn
AAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQEFS3okvW7DAZaw//aLmE/eob
pXpIUVyCUWQxEvPtM/h/SAJsG3KoHN9u216ews+UHsL/7F91ceVXQQdD2e8CtYWF
eLNM0RSM9i/KM60g4CvIQlmNqdqhi1HsgGqInZ72/XLAXun0gabfC36rLww2kel+
aMpRf58SrSuskY321NnMEJl4OsHV2hfNtAIgw2e/zm9RhoMpGKxoHZCvFhnP7u2M
2wMq7iNDDWb6dVsLpzdlVf242zCbubPCxxQXOpA56rzkUPuJ85mdVw4i19oPIFIZ
VL5owit1SxCOxBg4b8oaMS36hEl3qtZG834rtLfcqAmqjhx6aJuJLOAYN84QjDEU
3NI5IfNRMvluIeTcD4Dt5FCYahN045tW1Rc6s5GAR8RW45GYwQDzG+kkkeeGxwEh
qCW7nOHuwZIoVJufNhd28UFn83KGJHCQt4NBBr3K5TcY6bDQEIrpSplWSDBbd3p1
IaoZY1WSDdP9OTVOSbsz0JiglWmUWGWCdd/CMSW/D7/3VUOJOYRDwptvtSYcjJc8
1UV+1zB+rt5La/OWe4UOORD+jU1ATijQEaFYxBbqBBkFboAEXq9btRQyegqk+eVp
HhzacP5NYFTMThvHuTapNytcCso5au/cMywqCgY1DfcMJyjocu4bCtrAd6w4kGKN
MUdwNDYQulHZDI+UjJInhramyngdzZLjdeE=
=jdYz
-----END PGP PUBLIC KEY BLOCK-----

The previous Reductive Labs Release OpenPGP key is:

http://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0xFFAC86588347A27F

This is the key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (GNU/Linux)

mQINBEr+DxIBEADFFFotx3lUGwOTvUu2jrJjD4DNBGKHBAkxyC9vf8UhWBIWN0Pm
yU/6Ior7qbYBNdorEdMHswvq3wdoioBeR3c0LJMlYLzRb7LG+2c1sRE2VC1QLbGe
DJuFMGscDIbF2GAb61lxk4S5qhKvL8ttqUwcQ/ZyUDaraaTHF9bJgdsIZ3Kt9dDO
SNunfmMM5yw/Nt5D6/guotJJRO24v3fb9mioA9kKhE1WOqDPK0OfVcK+k4cZ2TPJ
i8NngZQRd5P/KxMH043BC/GnetSpC2zWQ29AuWXvkFVIoRorme2trNVIajU4cr7G
THwbAb4IdFoxkAD3NC+oB/jz25zgaRxbA19QunYC69CPTkTGl2st3+4TjM4xMcYH
dr9oK7pq19d4SiXNU/qLPlCuK6z2QtcryiiXgi1ki/IkpO8b2Q3Cwc0oUW6Q8G2X
CaVkouM5/qJliNx9IA7WbK+4V3imcmJ+pbujQhKjxnuxd0Zt6vRUWZ7z9/2ybgyC
GM0pCZZ46bA3dddx84/9u8qI8Uv5Dg46fKppF2v1Ctv7ot0lJIhYMioTXG6deFDT
VqvSJ3fH6apkpDrweoc3ixI1sZ2eSmTLZKnIv2uWB2p7HJZj8aPvUPgRWqfIM/J/
APIckFrLZ7BfIcfGs/Eq1iPzDBGfLWGEhbx8ZzEJ4k3q8ykjHpJ4sxz0LQARAQAB
tDNSZWR1Y3RpdmUgTGFicyBSZWxlYXNlIEtleSA8aW5mb0ByZWR1Y3RpdmVsYWJz
LmNvbT6JAjwEEwECACYFAkr+DxICGwMFCQPCZwAGCwkIBwMCBBUCCAMEFgIDAQIe
AQIXgAAKCRD/rIZYg0eif4upD/4kQPPFz44FUfawhNVcOsp2tFLX3fN6GVrdqGt4
x2gRv92DOI/8rLvfTBA4JRT7sKgFDfAZ7FPISNZf/7Swo9PbUc4UU0T/FP+bsj5w
tC+g2FuKfNSJqoQvG3XU6iRGmQpLkxpnzioJTJy682Fp7jUZPiZKxRqq467fG3cd
vrkNMT8SKt5gEnweVwn9wOOAEu36M7KNRM24tky40m4xdZHyXgk5QeZ22K0TVX3U
fIXIiNRvnkcdneHZabOase+g6jjaJuQ6JKTSC3Mf30HNWP5C26azDaCSME0GVr4a
O3MbzzKvVt7sbv+TVDGmsGFxT6lTuLOkOMoPudFDKKnmMXGxOtBUwSYDbHK+81/E
v/7dSX3bx4mHZAQt7S6cVg3PVIQeKs6vQwpPE3c58cymnL39zpviGILhCJKxWdBY
Kugv+DoDi1aYiPXhS3EgMssTS6mwpEfsD2C9zD9cUjICmIgP/nqYJqYigd0lwpfD
HjkHyGAC4hxFp5M+zNR/ByUQBaLdcu1sfHrpzBLnGh4kCqKN3K7If+Cq1yj76qrp
Q9/8QINkLTESQ5AGQWbuQ54YFG3+KWQTpFAHSlwlLnmrH5nKHWllq1fdW3vzIjFp
TpZGT+lTTzzk1BmVsTvI03AG7MOV0g7FQ95t0SZkDkQBMWcxiD48I262jxV8NQCR
5WceRw==
=3YhS
-----END PGP PUBLIC KEY BLOCK-----