Synopsis
--------
Retrieve the client configuration from the central puppet server and
apply it to the local host.

Currently must be run out periodically, using cron or something similar.


USAGE
=====
  puppetd  [-D|--daemonize|--no-daemonize] [-d|--debug] [--disable] [--enable]
      [-h|--help] [--fqdn ] [-l|--logdest syslog||console]
      [-o|--onetime] [--serve ] [-t|--test]
      [-V|--version] [-v|--verbose] [-w|--waitforcert ]


DESCRIPTION
===========
This is the main puppet client. Its job is to retrieve the local
machine's configuration from a remote server and apply it. In order to
successfully communicate with the remote server, the client must have a
certificate signed by a certificate authority that the server trusts;
the recommended method for this, at the moment, is to run a certificate
authority as part of the puppet server (which is the default). The
client will connect and request a signed certificate, and will continue
connecting until it receives one.

Once the client has a signed certificate, it will retrieve its
configuration and apply it.


USAGE NOTES
===========
+puppetd+ does its best to find a compromise between interactive use and
daemon use. Run with no arguments and no configuration, it will go into
the backgroun, attempt to get a signed certificate, and retrieve and
apply its configuration every 30 minutes.

Some flags are meant specifically for interactive use -- in particular,
+test+ and +tags+ are useful. +test+ enables verbose logging, causes the
daemon to stay in the foreground, exits if the server's configuration is
invalid (this happens if, for instance, you've left a syntax error on
the server), and exits after running the configuration once (rather than
hanging around as a long-running process).

+tags+ allows you to specify what portions of a configuration you want
to apply. Puppet elements are tagged with all of the class or definition
names that contain them, and you can use the +tags+ flag to specify one
of these names, causing only configuration elements contained within
that class or definition to be applied. This is very useful when you are
testing new configurations -- for instance, if you are just starting to
manage +ntpd+, you would put all of the new elements into an +ntpd+
class, and call puppet with +--tags ntpd+, which would only apply that
small portion of the configuration during your testing, rather than
applying the whole thing.


OPTIONS
=======
Note that any configuration parameter that's valid in the configuration
file is also a valid long argument. For example, 'server' is a valid
configuration parameter, so you can specify '--server ' as
an argument.

See the configuration file documentation at
http://reductivelabs.com/projects/puppet/reference/configref.html for
the full list of acceptable parameters. A commented list of all
configuration options can also be generated by running puppetd with
'--genconfig'.

daemonize:    Send the process into the background. This is the default.

no-daemonize: Do not send the process into the background.

debug:        Enable full debugging.

disable:      Disable working on the local system. This puts a lock file
              in place, causing +puppetd+ not to work on the system
              until the lock file is removed. This is useful if you are
              testing a configuration and do not want the central
              configuration to override the local state until everything
              is tested and committed.

+puppetd+ uses the same lock file while it is running, so no more than
one +puppetd+ process is working at a time.

+puppetd+ exits after executing this.

enable:       Enable working on the local system. This removes any lock
              file, causing +puppetd+ to start managing the local system
              again (although it will continue to use its normal
              scheduling, so it might not start for another half hour).

+puppetd+ exits after executing this.

fqdn:         Set the fully-qualified domain name of the client. This is
              only used for certificate purposes, but can be used to
              override the discovered hostname. If you need to use this
              flag, it is generally an indication of a setup problem.

help:         Print this help message

logdest:      Where to send messages. Choose between syslog, the
              console, and a log file. Defaults to sending messages to
              syslog, or the console if debugging or verbosity is
              enabled.

no-client:    Do not create a config client. This will cause the daemon
              to run without ever checking for its configuration
              automatically, and only makes sense when used in
              conjunction with --listen.

onetime:      Run the configuration once, rather than as a long-running
              daemon. This is useful for interactively running puppetd.

serve:        Start another type of server. By default, +puppetd+ will
              start a service handler that allows authenticated and
              authorized remote nodes to trigger the configuration to be
              pulled down and applied. You can specify any handler here
              that does not require configuration, e.g., filebucket, ca,
              or resource. The handlers are in
              +lib/puppet/network/handler+, and the names must match
              exactly, both in the call to +serve+ and in
              +namespaceauth.conf+.

test:         Enable the most common options used for testing. These are
              +onetime+, +verbose+, +ignorecache, and
              +no-usecacheonfailure+.

verbose:      Turn on verbose reporting.

version:      Print the puppet version number and exit.

waitforcert:  This option only matters for daemons that do not yet have
              certificates and it is enabled by default, with a value of
              120 (seconds). This causes +puppetd+ to connect to the
              server every 2 minutes and ask it to sign a certificate
              request. This is useful for the initial setup of a puppet
              client. You can turn off waiting for certificates by
              specifying a time of 0.


EXAMPLE
=======
  puppetd --server puppet.domain.com


AUTHOR
======
Luke Kanies


COPYRIGHT
=========
Copyright (c) 2005, 2006 Reductive Labs, LLC Licensed under the GNU
Public License