Puppet Executables
All Puppet executables share the majority of their configuration parameters, whose documentation you can see at the ConfigurationReference. These parameters can all be used like normal getopt parameters (e.g., puppet --confdir <dir>), or they can be put into the executable-specific configuration file. Each executable will look for a configuration file in its confdir with the executable name plus .conf. Note that the executable name is determined from $0, so if you create your own copy of an executable the configuration file name will change.
puppet
A stand-alone interpreter that will directly apply Puppet manifests. It is useful for stand-alone manifests, or it can be used to cause Puppet to behave similarly to cfengine (e.g., you can pull your manifests down however you want, including with Puppet, and then apply them locally like cfengine does).
puppetca
A script for manipulating certificates. It is largely used for signing certificate requests. Usually needs to run as root.
puppetd
Puppet's agent. It does not know how to find or compile manifests and is only useful for contacting a central server. Note that there are multiple clients that can be loaded within this agent, and the agent can listen for incoming connections. If you start it with --listen, by default it will accept triggers from puppetrun, but puppetd will refuse to start if listen is enabled and it has no namespaceauth.conf file. It can load other handlers; check its documentation for more detail.
puppetdoc
A tool that extracts the embedded documentation from the Puppet code and creates the various reference documents. This is mostly a Reductive Labs internal tool for generating the online references.
puppetmasterd
The central server. Listens for incoming connections from puppetd (or other clients). By default it loads a file server, certificate authority, and configuration compiler.
puppetrun
A simple script for triggering runs on agents. Mostly relies on specifying each host you want to trigger, but if your node information is stored in LDAP, you can trigger host classes. Note that the user running puppetrun needs read access to a certificate, so you either need to generate a user certificate or run it as root.
