Puppet Discovery consists of a number of components and services, each one running as an individual Docker container.

Puppet Discovery consists of a number of Docker containers.


The UI enables you to add sources, credentials, and run tasks on target hosts by initiating discovery API requests to the controller on port 9999 (HTTPS). To populate the dashboard and provide a high-level summary view of your infrastructure, the UI queries the data platform on port 8084 (HTTPS) for discovered resources.


The controller manages the discovery process by:
  • Authenticating each API request by validating the bearer token with pd_identity on port 5556 (HTTPS).

  • Retrieving source and host credentials from the vault on port 8200 (HTTPS).

  • Consuming the discovery and task API requests from the UI on port 9999 (HTTPS).

  • Dispatching discovery and task commands to the edge on port 8081 (GRPC).


The edge consumes the discovery API requests from the controller and invokes each source the user adds. It discovers resources and resource instances, executes ad hoc tasks on target hosts, and submits data to the data platform. The edge services consist of a set of pluggable providers that are determined by which sources are added.


The data platform is an ingest service implementation that processes discovered data from the edge on port 8082 (GRPC), and exposes the query API to the UI on port 8084.

Note: The pd_pdp container still exists within pd_net and it will eventually be phased out.

Additional components and services

The additional components and services that make up Puppet Discovery are:
  • pd_ingress: The nginx front end listening on port 8443 (HTTPS).

  • pd_export: The export service consumes API requests from the UI on port 9200 (HTTPS) and queries the data platform on port 8082 (GRPC).

  • pd_storage: The storage layer for discovered data which communicates with the pd_gopdp container on port 5432.

  • pd_licensing: Stores the user licensing information and is queried by the UI using the licensing API.

  • pd_identity: Generates the bearer token for the default user roles: admin and viewer.

  • pd_vault: The secure store for source and host credentials.

How helpful was this page?
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.