MQ-Jr
MQ-Jr
unixcop Admin

How to install Puppet on RHEL 8/CentOS 8

- Advertisement -

In this tutorial, we will show you how to install Puppet on RHEL 8/CentOS 8.

Introduction

Puppet is a software configuration management tool which includes its own declarative language to describe system configuration. It is a model-driven solution that requires limited programming knowledge to use.

Puppet is available for Linux, Mac, BSD, Solaris, and Windows operating systems. It is written in “Ruby” language and released under Apache License.

Installation of puppet-server

Just follow the steps below to get started

  • Add puppet repository
rpm -Uvh https://yum.puppet.com/puppet6-release-el-8.noarch.rpm
  • Install Puppet server
dnf install -y puppetserver
  • Change the memory allocation value based on the number of nodes connected to it. for example I will allocate 512MB of memory.
  • Edit the puppetserver config file as follows:
vim /etc/sysconfig/puppetserver

Change the value.

From:

JAVA_ARGS="-Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
- Advertisement -

To:

JAVA_ARGS="-Xms512m -Xmx512m -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
  • Configure Puppet Server

The Puppet’s configuration file consists of two sections named [master] and [main] for Pupper server and agent.

vim /etc/puppetlabs/puppet/puppet.conf
  • Modify the file according to your environment. Puppet agents can use any of the host-names mentioned in the dns_alt_names to connect with the Puppet server.
# Pupper Server Configuration
[master]
dns_alt_names = puppetserver,puppetserver.unixcop.com

# Puppet Agent Configuration
[main]
certname = puppetserver.unixcop.com
server = puppetserver.unixcop.com
runinterval = 30m

From above, the server is puppetserver.unixcop.com and certname is my client hostname (client.unixcop.com).

  • Generate the root and signing CA for Puppet Server.
puppetserver ca setup
Output:

Generation succeeded. Find your files in /etc/puppetlabs/puppet/ssl/ca

NOTE: If you get puppetserver: command not found, run source /etc/profile.d/puppet-agent.sh in the terminal or log out from the current session and log in back.

  • Start and enable the Puppet Server.
systemctl start puppetserver
systemctl enable puppetserver
  • Configure the firewall to let agents can connect to the puppet master. as the puppet server listen port is 8140
firewall-cmd --permanent --add-port=8140/tcp
firewall-cmd --reload

Install Puppet Agent

Just follow the steps below to get started

  • Add the puppet repository on all the nodes.
rpm -Uvh https://yum.puppet.com/puppet6-release-el-8.noarch.rpm
  • Install the puppet agent on your client using the below command.COPY
dnf install -y puppet-agent
  • Edit the puppet configuration file and set the Puppet server information.
vim /etc/puppetlabs/puppet/puppet.conf

Set like below.

[main]
server = puppetserver.unixcop.com
certname = client.unixcop.com
runinterval = 20m

  • Start puppet agent on the node and make it start automatically on system boot.
puppet resource service puppet ensure=running enable=true
Output:

Notice: /Service[puppet]/ensure: ensure changed 'stopped' to 'running'
service { 'puppet':
  ensure   => 'running',
  enable   => 'true',
  provider => 'systemd',
}

NOTE: If you get puppet: command not found, run source /etc/profile.d/puppet-agent.sh in the terminal or log out from the current session and log in back.

  • Agent nodes will request certificates for the first time if they attempt to run.
  • Run the below command on the agent node to make an initial connection.
puppet agent -t
  • Log into the Pupper server and run puppetserver ca list command to view outstanding requests.
puppetserver ca list
  • Run puppet cert sign command to sign a request.
puppetserver ca sign --certname client.unixcop.com
Output:

Successfully signed certificate request for client.unixcop.com

The Puppet server can now communicate to the client machine and control the node.

  • If you have multiple signing requests from nodes, you can sign all the requests in one command.
puppetserver ca sign --all
  • List all of the signed and unsigned requests.
puppetserver ca list --all
  • Run the following command on the client machine to test the server
puppet agent --test
Output:

Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Caching catalog for client.unixcop.com
Info: Applying configuration version '3599283484'
Notice: Applied catalog in 0.03 seconds

Conclusion

That’s all.

In this guide, we illustrated how to install Puppet on CentOS 8 / RHEL 8.

Thanks

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

Join us on Facebook

x