Install Puppet Master Server & Puppet Agent on Linux

This tutorial describes you step by step procedure to install puppet master server and puppet agent on Linux (RHEL7 / CentOS7).

How to Install PUPPET Master and Agent on RHEL7 / CentOS7


Our Lab Setup:
Description                     Master node                              Client node
Operating System             RHEL7 - 64 Bit                           RHEL7 - 64 Bit
Host Names                      puppet.learnitguide.net               client1.learnitguide.net
IP Address                        192.168.2.61                             192.168.2.62

Install Puppet Master Server & Puppet Agent on Linux

Use the following instructions to install and configure puppet master and puppet agent on RHEL7/CentOS7.

Prerequisites:
1. Make sure both server "puppet" and "client1" are accessible.
2. Make an entry of each host in /etc/hosts for name resolution on both nodes as below or Configure it in DNS to resolve the IP, if you use server name instead of IP address. Read also How to Configure DNS Server on Linux (RHEL7 / CentOS7). But we use IP Address for reference.

cat /etc/hosts
192.168.2.61 puppet.learnitguide.net puppet
192.168.2.62 client1.learnitguide.net client1

3. Disable firewall on both nodes if enabled to avoid any issues during the configurations.

systemctl stop firewalld ; systemctl disable firewalld

ALSO WATCH THIS PUPPET TUTORIAL VIDEO FREE ON OUR YOUTUBE CHANNEL


Step 1: Install puppetlabs repository on both nodes

Update the packages and install the puppetlabs repo using the below command.

yum -y update
yum -y install http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm

Once it is installed, you could see a repo file generated under /etc/yum.repos.d folder.

ll /etc/yum.repos.d/puppetlabs.repo
-rw-r--r-- 1 root root 1550 Sep  9 06:04 /etc/yum.repos.d/puppetlabs.repo

Step 2: Install required package on the master node "puppet"


[root @puppet ~]# yum -y install puppet-server

Step 3: Configure the puppet master server "puppet"

/etc/puppet/puppet.conf is the Puppet Configuration file, edit the file to define the friendly dns hostnames and certificate name for the puppet master node in the [main] section.

[main]
dns_alt_names = puppet, puppet.learnitguide.net
certname=puppet

Step 4: Generate the certificate from the puppet master node "puppet" 

After executing the below command to generate the certificate, press "CTRL + C" to cancel when you see the puppet version as below and start the "puppetmaster" service.

[root @puppet ~]# sudo -u puppet puppet master --no-daemonize --verbose
Info: Creating a new SSL key for ca
Info: Creating a new SSL certificate request for ca
Info: Certificate Request fingerprint (SHA256): 51:5A:EC:D2:85:10:47:C1:A7:C1:81:50:4F:52:EE:FB:AB:F0:CC:29:5D:15:E7:23:8F:BB:47:96:AD:51:05:AA
Notice: Signed certificate request for ca
Info: Creating a new certificate revocation list
Info: Creating a new SSL key for linux1
Info: csr_attributes file loading from /var/lib/puppet/.puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for linux1
Info: Certificate Request fingerprint (SHA256): B8:4D:FD:DE:D9:E0:DC:AA:07:66:B8:E6:86:13:E5:AC:A7:0A:87:46:36:B6:38:7C:7C:F9:42:3D:20:28:99:0A
Notice: linux1 has a waiting certificate request
Notice: Signed certificate request for linux1
Notice: Removing file Puppet::SSL::CertificateRequest linux1 at '/var/lib/puppet/.puppet/ssl/ca/requests/linux1.pem'
Notice: Removing file Puppet::SSL::CertificateRequest linux1 at '/var/lib/puppet/.puppet/ssl/certificate_requests/linux1.pem'
Notice: Starting Puppet master version 3.8.7
^CNotice: Caught INT; exiting

Start and enable the puppetmaster service.

[root @puppet ~]# systemctl start puppetmaster
[root @puppet ~]# systemctl enable puppetmaster

Step 5: Install Puppet agent packages on the client node "client1"


[root @client1 ~]# yum -y install puppet

Step 6: Configure the puppet agent on the client node "client1"

Again /etc/puppet/puppet.conf is the Puppet Configuration file, edit the file to define the puppet master node "puppet" in the [agent] section.

[agent]
server = puppet.learnitguide.net

Step 7: Generate the signing request certificate from the puppet agent node "client1"


[root @client1 ~]# puppet agent -t
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for client1.learnitguide.net
Info: Certificate Request fingerprint (SHA256): B7:B0:8D:55:08:D1:5A:2D:31:A6:AE:49:40:DA:30:F9:A2:03:37:F7:6A:DC:37:4E:35:B2:54:36:F0:75:3A:62
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled

Step 8: List the certificates to be signed from the puppet master node "puppet" and sign it.


[root@puppet ~]# puppet cert list
"client1.learnitguide.net" (SHA256) B7:B0:8D:55:08:D1:5A:2D:31:A6:AE:49:40:DA:30:F9:A2:03:37:F7:6A:DC:37:4E:35:B2:54:36:F0:75:3A:62

[root@puppet ~]# puppet cert sign client1.learnitguide.net
Notice: Signed certificate request for client1.learnitguide.net
Notice: Removing file Puppet::SSL::CertificateRequest client1.learnitguide.net at '/var/lib/puppet/ssl/ca/requests/client1.learnitguide.net.pem'

Start and enable the puppet agent service.

[root@client1 ~]# systemctl start puppet
[root@client1 ~]# systemctl enable puppet

Step 9: Verify the certificate signed properly with the puppet master node?


[root@client1 ~]# puppet agent --fingerprint
(SHA256) B7:B0:8D:55:08:D1:5A:2D:31:A6:AE:49:40:DA:30:F9:A2:03:37:F7:6A:DC:37:4E:35:B2:54:36:F0:75:3A:62

Thats all about Puppet master and puppet agent installation and configuration.

Support Us: Share with your friends and groups.

Stay connected with us on social networking sites, Thank you.

إرسال تعليق

0 تعليقات