How to install Puppet Master Agent RHEL 7/ Centos 7

Puppet software is an opensource configuration management tool.  It runs on multiple platforms like Windows, VMWare, Mac, BSD and Linux. Using puppet we can manage all types of environments. Puppet package is developed by Puppet Labs in 2005. Puppet package is written in ruby. In this article we are going to see How to install Puppet Master Agent RHEL 7.

Hardware Requirements to install puppet Master

  • At least 4GB of RAM
  • Minimum 2 -4 processors to serve 1000 agents
  • Operating system should be any Unix-like OS
  • Puppet agent can be installed in any Operating system does not required much resource
  • Minimal Operating system installation is required
  • Internet is required to download packages
  • You must have root user / Super user access
  • Firewall Open ports 8140

Environment

  • Server (Puppet Master) IP Address: 192.168.4.27 RHEL 7 / Centos 7 OS
  • Puppet Agent IP Address: 192.168.4.10 RHEL 7 / Centos 7

Before going to install puppet Master we have to configure yum repository

Red Hat Enterprise Linux 7
[root@ArkIT ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm

Red Hat Enterprise Linux 6
[root@ArkIT ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm

Red Hat Enterprise Linux 5
[root@ArkIT ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-5.noarch.rpm

Installing RPM package 

[root@localhost ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
Retrieving https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
warning: /var/tmp/rpm-tmp.SoLuD0: Header V4 RSA/SHA512 Signature, key ID 4bd6ec30: NOKEY
Preparing... ################################# [100%]
Updating / installing...
 1:puppetlabs-release-22.0-2 ################################# [100%]

Install and start NTP service to sync time with time servers

[root@localhost yum.repos.d]# yum install ntp
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Resolving Dependencies
--> Running transaction check
---> Package ntp.x86_64 0:4.2.6p5-19.el7_0 will be installed
--> Finished Dependency Resolution

Start NTP service

[root@localhost yum.repos.d]# systemctl start ntpd
[root@localhost yum.repos.d]# systemctl status ntpd
ntpd.service - Network Time Service
 Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled)
 Active: active (running) since Sat 2016-10-01 22:12:02 IST; 4s ago

How to install Puppet Master Agent RHEL 7 / Centos 7

Installing puppet master packages using yum command, It will automatically install dependant packages.

[root@localhost yum.repos.d]# yum install puppet-server
Loaded plugins: langpacks, product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Resolving Dependencies
Dependencies Resolved

==========================================================================================================================================================================================================================
 Package Arch Version Repository Size
==========================================================================================================================================================================================================================
Installing:
 puppet-server noarch 3.8.7-1.el7 puppetlabs-products 22 k
Installing for dependencies:
 facter x86_64 1:2.4.6-1.el7 puppetlabs-products 98 k
 hiera noarch 1.3.4-1.el7 puppetlabs-products 23 k
 libselinux-ruby x86_64 2.2.2-6.el7 RHEL7 127 k
 libyaml x86_64 0.1.4-11.el7_0 RHEL7 55 k
 puppet noarch 3.8.7-1.el7 puppetlabs-products 1.5 M
 ruby x86_64 2.0.0.598-24.el7 RHEL7 67 k
 ruby-augeas x86_64 0.4.1-3.el7 puppetlabs-deps 22 k
 ruby-irb noarch 2.0.0.598-24.el7 RHEL7 88 k
 ruby-libs x86_64 2.0.0.598-24.el7 RHEL7 2.8 M
 ruby-shadow x86_64 1:2.2.0-2.el7 puppetlabs-deps 14 k
 rubygem-bigdecimal x86_64 1.2.0-24.el7 RHEL7 79 k
 rubygem-io-console x86_64 0.4.2-24.el7 RHEL7 50 k
 rubygem-json x86_64 1.7.7-24.el7 RHEL7 75 k
 rubygem-psych x86_64 2.0.0-24.el7 RHEL7 77 k
 rubygem-rdoc noarch 4.0.0-24.el7 RHEL7 318 k
 rubygems noarch 2.0.14-24.el7 RHEL7 212 k

Transaction Summary
==========================================================================================================================================================================================================================
Install 1 Package (+16 Dependent packages)

If you observe above package installation and dependencies, it is installing ruby along with puppet packages.

Configuring puppet Master name

Edit configuration file and few entries

[root@localhost yum.repos.d]# cat /etc/puppet/puppet.conf
[main]
 # The Puppet log directory.
 # The default value is '$vardir/log'.
 logdir = /var/log/puppet

# Where Puppet PID files are kept.
 # The default value is '$vardir/run'.
 rundir = /var/run/puppet

# Where SSL certificates are kept.
 # The default value is '$confdir/ssl'.
 ssldir = $vardir/ssl

dns_alt_names = puppet,puppet.arkit.co.in
 certname=puppet

[agent]
 # The file in which puppetd stores a list of the classes
 # associated with the retrieved configuratiion. Can be loaded in
 # the separate ``puppet`` executable using the ``--loadclasses``
 # option.
 # The default value is '$confdir/classes.txt'.
 classfile = $vardir/classes.txt

# Where puppetd caches the local configuration. An
 # extension indicating the cache format is added automatically.
 # The default value is '$confdir/localconfig'.
 localconfig = $vardir/localconfig

To resolve local name we have to edit hosts file and add entry

[root@localhost yum.repos.d]# cat /etc/hosts
192.168.4.27 puppet.arkit.co.in puppet

Check Puppet resource configuration using below command

[root@localhost yum.repos.d]# puppet resource package puppet-server ensure=latest
package { 'puppet-server':
 ensure => '3.8.7-1.el7',
}

Enable and Start PuppetMaster service

[root@localhost yum.repos.d]# systemctl enable puppetmaster
ln -s '/usr/lib/systemd/system/puppetmaster.service' '/etc/systemd/system/multi-user.target.wants/puppetmaster.service'
[root@localhost yum.repos.d]# systemctl start puppetmaster
[root@localhost yum.repos.d]# systemctl status puppetmaster
puppetmaster.service - Puppet master
 Loaded: loaded (/usr/lib/systemd/system/puppetmaster.service; enabled)
 Active: active (running) since Sat 2016-10-01 22:41:52 IST; 3s ago
 Main PID: 4037 (puppet)
 CGroup: /system.slice/puppetmaster.service
 └─4037 /usr/bin/ruby /usr/bin/puppet master --no-daemonize

Verify Certificate is generated and working

[root@puppet ~]# sudo -u puppet puppet master --no-daemonize --verbose
Info: Creating a new SSL key for ca
Info: Creating a new SSL certificate request for ca
Info: Certificate Request fingerprint (SHA256): 1C:6A:55:A6:94:9B:CF:3F:AE:79:46:1E:3B:FF:4D:E6:87:4A:2A:B6:B6:FA:A0:09:75:D1:3A:26:15:9D:99:C8
Notice: Signed certificate request for ca
Info: Creating a new certificate revocation list
Info: Creating a new SSL key for puppet.arkit.co.in
Info: csr_attributes file loading from /var/lib/puppet/.puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for puppet.arkit.co.in
Info: Certificate Request fingerprint (SHA256): 4D:B7:53:5A:23:FF:D5:05:19:A8:A4:6F:81:C2:55:4D:FE:5B:C8:70:18:9B:32:2A:F7:5A:BB:C0:8F:F3:FB:B9
Notice: puppet.arkit.co.in has a waiting certificate request
Notice: Signed certificate request for puppet.arkit.co.in
Notice: Removing file Puppet::SSL::CertificateRequest puppet.arkit.co.in at '/var/lib/puppet/.puppet/ssl/ca/requests/puppet.arkit.co.in.pem'
Notice: Removing file Puppet::SSL::CertificateRequest puppet.arkit.co.in at '/var/lib/puppet/.puppet/ssl/certificate_requests/puppet.arkit.co.in.pem'
Notice: Starting Puppet master version 3.8.7
^CNotice: Caught INT; exiting

You may see below error because puppet master service is already running. Just stop puppet master and run above command.

[root@localhost yum.repos.d]# sudo -u puppet puppet master --no-daemonize --verbose
Notice: Starting Puppet master version 3.8.7
Error: Could not run: Could not create PID file: /var/run/puppet/master.pid

Now enable ports from firewall to communicate with puppet Agent

[root@puppet ~]# firewall-cmd --permanent --add-port=8140/tcp
success
[root@puppet ~]# firewall-cmd --permanent --add-port=8140/udp
success
[root@puppet ~]# firewall-cmd --reload
success

Installing Puppet Agent RHEL 7 / Centos 7

Now just login to puppet agent machine then install. Configure yum repository and install puppet (Repeat First Step).

[root@localhost ~]# yum install puppet
Dependency Installed:
 facter.x86_64 1:2.4.6-1.el7 hiera.noarch 0:1.3.4-1.el7 libselinux-ruby.x86_64 0:2.2.2-6.el7 libyaml.x86_64 0:0.1.4-11.el7_0 ruby.x86_64 0:2.0.0.598-24.el7
 ruby-augeas.x86_64 0:0.4.1-3.el7 ruby-irb.noarch 0:2.0.0.598-24.el7 ruby-libs.x86_64 0:2.0.0.598-24.el7 ruby-shadow.x86_64 1:2.2.0-2.el7 rubygem-bigdecimal.x86_64 0:1.2.0-24.el7
 rubygem-io-console.x86_64 0:0.4.2-24.el7 rubygem-json.x86_64 0:1.7.7-24.el7 rubygem-psych.x86_64 0:2.0.0-24.el7 rubygem-rdoc.noarch 0:4.0.0-24.el7 rubygems.noarch 0:2.0.14-24.el7

Complete!
[root@localhost ~]# ping puppetagent
PING puppetagent.arkit.co.in (192.168.4.10) 56(84) bytes of data.
64 bytes from puppetagent.arkit.co.in (192.168.4.10): icmp_seq=1 ttl=64 time=0.044 ms
^C
--- puppetagent.arkit.co.in ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.044/0.044/0.044/0.000 ms

[root@localhost ~]# ping puppetserver
PING puppetserver.arkit.co.in (192.168.4.27) 56(84) bytes of data.
64 bytes from puppetserver.arkit.co.in (192.168.4.27): icmp_seq=1 ttl=64 time=0.430 ms
64 bytes from puppetserver.arkit.co.in (192.168.4.27): icmp_seq=2 ttl=64 time=0.306 ms
^C
--- puppetserver.arkit.co.in ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.306/0.368/0.430/0.062 ms

[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.4.27 puppetserver.arkit.co.in puppetserver
192.168.4.10 puppetagent.arkit.co.in puppetagent

Configure Puppet Agent

Edit configuration file /etc/puppet/puppet.conf add server address here to communicate with puppet server.

If you did not enable puppet port number in puppet server bellow error you can see install puppet master agent rhel 7

[root@localhost ~]# puppet agent -t
Error: Could not request certificate: No route to host - connect(2)
Exiting; failed to retrieve certificate and waitforcert is disabled

Verify agent is communicating with puppet Server or not. install puppet master agent rhel 7

[root@localhost ~]# puppet agent -t
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for localhost.localdomain
Info: Certificate Request fingerprint (SHA256): 5A:4D:A6:DB:95:F3:25:39:58:25:53:24:92:0A:33:F7:C7:67:38:14:C7:47:3F:59:4B:A8:33:82:AD:0A:64:A0
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled

Certificate verification from Puppet Agent to Server

[root@localhost ~]# puppet cert list
Notice: Signed certificate request for ca

Puppet Agent is configured correctly

[root@localhost ~]# puppet agent --fingerprint
(SHA256) 5A:4D:A6:DB:95:F3:25:39:58:25:53:24:92:0A:33:F7:C7:67:38:14:C7:47:3F:59:4B:A8:33:82:AD:0A:64:A0

Conclusion

Puppet is an configuration management tool to manage your environment by simply writing RAL = Resource abstraction layer. install puppet master agent rhel 7

Related Articles install puppet master agent rhel 7 install puppet master agent rhel 7

Setting Up PXE Boot Server installation and Configuration

Installing and Configuration Master DNS Server

DHCP SErver installation and configuration RHEL 7

 

Thanks for your wonderful Support and Encouragement

ARK

My Name is ARK. Expert in grasping any new technology, Interested in Sharing the knowledge. Learn more & Earn More

4 Responses

  1. Igor says:

    cant read the code lines..

  2. blank puppSon says:

    I followed this article exactly as mentioned, but I get following error –
    Error: Could not request certificate: Error 400 on SERVER: The environment must be purely alphanumeric, not ‘puppet-ca’
    I researched and found out that puppet server version needs to be >= puppet agent version.
    puppet server is 3.8.7
    puppet agent is 4.10.9

    How do I get puppet agent 3.8.7 or lower on Centos 7?
    yum install puppet 3.8.7 says that this version is deprecated and asks to install latest which is 4.10.9.

    How do I resolve this issue?

Leave a Reply

Your email address will not be published.