How to install Puppet Master Agent RHEL 7/ Centos 7
Puppet software is an opensource configuration management tool. It runs on multiple platforms like Windows, VMWare, Mac, BSD and Linux. Using puppet we can manage all types of environments. Puppet package is developed by Puppet Labs in 2005. Puppet package is written in ruby. In this article we are going to see How to install Puppet Master Agent RHEL 7.
Hardware Requirements to install puppet Master
- At least 4GB of RAM
- Minimum 2 -4 processors to serve 1000 agents
- Operating system should be any Unix-like OS
- Puppet agent can be installed in any Operating system does not required much resource
- Minimal Operating system installation is required
- Internet is required to download packages
- You must have root user / Super user access
- Firewall Open ports 8140
Environment
- Server (Puppet Master) IP Address: 192.168.4.27 RHEL 7 / Centos 7 OS
- Puppet Agent IP Address: 192.168.4.10 RHEL 7 / Centos 7
Before going to install puppet Master we have to configure yum repository
Red Hat Enterprise Linux 7 [root@ArkIT ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm Red Hat Enterprise Linux 6 [root@ArkIT ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm Red Hat Enterprise Linux 5 [root@ArkIT ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-5.noarch.rpm
Installing RPM package
[root@localhost ~]# rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm Retrieving https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm warning: /var/tmp/rpm-tmp.SoLuD0: Header V4 RSA/SHA512 Signature, key ID 4bd6ec30: NOKEY Preparing... ################################# [100%] Updating / installing... 1:puppetlabs-release-22.0-2 ################################# [100%]
Install and start NTP service to sync time with time servers
[root@localhost yum.repos.d]# yum install ntp Loaded plugins: langpacks, product-id, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Resolving Dependencies --> Running transaction check ---> Package ntp.x86_64 0:4.2.6p5-19.el7_0 will be installed --> Finished Dependency Resolution
Start NTP service
[root@localhost yum.repos.d]# systemctl start ntpd [root@localhost yum.repos.d]# systemctl status ntpd ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled) Active: active (running) since Sat 2016-10-01 22:12:02 IST; 4s ago
How to install Puppet Master Agent RHEL 7 / Centos 7
Installing puppet master packages using yum command, It will automatically install dependant packages.
[root@localhost yum.repos.d]# yum install puppet-server Loaded plugins: langpacks, product-id, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Resolving Dependencies Dependencies Resolved ========================================================================================================================================================================================================================== Package Arch Version Repository Size ========================================================================================================================================================================================================================== Installing: puppet-server noarch 3.8.7-1.el7 puppetlabs-products 22 k Installing for dependencies: facter x86_64 1:2.4.6-1.el7 puppetlabs-products 98 k hiera noarch 1.3.4-1.el7 puppetlabs-products 23 k libselinux-ruby x86_64 2.2.2-6.el7 RHEL7 127 k libyaml x86_64 0.1.4-11.el7_0 RHEL7 55 k puppet noarch 3.8.7-1.el7 puppetlabs-products 1.5 M ruby x86_64 2.0.0.598-24.el7 RHEL7 67 k ruby-augeas x86_64 0.4.1-3.el7 puppetlabs-deps 22 k ruby-irb noarch 2.0.0.598-24.el7 RHEL7 88 k ruby-libs x86_64 2.0.0.598-24.el7 RHEL7 2.8 M ruby-shadow x86_64 1:2.2.0-2.el7 puppetlabs-deps 14 k rubygem-bigdecimal x86_64 1.2.0-24.el7 RHEL7 79 k rubygem-io-console x86_64 0.4.2-24.el7 RHEL7 50 k rubygem-json x86_64 1.7.7-24.el7 RHEL7 75 k rubygem-psych x86_64 2.0.0-24.el7 RHEL7 77 k rubygem-rdoc noarch 4.0.0-24.el7 RHEL7 318 k rubygems noarch 2.0.14-24.el7 RHEL7 212 k Transaction Summary ========================================================================================================================================================================================================================== Install 1 Package (+16 Dependent packages)
If you observe above package installation and dependencies, it is installing ruby along with puppet packages.
Configuring puppet Master name
Edit configuration file and few entries
[root@localhost yum.repos.d]# cat /etc/puppet/puppet.conf [main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl dns_alt_names = puppet,puppet.arkit.co.in certname=puppet [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig
To resolve local name we have to edit hosts file and add entry
[root@localhost yum.repos.d]# cat /etc/hosts 192.168.4.27 puppet.arkit.co.in puppet
Check Puppet resource configuration using below command
[root@localhost yum.repos.d]# puppet resource package puppet-server ensure=latest package { 'puppet-server': ensure => '3.8.7-1.el7', }
Enable and Start PuppetMaster service
[root@localhost yum.repos.d]# systemctl enable puppetmaster ln -s '/usr/lib/systemd/system/puppetmaster.service' '/etc/systemd/system/multi-user.target.wants/puppetmaster.service' [root@localhost yum.repos.d]# systemctl start puppetmaster [root@localhost yum.repos.d]# systemctl status puppetmaster puppetmaster.service - Puppet master Loaded: loaded (/usr/lib/systemd/system/puppetmaster.service; enabled) Active: active (running) since Sat 2016-10-01 22:41:52 IST; 3s ago Main PID: 4037 (puppet) CGroup: /system.slice/puppetmaster.service └─4037 /usr/bin/ruby /usr/bin/puppet master --no-daemonize
Verify Certificate is generated and working
[root@puppet ~]# sudo -u puppet puppet master --no-daemonize --verbose Info: Creating a new SSL key for ca Info: Creating a new SSL certificate request for ca Info: Certificate Request fingerprint (SHA256): 1C:6A:55:A6:94:9B:CF:3F:AE:79:46:1E:3B:FF:4D:E6:87:4A:2A:B6:B6:FA:A0:09:75:D1:3A:26:15:9D:99:C8 Notice: Signed certificate request for ca Info: Creating a new certificate revocation list Info: Creating a new SSL key for puppet.arkit.co.in Info: csr_attributes file loading from /var/lib/puppet/.puppet/csr_attributes.yaml Info: Creating a new SSL certificate request for puppet.arkit.co.in Info: Certificate Request fingerprint (SHA256): 4D:B7:53:5A:23:FF:D5:05:19:A8:A4:6F:81:C2:55:4D:FE:5B:C8:70:18:9B:32:2A:F7:5A:BB:C0:8F:F3:FB:B9 Notice: puppet.arkit.co.in has a waiting certificate request Notice: Signed certificate request for puppet.arkit.co.in Notice: Removing file Puppet::SSL::CertificateRequest puppet.arkit.co.in at '/var/lib/puppet/.puppet/ssl/ca/requests/puppet.arkit.co.in.pem' Notice: Removing file Puppet::SSL::CertificateRequest puppet.arkit.co.in at '/var/lib/puppet/.puppet/ssl/certificate_requests/puppet.arkit.co.in.pem' Notice: Starting Puppet master version 3.8.7 ^CNotice: Caught INT; exiting
You may see below error because puppet master service is already running. Just stop puppet master and run above command.
[root@localhost yum.repos.d]# sudo -u puppet puppet master --no-daemonize --verbose
Notice: Starting Puppet master version 3.8.7
Error: Could not run: Could not create PID file: /var/run/puppet/master.pid
Now enable ports from firewall to communicate with puppet Agent
[root@puppet ~]# firewall-cmd --permanent --add-port=8140/tcp success [root@puppet ~]# firewall-cmd --permanent --add-port=8140/udp success [root@puppet ~]# firewall-cmd --reload success
Installing Puppet Agent RHEL 7 / Centos 7
Now just login to puppet agent machine then install. Configure yum repository and install puppet (Repeat First Step).
[root@localhost ~]# yum install puppet
Dependency Installed: facter.x86_64 1:2.4.6-1.el7 hiera.noarch 0:1.3.4-1.el7 libselinux-ruby.x86_64 0:2.2.2-6.el7 libyaml.x86_64 0:0.1.4-11.el7_0 ruby.x86_64 0:2.0.0.598-24.el7 ruby-augeas.x86_64 0:0.4.1-3.el7 ruby-irb.noarch 0:2.0.0.598-24.el7 ruby-libs.x86_64 0:2.0.0.598-24.el7 ruby-shadow.x86_64 1:2.2.0-2.el7 rubygem-bigdecimal.x86_64 0:1.2.0-24.el7 rubygem-io-console.x86_64 0:0.4.2-24.el7 rubygem-json.x86_64 0:1.7.7-24.el7 rubygem-psych.x86_64 0:2.0.0-24.el7 rubygem-rdoc.noarch 0:4.0.0-24.el7 rubygems.noarch 0:2.0.14-24.el7 Complete!
[root@localhost ~]# ping puppetagent PING puppetagent.arkit.co.in (192.168.4.10) 56(84) bytes of data. 64 bytes from puppetagent.arkit.co.in (192.168.4.10): icmp_seq=1 ttl=64 time=0.044 ms ^C --- puppetagent.arkit.co.in ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.044/0.044/0.044/0.000 ms [root@localhost ~]# ping puppetserver PING puppetserver.arkit.co.in (192.168.4.27) 56(84) bytes of data. 64 bytes from puppetserver.arkit.co.in (192.168.4.27): icmp_seq=1 ttl=64 time=0.430 ms 64 bytes from puppetserver.arkit.co.in (192.168.4.27): icmp_seq=2 ttl=64 time=0.306 ms ^C --- puppetserver.arkit.co.in ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms rtt min/avg/max/mdev = 0.306/0.368/0.430/0.062 ms [root@localhost ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.4.27 puppetserver.arkit.co.in puppetserver 192.168.4.10 puppetagent.arkit.co.in puppetagent
Configure Puppet Agent
Edit configuration file /etc/puppet/puppet.conf add server address here to communicate with puppet server.
If you did not enable puppet port number in puppet server bellow error you can see install puppet master agent rhel 7
[root@localhost ~]# puppet agent -t
Error: Could not request certificate: No route to host - connect(2)
Exiting; failed to retrieve certificate and waitforcert is disabled
Verify agent is communicating with puppet Server or not. install puppet master agent rhel 7
[root@localhost ~]# puppet agent -t Info: Caching certificate for ca Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml Info: Creating a new SSL certificate request for localhost.localdomain Info: Certificate Request fingerprint (SHA256): 5A:4D:A6:DB:95:F3:25:39:58:25:53:24:92:0A:33:F7:C7:67:38:14:C7:47:3F:59:4B:A8:33:82:AD:0A:64:A0 Info: Caching certificate for ca Exiting; no certificate found and waitforcert is disabled
Certificate verification from Puppet Agent to Server
[root@localhost ~]# puppet cert list Notice: Signed certificate request for ca
Puppet Agent is configured correctly
[root@localhost ~]# puppet agent --fingerprint (SHA256) 5A:4D:A6:DB:95:F3:25:39:58:25:53:24:92:0A:33:F7:C7:67:38:14:C7:47:3F:59:4B:A8:33:82:AD:0A:64:A0
Conclusion
Puppet is an configuration management tool to manage your environment by simply writing RAL = Resource abstraction layer. install puppet master agent rhel 7
Related Articles install puppet master agent rhel 7 install puppet master agent rhel 7
Setting Up PXE Boot Server installation and Configuration
Installing and Configuration Master DNS Server
DHCP SErver installation and configuration RHEL 7
Thanks for your wonderful Support and Encouragement