Kevin Ashcraft

Linux & Radio Tutorials

Puppet 5 Example

Puppet is a server management tool. This is an example of how to run Puppet. Make sure you've got a Puppet Master Setup first.

In this tutorial we'll walk through how to installing Puppet 5, configuring the hostnames, and puppet agent, then running a test.

Install Puppet Agent

To install the Puppet 5 Agent, add the official repo and then use your package manager.

Install the Puppet Agent on CentOS 7

rpm -Uvh https://yum.puppet.com/puppet5/puppet5-release-el-7.noarch.rpm
yum install puppet -y
    

Install the Puppet Agent on Ubuntu 16.04

wget https://apt.puppetlabs.com/puppet5-release-xenial.deb
dpkg -i puppet5-release-xenial.deb
apt update
apt install puppet
    

Here's a list of all of the Official Puppet Repositories for other operating systems.

Set PATH for /opt/puppetlabs/bin

echo 'export PATH=/opt/puppetlabs/bin:$PATH' >> ~/.bashrc
export PATH=/opt/puppetlabs/bin:$PATH
    

Configure Hostnames

Puppet uses SSL certificates to identify the nodes, so the hostnames for all of the servers need to be defined. Ideally you'd setup BIND for this, but in this example we'll just use the hosts file. We're going to assume the Puppet Master is at 10.10.10.1 and the client is at 10.10.10.2

set /etc/hostname and add to /etc/hosts

# set the hostname
hostname box1.example.com
echo "box1.example.com" > /etc/hostname

# add /etc/hosts entries
echo "127.0.0.1 box1.example.com" >> /etc/hosts
echo "10.10.10.2 box1.example.com" >> /etc/hosts
echo "10.10.10.1 puppet.example.com" >> /etc/hosts
    

Configure Puppet

Before running the agent we must set the hostname of the server in /etc/puppetlabs/puppet/puppet.conf.

/etc/puppetlabs/puppet/puppet.conf

[main]
  server = puppet.example.com
    

Run Puppet Agent

The first time you run the agent it'll request that the server sign it's cert. After the puppet master signs the cert, on subsequent executions the agent will retrieve the configuration catalog and apply it.

puppet agent --test

On the Puppet Master run this to see the certificate signging request.

puppet cert list

And then to sign the certificate.

puppet cert sign box1.example.com

Run the agent again on the client to retrieve and apply the catalog.

puppet agent --test

Troubleshooting

Basis Checks

Check if the server port is open and listening.

On an Agent

nmap -p 8140 puppet.example.com

Check the hostname of all servers.

On each server

hostname

Error: certificate verify failed

Try resetting the Agent SSL directory

mv /opt/puppetlabs/puppet/ssl/ /opt/puppetlabs/puppet/ssl.old