Puppet 5 Example
Install Puppet Agent
To install the Puppet 5 Agent, add the official repo and then use your package manager.
Install the Puppet Agent on CentOS 7
rpm -Uvh https://yum.puppet.com/puppet5/puppet5-release-el-7.noarch.rpm yum install puppet -y
Install the Puppet Agent on Ubuntu 16.04
wget https://apt.puppetlabs.com/puppet5-release-xenial.deb dpkg -i puppet5-release-xenial.deb apt update apt install puppet
Here's a list of all of the Official Puppet Repositories for other operating systems.
Set PATH for /opt/puppetlabs/bin
echo 'export PATH=/opt/puppetlabs/bin:$PATH' >> ~/.bashrc export PATH=/opt/puppetlabs/bin:$PATH
Puppet uses SSL certificates to identify the nodes, so the hostnames for all of the servers need to be defined. Ideally you'd setup BIND for this, but in this example we'll just use the hosts file. We're going to assume the Puppet Master is at 10.10.10.1 and the client is at 10.10.10.2
set /etc/hostname and add to /etc/hosts
# set the hostname hostname box1.example.com echo "box1.example.com" > /etc/hostname # add /etc/hosts entries echo "127.0.0.1 box1.example.com" >> /etc/hosts echo "10.10.10.2 box1.example.com" >> /etc/hosts echo "10.10.10.1 puppet.example.com" >> /etc/hosts
Before running the agent we must set the hostname of the server in /etc/puppetlabs/puppet/puppet.conf.
[main] server = puppet.example.com
Run Puppet Agent
The first time you run the agent it'll request that the server sign it's cert. After the puppet master signs the cert, on subsequent executions the agent will retrieve the configuration catalog and apply it.
puppet agent --test
On the Puppet Master run this to see the certificate signging request.
puppet cert list
And then to sign the certificate.
puppet cert sign box1.example.com
Run the agent again on the client to retrieve and apply the catalog.
puppet agent --test
Check if the server port is open and listening.
On an Agent
nmap -p 8140 puppet.example.com
Check the hostname of all servers.
On each server
Error: certificate verify failed
Try resetting the Agent SSL directory
mv /opt/puppetlabs/puppet/ssl/ /opt/puppetlabs/puppet/ssl.old