How to set up Puppet Master and Agent on CentOS 8

How to set up Puppet Master and Agent on CentOS 8

Puppet is an open source configuration management tool and server automation framework. Puppet runs on Unix-like operating systems as well as Microsoft Windows systems. It enables you to manage and perform administrative tasks and the configuration of hundreds of systems on a single master server.

In this tutorial, I will show you how to install Puppet on CentOS 8. I installed and configured the CentOS 8 server as one Puppet “master” and the other as a “proxy”.

prerequisites

  • 2 or more CentOS 8 servers
  • Root privilege

What we do:

  • Puppet pre-installed
  • Install and configure Puppet server
  • Install and configure Puppet agent
  • Verify puppet agent configuration
  • Create first doll list

Step 1-Puppet pre-installation

In the first step, we will prepare the master and proxy servers for the puppet installation. We will set the host and FQDN of the server, set the NTP server, and add a puppet repository for the CentOS 8 server.

Set host name

First, we will set up the host and FQDN for both servers. The puppet master server will have the host name “master” and its FQDN is “master.hakase-labs.io”, while the proxy server will have the host name “agent01” and its FQDN is “agent01.hakase-labs.io”.

Set the host name using the “hostnamectl” command below.

hostnamectl set-hostname hostname

After that, edit the “/ etc / hosts” file to configure the FQDN server.

vim /etc/hosts

Change and paste the IP address and domain name yourself.

10.5.5.21   master.hakase-labs.io   master10.5.5.22   agent01.hakase-labs.io  agent01

Save and close.

Now restart the host-named service to apply the new host name and FQDN.

systemctl restart systemd-hostnamed

Then, check the host name and FQDN using the following command.

hostnamehostname -f

You will get a new host name, and the FQDN is configured and applied to the system.

Setting up an NTP server

For the NTP server, we will use “chrony” for the server.

Use the following dnf command to install chrony.

dnf install chrony

After that, edit the chrony configuration ‘/etc/chrony.conf’ using vim editor.

vim /etc/chrony.conf

Now change the pool server to the nearest pool in your country. You can use “https://www.pool.ntp.org/zone/COUNTRYID” to check the available pool NTP.

Copy all available NTP servers in your country and paste them into the “chrony.conf” file as shown below.

server 0.id.pool.ntp.org iburstserver 1.id.pool.ntp.org iburstserver 2.id.pool.ntp.org iburstserver 3.id.pool.ntp.org iburst

Save and close.

Now start the chronyd service and add it to the boot time.

systemctl start chronydsystemctl enable chronyd

The NTP server configuration is complete.

Setting the date and time

Adding a puppet repository for CentOS 8

For Centos 8 server of puppet repository, you can install it manually using rpm command as shown below.

sudo rpm -Uvh https://yum.puppet.com/puppet6-release-el-8.noarch.rpm

After that, use the following dnf command to check all available repositories on the system.

dnf repolist

And you will get the Puppet repository added to the CentOS 8 system.

Add puppet library

Disable SELinux

To disable SELinux, you can edit the ‘/ etc / sysconfig / selinux’ configuration using vim editor.

vim /etc/sysconfig/selinux

Now change the value configuration for “SELINUX” to “disabled”.

SELINUX=disabled

Save and close, then restart the server.

sudo reboot

After logging in again, use the following command to check the status of SELinux.

sestatus

You will get SELinux disabled.

Step 2-install and configure Puppetserver

In this step, we will install and configure puppetserver on the master node.

Use the following dnf command to install puppetserver.

sudo dnf install puppetserver

After that, we need to edit the “initial settings” of puppetserver and change the memory allocation based on the RAM we have.

Use vim editor to edit the puppetserver initialization settings located in ‘/ etc / sysconfig / puppetserver’.

vim /etc/sysconfig/puppetserver

Now, based on your RAM, change the “JAVA_ARGS” configuration for memory allocation.

JAVA_ARGS="-Xms1g -Xmx1g ...."

Save and close.

Next, go to the “/ etc / puppetlabs” directory and edit the puppet configuration file “puppet.conf”.

cd /etc/puppetlabs/vim puppet/puppet.conf

Under the master configuration, use the FQDN of the master server to define the DNS alternate name.

[master]....dns_alt_names=master.hakase-labs.io,puppet....

After that, define the puppet master server configuration as follows.

[main]certname = master.hakase-labs.ioserver = master.hakase-labs.ioenvironment = productionruninterval = 1h

Save and close.

Now, add the puppetserver service to the boot time, and then start the service.

systemctl enable puppetserversystemctl start puppetserver

puppetserver is up and running on a CentOS 8 server with the default TCP port ‘8140’.

Use the following command to add puppetserver port “8140” to firewalld.

firewall-cmd --add-port=8140/tcp --permanentfirewall-cmd --reload

As a result, the installation and configuration of the puppet master template has been successfully completed.

Configure firewall

Step 3-install and configure Puppet agent

After installing Puppet master server ‘master.hakase-labs.io’, we will install a puppet agent on ‘agent01’ server.

Log in to the “agent01” server and install the puppet-agent package using the dnf command below.

sudo dnf install puppet-agent

After that, go to the “/ etc / puppetlabs” directory and edit the configuration file “puppet.conf” using vim editor.

cd /etc/puppetlabs/vim puppet/puppet.conf

Change the “Certificate Name” and “Server” configuration yourself and paste into that configuration.

[main]certname = agent01.hakase-labs.ioserver = master.hakase-labs.ioenvironment = productionruninterval = 1h

Save and close.

Next, start the puppet service and register the Puppet agent to the master server using the following command.

/opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true

You will get the following results.

Start puppet service

Now that the puppet agent is up and running, it is trying to register to the Puppet master server.

Now go back to the Puppet master server and check the pending certificate requests.

/opt/puppetlabs/bin/puppetserver ca list

You will get the “agent01.hakase-labs.io” certificate in the list.

Now use the following command to sign the “agent01” certificate.

/opt/puppetlabs/bin/puppetserver ca sign --certname agent01.hakase-labs.io

The up proxy is now registered with the master server.

Registered Puppet Agent

Step 4-Verify Puppet Agent Configuration

Now verify the Puppet proxy configuration and use the following command to test the connection between the Puppet proxy and the master server.

/opt/puppetlabs/bin/puppet agent --test

You will get the following results.

Test p proxy

As a result, the Puppet agent pulled the configuration from the host and applied it to the server without any errors.

Step 5-create the first manifest

At this stage, the installation and configuration of Puppet for master and agent has been completed.

In this step, we will test the setup by creating the first p manifest for installing the httpd package.

Go to the “/ etc / puppetlabs / code / environments / production / manifests” directory and create the first puppet manifest file “httpd.pp”.

cd /etc/puppetlabs/code/cd environments/production/manifestsvim httpd.pp

Paste the following configuration.

node 'agent01.hakase-labs.io' {    package { 'httpd':        ensure  => "installed",    }    service { 'httpd':        ensure => running,    enable => true    }}

Save and close.

Create manifest

Now go to the Puppet agent node “agento01” and run the following command.

/opt/puppetlabs/bin/puppet agent --test

The result will be shown below.

Test p proxy

The Puppet agent extracts the new configuration from the Puppet master server to install the httpd package and start the httpd service.

On the “agent01” node, check the httpd service status and check the HTTP port “80”

systemctl status httpdnetstat -plntu

You will use the default HTTP port “80” to start and run the httpd service on the “agent01” server. The httpd package has been installed through the puppet manifest we created at the top.

Check httpd status

As a result, the Puppet master server and agent installation and configuration on the CentOS 8 server was successfully completed.

reference

  • https://puppet.com/docs
Sidebar