9

Install Puppet 7 Server and Agent on CentOS 7|RHEL 7

 2 years ago
source link: https://computingforgeeks.com/install-puppet-server-and-agent-on-centos-rhel/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client
Install Puppet 7 Server and Agent on CentOS 7|RHEL 7

Welcome to this guide on how to install the Puppet 7 Server and Agent on CentOS 7|RHEL 7. Puppet is one of the automation tools just like Chef, Ansible, e.t.c. It is used to configure, manage and deploy applications. This tool, a product of Puppet Labs, was developed to help system admins and developers automate operations such as program installation, system management e.t.c

Puppet comprises of the following:

  • Puppet master/server – This contains all the configuration information for the managed nodes. It handles all these configurations and related activities in form of codes.
  • Puppet agent/slave – These are rela systems in the working environment. They are noded managed by the Puppet master and normally have the Puppet agent service running in them.
  • PuppetDB – It collects and stored all the data generated by Puppet. It enables advanced features such as exported resources.

Below is an illustration of Puppet Architecture to make it easy to understand how these components relate.

The Master-Slave communication happens as shown.

The client-server configuration can be done in the following ways:

  • Agent-master architecure – In this architecture, the Puppet master controls the nodes. Here, each of the managed nodes has bears own configuration information from the master. In this architecture, there might be more than one server running the Puppet master/Server application.
  • Stand-alone architecture – In this architecture, the managed nodes have the copy of the configuration information. They compile the catalog on their own and run the Puppet apply application as a cron job.

Having understood Puppet and its architecture, we will proceed to the nub of this matter.

Step 1 – Server preparation

For this guide, you will need the following hardware requirements

  • 2 CentOS 7|RHEL 7 systems for Master and Agent
  • Atleast 4GB RAM
  • 2-4 Processor cores
  • sudo access to the systems

Prepare the Servers

Update the systems and install the required packages:

sudo yum -y update
sudo yum install wget curl vim bash-completion

Set static hostnames on the servers as below.

##On the Puppet Master
sudo hostnamectl set-hostname puppetmaster.example.com --static

##On the Puppet agent
sudo hostnamectl set-hostname puppetnode.example.com --static

You also need to update the hosts’ file as below.

$ sudo vim /etc/hosts
192.168.205.20  puppetmaster.example.com puppetmaster
192.168.205.21  puppetnode.example.com puppetnode

For this guide, the two servers will be configured as below.

HostnameIP AddressTaskpuppetmaster.example.com192.168.205.20Puppet Masterpuppetnode.example.com192.168.205.21Puppet Agent

Step 2 – Configure Chrony NTP synchronization

The time between the Puppet master and agent must be synchronized. Install Chrony NTP packages on the servers.

sudo yum -y install chrony

Start and enable Chrony.

sudo systemctl enable --now chronyd

Now configure Chrony NTP

sudo timedatectl set-timezone Africa/Nairobi --adjust-system-clock
sudo timedatectl set-ntp yes

Verify the made changes

$ timedatectl 
      Local time: Tue 2022-03-08 11:34:22 EAT
  Universal time: Tue 2022-03-08 08:34:22 UTC
        RTC time: Tue 2022-03-08 08:34:22
       Time zone: Africa/Nairobi (EAT, +0300)
     NTP enabled: yes
NTP synchronized: yes
 RTC in local TZ: no
      DST active: n/a

Step 3 – Add the Puppet 7 Repositories on CentOS 7|RHEL 7

Begin by adding the Epel repository to your system.

sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Now add the Puppet 7 Repositories on CentOS 7|RHEL 7.

sudo yum -y install https://yum.puppet.com/puppet-release-el-7.noarch.rpm

Step 4 – Install Puppet Master on CentOS 7|RHEL 7

Now on the set master node, install the Puppet Master from the added repository.

sudo yum install puppetserver

Dependency Tree:

Dependencies Resolved

================================================================================
 Package                      Arch    Version                    Repository
                                                                           Size
================================================================================
Installing:
 puppetserver                 noarch  7.6.0-1.el7                puppet    74 M
Installing for dependencies:
 avahi-libs                   x86_64  0.6.31-20.el7              base      62 k
 copy-jdk-configs             noarch  3.3-10.el7_5               base      21 k
 cups-libs                    x86_64  1:1.6.3-51.el7             base     359 k
 java-1.8.0-openjdk-headless  x86_64  1:1.8.0.322.b06-1.el7_9    updates   33 M
 javapackages-tools           noarch  3.4.1-11.el7               base      73 k
 libjpeg-turbo                x86_64  1.2.90-8.el7               base     135 k
 libxslt                      x86_64  1.1.28-6.el7               base     242 k
 lksctp-tools                 x86_64  1.0.17-2.el7               base      88 k
 net-tools                    x86_64  2.0-0.25.20131004git.el7   base     306 k
 pcsc-lite-libs               x86_64  1.8.8-8.el7                base      34 k
 puppet-agent                 x86_64  7.14.0-1.el7               puppet    24 M
 python-javapackages          noarch  3.4.1-11.el7               base      31 k
 python-lxml                  x86_64  3.2.1-4.el7                base     758 k
 tzdata-java                  noarch  2021e-1.el7                updates  190 k

Transaction Summary
================================================================================
Install  1 Package (+14 Dependent packages)

Total download size: 134 M
Installed size: 215 M
Is this ok [y/d/N]: y

Once installed, check the package information.

$ rpm -qi puppetserver 
Name        : puppetserver
Version     : 7.6.0
Release     : 1.el7
Architecture: noarch
Install Date: Tue 08 Mar 2022 12:04:07 PM EAT
Group       : System Environment/Daemons
Size        : 105374441
License     : ASL 2.0
Signature   : RSA/SHA256, Sat 15 Jan 2022 02:36:50 AM EAT, Key ID 4528b6cd9e61ef26
Source RPM  : puppetserver-7.6.0-1.el7.src.rpm
Build Date  : Sat 15 Jan 2022 02:34:48 AM EAT
Build Host  : k8s-jenkins-fpm-bs1r8
Relocations : / 
Packager    : Puppet Labs <[email protected]>
Vendor      : Puppet Labs <[email protected]>
URL         : http://puppet.com
Summary     : Puppet Labs puppetserver
Description :
Puppet Labs puppetserver
Contains: Puppet Server (puppetlabs/puppetserver 7.6.0,org.clojure/clojure 1.10.1,org.bouncycastle/bcpkix-jdk15on 1.68,puppetlabs/jruby-utils 3.2.2,puppetlabs/puppetserver 7.6.0,puppetlabs/trapperkeeper-webserver-jetty9 4.2.1)

Step 5 – Configure the Puppet Master 7 on CentOS 7|RHEL 7

Once the installation is complete, proceed to the configuration. Open the puppet configuration file for editing.

sudo vim /etc/puppetlabs/puppet/puppet.conf

In the file, you need to define your Master FQDN and DNS alternative names:

[server]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
dns_alt_names=puppetmaster.example.com,puppetmaster,puppetserver

[main]
certname = puppetmaster.example.com
server = puppetmaster.example.com
environment = production
runinterval = 1h

Proceed and adjust the memory allocation if the available system memory is less than 4GB. Normally the default allocated value is 2GB

$ sudo vi /etc/sysconfig/puppetserver
JAVA_ARGS="-Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"

After the above configurations, start and enable the Puppet server.

sudo systemctl start puppetserver
sudo systemctl enable puppetserver

Check the status of the service.

$ systemctl status puppetserver
● puppetserver.service - puppetserver Service
   Loaded: loaded (/usr/lib/systemd/system/puppetserver.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-03-08 12:08:09 EAT; 18s ago
 Main PID: 1992 (java)
   CGroup: /system.slice/puppetserver.service
           └─1992 /usr/bin/java -Xms1g -Xmx1g -Djruby.logger.class=com.puppet..

Allow the Puppet service port through the firewall.

sudo firewall-cmd --add-port=8140/tcp --permanent
sudo firewall-cmd --reload

Step 6 – Install Puppet Agent 7 on CentOS 7|RHEL 7

The added repository still provides the Puppet Agent 7 for CentOS 7|RHEL 7. Now on the Puppet Agent node, install the Puppet agent package as below.

sudo yum install puppet-agent

Dependency Tree:

Dependencies Resolved

=======================================
 Package
      Arch   Version      Repository
                                  Size
=======================================
Installing:
 puppet-agent
      x86_64 7.14.0-1.el7 puppet  24 M

Transaction Summary
=======================================
Install  1 Package

Total download size: 24 M
Installed size: 24 M
Is this ok [y/d/N]: y

Once installed, configure the Puppet agent.

sudo vim /etc/puppetlabs/puppet/puppet.conf

In the file, make the below changes.

[main]
server = puppetmaster.example.com

Start and enable the Puppet agent service.

sudo systemctl restart puppet
sudo systemctl enable puppet

Step 7 – Connect the Puppet Agent to Puppet Server on CentOS 7|RHEL 7

First, generate certificates from your Puppet agent for the Master to sign.

sudo /opt/puppetlabs/bin/puppet agent -t

Sample Output:

There is an error in the output above since the generated certificates need to be signed by the Puppet Master. Now on the Puppet master, list the Puppet agent nodes and certificates with the command:

sudo /opt/puppetlabs/bin/puppetserver ca list

Sample Output:

Requested Certificates:
    puppetnode.example.com      (SHA256)  04:D7:E6:97:29:D8:7E:13:A4:5A:5B:F0:DF:E1:A7:81:0E:33:15:25:6A:24:2F:DE:F6:4F:DA:00:EC:4C:54:DA

Now sign the certificate for the listed puppet.agent-node using the command:

$ sudo /opt/puppetlabs/bin/puppetserver ca sign --certname puppetnode.example.com
Successfully signed certificate request for puppetnode.example.com

Now back to the Puppet Agent, sign the certificates again using the first command:

sudo /opt/puppetlabs/bin/puppet agent -t

Execution output:

It should now be successful as above.

Step 8 – Create First Manifest

In order to test the Puppet 7 Server-Agent Communication, we need to create and run a manifest.

Now on the Puppet server, we will create a test manifest to install the Apache webserver as below

sudo vim /etc/puppetlabs/code/environments/production/manifests/init.pp

In the opened file, add the below content.

class apache2 {
  package { 'httpd':
    ensure => installed,
  }

  service { 'httpd':
    ensure  => true,
    enable  => true,
    require => Package['httpd'],
  }
}

Create a site.pp file.

sudo vim /etc/puppetlabs/code/environments/production/manifests/site.pp

This file will have the Puppet agent FQDN as below.

node 'puppetnode.example.com' {
   include httpd
}

Save the file and run the manifest on the Puppet Agent

sudo /opt/puppetlabs/bin/puppet agent -t

Execution output:

Voilà!

At this point, it is safe to conclude that the Puppet 7 Server-Agent setup is working perfectly.

Interested in more?


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK