Pre-Install
OS/Ruby Version
· See the supported platforms guide.
· If your OS is older than the supported versions, you may still be able to run Puppet if you install an updated version of Ruby. See the list of supported Ruby versions.
Deployment Type
Decide on a deployment type before installing:
- Agent/master
Agent nodes pull their configurations from a puppet master server. Admins must manage node certificates, but will only have to maintain manifests and modules on the puppet master server(s), and can more easily take advantage of features like reporting and external data sources.
You must decide in advance which server will be the master;install Puppet on it before installing on any agents. The master should be a dedicated machine with a fast processor, lots of RAM, and a fast disk.
- Standalone
Every node compiles its own configuration from manifests. Admins must regularly sync Puppet manifests and modules to every node.
Network
In an agent/master deployment, you must prepare your network for Puppet’s traffic.
- Firewalls: The puppet master server must allow incoming connections on port 8140, and agent nodes must be able to connect to the master on that port.
- Name resolution: Every node must have a unique host name. Forward and reverse DNS must both be configured correctly. Instructions for configuring DNS are beyond the scope of this guide. If your site lacks DNS, you must write an /etc/hosts file on each node.
Note: The default master host name is puppet. Your agent nodes will be ready sooner if this host name resolves to your puppet master.
Installing Puppet
1. Choose a Package Source
Debian and Ubuntu systems can install Puppet from Puppet Labs’official repo, or from the OS vendor’s default repo.
UsingPuppet Labs’ Packages
Puppet Labs provides an official package repo at apt.puppetlabs.com.It contains up-to-date packages, and can install Puppet and its prerequisites without requiring any other external repositories.
To use the Puppet Labs repo, follow the instructions here.
To enable the repository:
1. Download the “puppet labs-release” package for your OS version.
You can see a full list of these packages on the front page of http://apt.puppetlabs.com/. They are all named puppetlabs-release-<CODE NAME>.deb.
2. Install the package by running
dpkg -i <PACKAGENAME>.
For example, to enable the repository for Ubuntu 12.04 Precise Pangolin:
$ wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb
$ sudo dpkg -i puppetlabs-release-precise.deb
$ sudo apt-get update2. Install the Puppet Master
Skip this step for a standalone deployment.
On your puppet master node,run sudo apt-get install puppetmaster. This will install Puppet,
its prerequisites, and an init script (/etc/init.d/puppetmaster) for running a test-quality puppet master server.
3. Install Puppet on Agent Nodes
On your other nodes, run sudo apt-getinstall puppet. This will install Puppet and an init
script (/etc/init.d/puppet) for running the puppet agent daemon.
For a standalone deployment,run sudo apt-get install puppet-common on
all nodes instead. This will install Puppet without the agent init script.
Post-Install
Perform the following tasks after you finish installing Puppet.
Configure Puppet
Puppet’s main configuration file is found at /etc/puppet/puppet.conf. See Configuring
Puppet for more details.
Most users should specify the following settings:
On Agent Nodes
Settings for agent nodes should go in the [agent] or [main] block
of puppet.conf.
· server:The
host name of your puppet master server. Defaults to puppet.
· report:Most
users should set this to true.
· pluginsync:
Most users should set this to true.
· certname:
The site wide unique identifier for this node. Defaults to the node’s fully qualified domain name, which is usually fine.
On Puppet Masters
Settings for puppet master servers should go in the [master] or [main] block
of puppet.conf.
Note: puppet masters are usually also agent nodes; settings in [main] will
be available to both services, and settings in the [master] and [agent] blocks
will override the settings in [main].
· dns_alt_names:A
list of valid host names for the master, which will be embedded in its certificate. Defaults to the puppet master’s certname and puppet,
which is usually fine. If you are using a non-default setting, set it before starting the puppet master for the first time.
OnStandalone Nodes
Settings for standalone puppet nodes should go in the [main] block
of puppet.conf.
Puppet’s default settings are generally appropriate for standalone nodes. No additional configuration is necessary unless you intend to use centralized reporting or an external node classifier.
Startand Enable the Puppet Services
Sign Node Certificates
In an agent/master deployment, an admin must approve a certificate request for each agent node before that node can fetch configurations. Agent nodes will request certificates the first time they attempt to run.
· Periodically log into the puppet master server and run sudo puppet cert list to view outstanding requests.
· Agent node will request the ssl connection at the first try.
#puppet agent --no-daemonize --onetime --verbose --debug --server=master-server· Puppet master server has to sign the client ssl request and setup the connection.
#puppet agent cert –sign puppet-client· Run sudo puppet cert sign<NAME> to sign a request, or sudo puppet cert sign--all to sign all pending requests.
· Check current client request status.
#puppet cert list –allthe request start with “+” means signed SLL.
An agent node whose request has been signed on the master will run normally on its next attempt.
Example: (Create a file at client server with “Hello Puppet!”content.)
1. Create file at server side.
#vim /etc/puppet/manifests/site.ppclasstest_class {
file { "/tmp/HelloPuppet.txt":
content => “Hello Puppet!”,
ensure => present,
mode => 644,
owner => root,
group => root
}
}
# tellpuppet on which client to run the class
node client {
include test_class
}2. On the client run the below cmd.
#puppet agent –test –server=master-server
The file with specified content has been created on client side.