How To Install Puppet Master-Agent on CentOS 7
What is Puppet?
Puppet, from Puppet Labs, is a configuration management tool that helps system administrators automate the provisioning, configuration, and management of a server infrastructure. Planning ahead and using config management tools like Puppet can cut down on time spent repeating basic tasks, and help ensure that your configurations are consistent and accurate across your infrastructure. Once you get the hang of managing your servers with Puppet and other automation tools, you will have more free time that can be used to improve other aspects of your setup.
Puppet comes in two varieties, Puppet Enterprise and open source Puppet. It runs on most Linux distributions, various UNIX platforms, and Windows.
How to install open source Puppet in an agent/master infrastructure on CentOS 7. In this setup, the Puppet master server—which runs the Puppet Server software—can be used to control all your other servers, or Puppet agent nodes. Note that we’ll be using the Puppet Server package, instead of Passenger or any other run time environment.
1. Root or Superuser access level to to both Puppet Master and Agent servers
2. Cent OS 7 OS
3. Ports open and firewall disable- SELINUX
The Puppet master must be reachable on port 8140.
Systems and Environments
initial Puppet environment will consist of:
- 1 x Puppet Enterprise Puppet Master with Hiera-based configuration
- 1 x Puppet Enterprise console server with Cloud Provisioner
- 1 x PuppetDB server
- A local Git repository for Puppet configuration
- A VMware platform (VMware vSphere >= 6.X and VMware vCenter)
Memory, CPU and Disk Space
Windows Server 2016
Windows Server 2012 R2
Centos 7 Server
Open SUSE 12 Server
DNS will be managed by AD
Because it acts as a certificate authority for agent nodes, the Puppet master server must maintain accurate system time to avoid potential problems when it issues agent certificates–certificates can appear to be expired if there are time discrepancies. We will use Network Time Protocol (NTP) for this purpose.
First, take a look at the available timezones with this command:
- timedatectl list-timezones
This will give you a list of the timezones available for your server. When you find the region/timezone setting that is correct for your server, set it with this command (substitute your preferred region and timezone):
- sudo timedatectl set-timezone UTC
Install NTP via yum with this command:
- sudo yum -y install ntp
Do a one-time time synchronization using the
- sudo ntpdate pool.ntp.org
It is common practice to update the NTP configuration to use “pools zones” that are geographically closer to your NTP server. In a web browser, go to the NTP Pool Project and look up a pool zone that is geographically close the datacenter that you are using. We will use the United States pool (http://www.pool.ntp.org/zone/us) in our example, because our servers are located in a New York datacenter.
ntp.conf for editing:
- sudo vi /etc/ntp.conf
Add the time servers from the NTP Pool Project page to the top of the file (replace these with the servers of your choice):
server 0.us.pool.ntp.org server 1.us.pool.ntp.org server 2.us.pool.ntp.org server 3.us.pool.ntp.org
Save and exit.
Start NTP to add the new time servers:
- sudo systemctl restart ntpd
Lastly, enable the NTP daemon:
- sudo systemctl enable ntpd
Now that our server is keeping accurate time, let’s install the Puppet Server software.
High-Level Implementation Tasks
Also based on the answers to our questions above, the high-level implementation tasks will be as follows:
- Install the Puppet Enterprise platform.
- Create a basic Hiera-based configuration.
- Configure and test Cloud Provisioner.
- Use what we have so far to try and create a realistic environment.
- Create a Git repository for Puppet configuration.
- Devise a plan for bringing existing hosts under Puppet control.
Note how these tasks correspond roughly to the chapters in this book? No coincidence there! We’ll have a quick overview of all these tasks, before giving each one its own dedicated chapter…
1. PE Platform Installation
We can split this into a number of sub-tasks:
- Identify or create three new CentOS 6 VMs.
- Install Puppet Master, Console and PuppetDB.
- Install Cloud Provisioner on the Console server.
- Document the installation.
|Hostname||OS||CPU Count||RAM||Disk Capacity|
|puppetmaster.mcp.local||64-bit CentOS 7||8||10 GB||80GB|
|puppetconsole.mcp.local||64-bit CentOS 7||2||6GB||80GB|
|puppetdb.mcp.local||64-bit CentOS 7||2||8GB||80GB|
The installation should be performed in this order:
|Install Step||Host Name||Puppet Enterprise Role|
|2||puppetdb.mcp.local||Database Support Role (PuppetDB)|
|4||puppetconsole.mcp(optional)||Cloud Provisioner Role(optional)|
The Agent Role should also be installed on all hosts.
We’re running on CentOS 7, so we need to download the tarball for RHEL-based systems.
|PE Version||OS Version||Tarball Location||File Size|
|3.0.1||x86_64 EL (RHEL, CentOS, Scientific Linux, Oracle Linux) 6||https://pm.puppetlabs.com/cgi-bin/download.cgi?ver=latest&dist=el&arch=x86_64&rel=7||236MB|
Note: If you prefer to download directly using curl, do this:
On each host, we unpack the tarball into /tmp, cd into the unpacked directory and run the installer script as root:
The installer will ask which roles should be installed. Any answers given during installation will be recorded in the answer file here: /etc/puppetlabs/installer/answers.install
To run the installation again using any of the answers below, save them to a file and run the installer again with the -A option. If any answers are missing, the installer will prompt for input.
Installing the Master
Installation answerfile for the Non-Prod Puppet Master:
Installation answerfile for the Non-Prod PuppetDB:
Installing PE Console and Cloud Provisioner
Installation answerfile for Console and Cloud Provisioner:
Puppet Enterprise Planning Architecture