How To Install Puppet -Master and Agent on CentOS 7

How To Install Puppet Master-Agent on CentOS 7

 

What is Puppet?
Puppet, from Puppet Labs, is a configuration management tool that helps system administrators automate the provisioning, configuration, and management of a server infrastructure. Planning ahead and using config management tools like Puppet can cut down on time spent repeating basic tasks, and help ensure that your configurations are consistent and accurate across your infrastructure. Once you get the hang of managing your servers with Puppet and other automation tools, you will have more free time that can be used to improve other aspects of your setup.
Puppet comes in two varieties, Puppet Enterprise and open source Puppet. It runs on most Linux distributions, various UNIX platforms, and Windows.

Puppet Enterprise Platform

 

Scope/Requirement?
How to install open source Puppet  in an agent/master infrastructure  on CentOS 7. In this setup, the Puppet master server—which runs the Puppet Server software—can be used to control all your other servers, or Puppet agent nodes. Note that we’ll be using the Puppet Server package, instead of Passenger or any other run time environment.

Prerequisites
1. Root or Superuser access level to to both Puppet Master and Agent servers
2. Cent OS 7 OS
3. Ports open and firewall disable- SELINUX
The Puppet master must be reachable on port 8140.

Systems and Environments

initial Puppet environment will consist of:

  • 1 x Puppet Enterprise Puppet Master with Hiera-based configuration
  • 1 x Puppet Enterprise console server with Cloud Provisioner
  • 1 x PuppetDB server
  • A local Git repository for Puppet configuration
  • A VMware platform (VMware vSphere >= 6.X and VMware vCenter)

Memory, CPU and Disk Space

Puppet Clients
Windows 10
Windows Server 2016
Windows Server 2012 R2
Centos 7 Server
Open SUSE 12 Server
DNS will be managed by AD

Prerequisites Components

Install NTP

Because it acts as a certificate authority for agent nodes, the Puppet master server must maintain accurate system time to avoid potential problems when it issues agent certificates–certificates can appear to be expired if there are time discrepancies. We will use Network Time Protocol (NTP) for this purpose.

First, take a look at the available timezones with this command:

  • timedatectl list-timezones

This will give you a list of the timezones available for your server. When you find the region/timezone setting that is correct for your server, set it with this command (substitute your preferred region and timezone):

  • sudo timedatectl set-timezone UTC

Install NTP via yum with this command:

  • sudo yum -y install ntp

Do a one-time time synchronization using the ntpdate command:

  • sudo ntpdate pool.ntp.org

It is common practice to update the NTP configuration to use “pools zones” that are geographically closer to your NTP server. In a web browser, go to the NTP Pool Project and look up a pool zone that is geographically close the datacenter that you are using. We will use the United States pool (http://www.pool.ntp.org/zone/us) in our example, because our servers are located in a New York datacenter.

Open ntp.conf for editing:

  • sudo vi /etc/ntp.conf

Add the time servers from the NTP Pool Project page to the top of the file (replace these with the servers of your choice):

/etc/ntp.conf excerpt
server 0.us.pool.ntp.org
server 1.us.pool.ntp.org
server 2.us.pool.ntp.org
server 3.us.pool.ntp.org

Save and exit.

Start NTP to add the new time servers:

  • sudo systemctl restart ntpd

Lastly, enable the NTP daemon:

  • sudo systemctl enable ntpd

Now that our server is keeping accurate time, let’s install the Puppet Server software.

High-Level Implementation Tasks

Also based on the answers to our questions above, the high-level implementation tasks will be as follows:

  1. Install the Puppet Enterprise platform.
  2. Create a basic Hiera-based configuration.
  3. Configure and test Cloud Provisioner.
  4. Use what we have so far to try and create a realistic environment.
  5. Create a Git repository for Puppet configuration.
  6. Devise a plan for bringing existing hosts under Puppet control.

Note how these tasks correspond roughly to the chapters in this book? No coincidence there! We’ll have a quick overview of all these tasks, before giving each one its own dedicated chapter…

1. PE Platform Installation

We can split this into a number of sub-tasks:

  • Identify or create three new CentOS 6 VMs.
  • Install Puppet Master, Console and PuppetDB.
  • Install Cloud Provisioner on the Console server.
  • Document the installation.
Hostname OS CPU Count RAM Disk Capacity
puppetmaster.mcp.local 64-bit CentOS 7 8 10 GB 80GB
puppetconsole.mcp.local 64-bit CentOS 7 2 6GB 80GB
puppetdb.mcp.local 64-bit CentOS 7 2 8GB 80GB

Installation Sequence

The installation should be performed in this order:

Install Step Host Name Puppet Enterprise Role
1 puppetmaster.mcp.local Master Role
2 puppetdb.mcp.local Database Support Role (PuppetDB)
3 puppetconsole.mcp.local Console Role
4 puppetconsole.mcp(optional) Cloud Provisioner Role(optional)

The Agent Role should also be installed on all hosts.

Tarball Download

We’re running on CentOS 7, so we need to download the tarball for RHEL-based systems.

PE Version OS Version Tarball Location File Size
3.0.1 x86_64 EL (RHEL, CentOS, Scientific Linux, Oracle Linux) 6 https://pm.puppetlabs.com/cgi-bin/download.cgi?ver=latest&dist=el&arch=x86_64&rel=7 236MB

Note: If you prefer to download directly using curl, do this:

curl -L -o pe-latest.tgz 'https://pm.puppetlabs.com/cgi-bin/download.cgi?ver=latest&dist=el&arch=x86_64&rel=6'

On each host, we unpack the tarball into /tmp, cd into the unpacked directory and run the installer script as root:

$ sudo ./puppet-enterprise-installer

The installer will ask which roles should be installed. Any answers given during installation will be recorded in the answer file here: /etc/puppetlabs/installer/answers.install

To run the installation again using any of the answers below, save them to a file and run the installer again with the -A option. If any answers are missing, the installer will prompt for input.

$ sudo ./puppet-enterprise-installer -A <ANSWER FILE>

Installing the Master

Installation answerfile for the Non-Prod Puppet Master:

q_all_in_one_install=n
q_database_install=n
q_install=y
q_pe_database=n
q_puppet_cloud_install=n
q_puppet_enterpriseconsole_install=n
q_puppet_symlinks_install=y
q_puppetagent_certname=puppetmaster-mcp.local
q_puppetagent_install=y
q_puppetagent_server=puppetmaster.mcp.local
q_puppetdb_hostname=puppetdb-mcp.local
q_puppetdb_install=n
q_puppetdb_port=8081
q_puppetmaster_certname=puppetmaster-mcp.local
q_puppetmaster_dnsaltnames=puppetmaster,puppetmaster.mcp.local
q_puppetmaster_enterpriseconsole_hostname=puppetconsole-mcp.local
q_puppetmaster_enterpriseconsole_port=443
q_puppetmaster_install=y
q_run_updtvpkg=n
q_vendor_packages_install=y

Installation complete:

------------------------------------------------------------------------
STEP 4: DONE
Thanks for installing Puppet Enterprise!

Puppet Enterprise has been installed to "/opt/puppet," and its
configuration files are located in "/etc/puppetlabs".

## Answers from this session saved to
'/tmp/puppet-enterprise-3.0.1-el-6-x86_64/answers.lastrun.puppetmaster.mcp.local'
========================================================================

If you have a firewall running, please ensure the following TCP ports
are open: 8140, 61613

If you have a firewall running, please ensure outbound connections to
are allowed via the following TCP ports: 443, 8081

NOTICE: This system has 3832 MB of memory, which is below the 4 GB we
recommend for the puppet master role. Although this node will be a
fully functional puppet master, you may experience poor performance
with large numbers of nodes. You can improve the puppet master's
performance by increasing its memory.

========================================================================

Installing PuppetDB

Installation answerfile for the Non-Prod PuppetDB:

q_all_in_one_install=n
q_database_host=puppetdb.mcp.local
q_database_install=y
q_database_port=5432
#q_database_root_password=REDACTED
q_database_root_user=pe-postgres
q_fail_on_unsuccessful_master_lookup=y
q_install=y
q_pe_database=y
q_puppet_cloud_install=n
q_puppet_enterpriseconsole_auth_database_name=console_auth
#q_puppet_enterpriseconsole_auth_database_password=REDACTED
q_puppet_enterpriseconsole_auth_database_user=console_auth
q_puppet_enterpriseconsole_database_name=console
#q_puppet_enterpriseconsole_database_password=REDACTED
q_puppet_enterpriseconsole_database_user=console
q_puppet_enterpriseconsole_install=n
q_puppet_symlinks_install=y
q_puppetagent_certname=puppetdb.mcp.local
q_puppetagent_install=y
q_puppetagent_server=puppetmaster.mcp.local
q_puppetdb_database_name=pe-puppetdb
#q_puppetdb_database_password=REDACTED
q_puppetdb_database_user=pe-puppetdb
q_puppetdb_hostname=puppetdb.mcp.local
q_puppetdb_install=y
q_puppetdb_port=8081
q_puppetmaster_certname=puppetmaster.mcp.local
q_puppetmaster_install=n
q_run_updtvpkg=n
q_vendor_packages_install=n

Installation complete:

------------------------------------------------------------------------
STEP 4: DONE
Thanks for installing Puppet Enterprise!
Puppet Enterprise has been installed to "/opt/puppet," and its
configuration files are located in "/etc/puppetlabs".

## Answers from this session saved to
'/tmp/puppet-enterprise-3.0.1-el-6-x86_64/answers.lastrun.puppetdb.mcp.local'

## In addition, auto-generated database users and passwords have been saved to
"/etc/puppetlabs/installer/database_info.install"

!!! WARNING: Do not discard these files! All auto-generated database users
and passwords have been saved in them. You will need this information
to configure the console role during installation.

========================================================================
If you have a firewall running, please ensure the following TCP ports
are open: 5432, 8081

If you have a firewall running, please ensure outbound connections to
are allowed via the following TCP ports: 8140, 61613

NOTICE: This system has 3832 MB of memory, which is below the 4 GB we
recommend for the PuppetDB role. Although this node will be a fully
functional PuppetDB, you may experience poor performance with large
numbers of nodes. You can improve PuppetDB's performance by increasing
its memory.

Use this guideline to determine the amount of memory required for the
number of nodes installed.

NODES | MEMORY
------------------------------
1 - 100 | 192 - 512 MB
100 - 500 | 512 - 1024 MB
500 - 1000 | 1 - 2 GB
1000 - 2000 | 2 - 4 GB
> 2000 | 4 GB or greater
========================================================================

Installing PE Console and Cloud Provisioner

Installation answerfile for Console and Cloud Provisioner:

q_all_in_one_install=n
q_database_host=puppetdb.mcp.local
q_database_install=n
q_database_port=5432
q_fail_on_unsuccessful_master_lookup=y
q_install=y
q_pe_database=n
q_puppet_cloud_install=y
q_puppet_enterpriseconsole_auth_database_name=console_auth
#q_puppet_enterpriseconsole_auth_database_password=REDACTED
q_puppet_enterpriseconsole_auth_database_user=console_auth
#q_puppet_enterpriseconsole_auth_password=REDACTED
q_puppet_enterpriseconsole_auth_user_email=richard.pham@itsysintegration.net
q_puppet_enterpriseconsole_database_name=console
#q_puppet_enterpriseconsole_database_password=REDACTED
q_puppet_enterpriseconsole_database_user=console
q_puppet_enterpriseconsole_httpd_port=443
q_puppet_enterpriseconsole_install=y
q_puppet_enterpriseconsole_master_hostname=puppetmaster.mcp.local
q_puppet_enterpriseconsole_smtp_host= smtp.1and1.com
#q_puppet_enterpriseconsole_smtp_password=REDACTED
q_puppet_enterpriseconsole_smtp_port=25
q_puppet_enterpriseconsole_smtp_use_tls=n
q_puppet_enterpriseconsole_smtp_user_auth=n
q_puppet_enterpriseconsole_smtp_username=
q_puppet_symlinks_install=y
q_puppetagent_certname=puppetconsole.mcp.local
q_puppetagent_install=y
q_puppetagent_server=puppetmaster.mcp.local
q_puppetca_install=n
q_puppetdb_database_name=pe-puppetdb
#q_puppetdb_database_password=REDACTED
q_puppetdb_database_user=pe-puppetdb
q_puppetdb_hostname=puppetdb.mcp.local
q_puppetdb_install=n
q_puppetdb_port=8081
q_puppetmaster_enterpriseconsole_hostname=localhost
q_puppetmaster_install=n
q_run_updtvpkg=n
q_vendor_packages_install=y

Installation complete:

------------------------------------------------------------------------
STEP 4: DONE
Thanks for installing Puppet Enterprise!

Puppet Enterprise has been installed to "/opt/puppet," and its
configuration files are located in "/etc/puppetlabs".

## Answers from this session saved to
'/tmp/puppet-enterprise-3.0.1-el-6-x86_64/answers.lastrun.puppetconsole.mcp.local'
========================================================================
The console can be reached at the following URI:
* https://puppetconsole.mcp.local

If you have a firewall running, please ensure the following TCP ports
are open: 443

If you have a firewall running, please ensure outbound connections to
are allowed via the following TCP ports: 8140, 61613, 5432

Reference
Puppet Enterprise Planning Architecture
http://puppetlunch.com/puppet/planning.html

Puppet Enterprise Installation
Puppet Enterprise Installation Overview


Leave a Reply

Your email address will not be published. Required fields are marked *