How to install and configure Puppet in Master/Slave Configuration on CentOS7/RHEL7

How to install and configure Puppet in Master/Slave Configuration on CentOS7/RHEL7


Purpose – Installing and Configuring Puppet in Master/Slave Configuration on CentOS7/RHEL7

Here we are going to setup Puppet in Master/Slave configuration on RHEL7. If you are using RHEL7 and you do not have an active subscription enabled for
your account you can enable the below CentOS7 repositories on RHEL7 (STEP – 1) and use this OS for further installation and configuration.
This step is required as while installing Puppet server on RHEL7 without any subscription and repositories enabled it will fail on installing the required dependencies

If you are interested in watching the video. Here is the youtube video on the same step by step procedure.

Pre-requisites – 

We will be using two RHEL7 machines. Make sure that you have the IP address and Fully Qualified domain name of each of the servers properly
configured and each server is giving proper response from other server (i.e ping test)

Server machine – server.example.com
Client machine – desktop.example.com
Server IP – 192.168.0.101
Client IP – 192.168.0.1

Edit the host file on server to make sure that server IP address is resolvable to FQDN as ‘puppet’.

192.168.0.101 server.example.com server puppet
192.168.0.1 desktop.example.com

Step1. Enable the Centos Repos in RHEL 7 machine

[root@server yum.repos.d]# cat /etc/yum.repos.d/centos.repo
#CentOS repository
[centos]
name=CentOS 7 Repository
baseurl=http://ftp.heanet.ie/pub/centos/7/os/x86_64
gpgcheck=0
enabled=1

Note – This step is only required if you are installing on RHEL7 OS

Step2: Install Puppet master on server machine

Here we will be first downloading/installing the puppet opensource package repository and then installing the puppet server (server.example.com) as shown below.

sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm
sudo yum -y install puppetserver

a. Update the memory allocation for puppet master

Puppetserver is by default configured to use 2GB memory. If you system is configured to provide that much of memory you can update java max and min arguments
in the following file after puppet server installation

sudo vi /etc/sysconfig/puppetserver
JAVA_ARGS=”-Xms512m -Xmx512m”

b. Start and enable the puppet server

Once puppetserver is installed and configured to used 512MB of memory you can start the puppetserver and enable the service.

sudo systemctl start puppetserver
sudo systemctl enable puppetserver

Step3: Install Puppet agent on desktop or client machine (desktop.example.com) and run the puppet agent as a service

Here we will be first downloading/installing the puppet opensource package repository and then installing the puppet agent on client node as shown below.
Please note that the opensource repository that we use to fetch the server and client package is the same.

sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm
sudo yum -y install puppet-agent

Step4: Start and enable the puppet agent on client node.

sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true

Step5: Configure certificates on both server and desktop

On server machine – server.example.com edit the file to include the below information
sudo vi /etc/puppetlabs/puppet/puppet.conf
[master]
dns_alt_names = server.example.com,server,puppet
[main]
certname = server.example.com
server = server.example.com
environment = production
runinterval = 1h

On client machine – desktop.example.com edit the file to include the below information

sudo vi /etc/puppetlabs/puppet/puppet.conf

[main]
certname = desktop.example.com
server = server.example.com
environment = production
runinterval = 1h

Step6: Open firewall port from server for desktop to connect.

This is required as the puppetserver is configured to listen on 8140 TCP port for connection.

sudo firewall-cmd –permanent –zone=public –add-port=8140/tcp
sudo firewall-cmd –reload

Step7: Sign the client certificates from the server.example.com machine

This is will sign the client certificate and register the client as a node in the puppet master.

sudo /opt/puppetlabs/bin/puppet cert sign –all

Step8: Restart the puppet server and puppet agent

sudo systemctl restart puppetserver – Run on server machine
sudo systemctl restart puppet – Run on desktop machine

Step9: Verify puppet client by running the below on desktop.example.com machine

sudo /opt/puppetlabs/bin/puppet agent –test  –noop
[root@desktop1 ~]# /opt/puppetlabs/bin/puppet agent –test  –noop
Info: Using configured environment ‘production’
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Applying configuration version ‘1489053135’
Notice: Applied catalog in 0.05 seconds
You have new mail in /var/spool/mail/root

Step10: Log file locations for checking any information or errors.

These are the default location which are preconfigured in the puppet master configuration for logging.

cd /var/log/puppetlabs/puppetserver/*.log
cd /var/log/puppetlabs/puppet/*.log

Hope you enjoyed reading this article. Thank you.