Install Puppet Master and Agent on Ubuntu 20.04|18.04

This is a guide on how to install Puppet Master and Agent on Ubuntu 20.04|18.04 Linux system. Puppet is a configuration management tool written in Ruby and C++ that helps you automate configurations and deployments of applications across hundreds to thousands of systems. The software is under Apache License.

Puppet run on Linux, Unix, and Windows environments. As of this writing, the latest release of Puppet is 7.2

Puppet Server / Client Architecture

Puppet uses Client/Server model. The server does all the automation of tasks on systems that have a client application installed. The work of the Puppet agent is to send facts to the puppet master and request a catalog based on certain interval level. Once it receives a catalog, Puppet agent applies it to the node by checking each resource the catalog describes. It makes relevant changes to attain the desired state.

The work of the Puppet master is to control configuration information. Each managed agent node requests its own configuration catalog from the master.

What is a Catalog in Puppet?

A catalog is a document that describes the desired system state for one specific system. It lists all of the resources that need to be managed, as well as any dependencies between those resources.

Puppet is able to configure end systems in two stages:

1. Compile a catalog.
2. Apply the catalog.

Puppet Master — Agent Communication

The communication between the Puppet agent and master servers is over an encrypted tunnel (HTTPS) with client verification. By using configuration management systems like Puppet, as a Sysadmin, you get to focus on production tasks by removing all manual repetitive tasks.

Installing Puppet Master on Ubuntu 20.04|18.04

Let’s now dive to the installation process for Puppet master on Ubuntu 20.04|18.04. My Lab environment is as below:

Puppet Master:

Hostname: puppetmaster

IP Address: 192.168.1.2

Puppet Agent ( For Testing ):

Hostname: puppetclient

IP Address: 192.168.1.3

Setup Prerequisites

One of the key requirements of the Puppet master is network time synchronization. We will ensure we have correct timezone set on the Puppet master server as well as working NTP service. We will later configure Agent nodes to sync their time with the Puppet Master,

Step 1: Set correct timezone

Ubuntu 18.04+ ships with timedatectl command line tool that you can use to set the correct timezone on your server. Use it like below, replacing “Africa/Nairobi” with your correct timezone.

sudo timedatectl set-timezone Africa/Nairobi

Confirm the change using:

$ timedatectl

                      Local time: Wed 2019-10-30 08:33:53 EAT

                  Universal time: Wed 2019-10-30 05:33:53 UTC

                        RTC time: Wed 2019-10-30 05:33:54

                       Time zone: Africa/Nairobi (EAT, +0300)

       System clock synchronized: yes

systemd-timesyncd.service active: yes

                 RTC in local TZ: no

Step 2: Set server hostname

Use the hostnamectl command to set server hostname

export HOST_NAME="puppetmaster"

sudo hostnamectl set-hostname $HOST_NAME

Login again and confirm new hostname

$ hostname

puppetmaster

Add correct hostnames and IP addresses we’ll use later to /etc/hosts file.

$ sudo vim /etc/hosts

[puppet-master-ip] puppetmaster puppet

[puppet-client-ip] puppetclient

Step 2: Set Chrony NTP server

Install ntp package:

sudo apt remove ntp

sudo apt -y install chrony

If you would like to restrict which systems can use your ntp server, add a line like below to /etc/chrony/chrony.conf:

$ sudo vim /etc/chrony/chrony.conf

restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

Replace 192.168.1.0 with your trusted network.

The restart ntp service:

sudo systemctl restart chronyd

Check ntp status:

$ sudo chronyc sources

210 Number of sources = 8

MS Name/IP address         Stratum Poll Reach LastRx Last sample

===============================================================================

^* chilipepper.canonical.com     2   6    17     2   +991us[ +836us] +/-   57ms

^+ pugot.canonical.com           2   6    17     2  +1049us[+1049us] +/-   61ms

^+ golem.canonical.com           2   6    17     3   +153us[-2656ns] +/-   63ms

^+ alphyn.canonical.com          2   6    17     3   +589us[ +433us] +/-   66ms

^+ pool-71-168-219-127.cmdn>     1   6    17     3  +1249us[+1093us] +/-   54ms

^+ smtp.us.naz.com               2   6    17     3  -2583us[-2738us] +/-   67ms

^+ mail.masters-of-cloud.de      2   6    17     2  +1293us[+1137us] +/-   49ms

^+ ns4.turbodns.co.uk            2   6    17     2  +4616us[+4460us] +/-  103ms

Install Puppet Master on Ubuntu 20.04|18.04

Now that all prerequisites are met, proceed to download PuppetLabs repository for Ubuntu and install Puppet master on the server.

Ubuntu 20.04:

sudo apt update

curl -O https://apt.puppet.com/puppet-release-focal.deb

sudo apt install ./puppet-release-focal.deb

Ubuntu 18.04:

sudo apt update

sudo apt install wget

curl -O https://apt.puppet.com/puppet6-release-bionic.deb

sudo apt install ./puppet6-release-bionic.deb

Update apt index and install puppet master:

sudo apt update

sudo apt install puppetserver

Agree to start the installation:

...

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following additional packages will be installed:

  ca-certificates-java fontconfig-config fonts-dejavu-core java-common libavahi-client3 libavahi-common-data libavahi-common3 libcups2 libfontconfig1

  libjpeg-turbo8 libjpeg8 liblcms2-2 libnspr4 libnss3 libpcsclite1 libxi6 libxrender1 libxtst6 net-tools openjdk-8-jre-headless puppet-agent x11-common

Suggested packages:

  default-jre cups-common liblcms2-utils pcscd libnss-mdns fonts-dejavu-extra fonts-ipafont-gothic fonts-ipafont-mincho fonts-wqy-microhei fonts-wqy-zenhei

  fonts-indic

The following NEW packages will be installed:

  ca-certificates-java fontconfig-config fonts-dejavu-core java-common libavahi-client3 libavahi-common-data libavahi-common3 libcups2 libfontconfig1

  libjpeg-turbo8 libjpeg8 liblcms2-2 libnspr4 libnss3 libpcsclite1 libxi6 libxrender1 libxtst6 net-tools openjdk-8-jre-headless puppet-agent puppetserver

  x11-common

0 upgraded, 23 newly installed, 0 to remove and 66 not upgraded.

Need to get 118 MB of archives.

After this operation, 329 MB of additional disk space will be used.

Do you want to continue? [Y/n] y

Confirm the installed version of Puppet:

$ apt policy puppetserver

puppetserver:

  Installed: 7.2.0-1focal

  Candidate: 7.2.0-1focal

  Version table:

 *** 7.2.0-1focal 500

        500 http://apt.puppetlabs.com focal/puppet amd64 Packages

        500 http://apt.puppetlabs.com focal/puppet all Packages

        100 /var/lib/dpkg/status

....

Start and enable puppetserver service

sudo systemctl start puppetserver.service

sudo systemctl enable puppetserver.service

On Ubuntu, the service should be started automatically:

$ systemctl status puppetserver.service 

systemctl status puppetserver

● puppetserver.service - puppetserver Service

     Loaded: loaded (/lib/systemd/system/puppetserver.service; enabled; vendor preset: enabled)

     Active: active (running) since Mon 2021-06-28 14:31:27 EAT; 33s ago

   Main PID: 6131 (java)

      Tasks: 45 (limit: 4915)

     Memory: 968.2M

     CGroup: /system.slice/puppetserver.service

             └─6131 /usr/bin/java -Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger -XX:OnOutOfMemoryError="kill -9 %p" -XX:ErrorFi>



Jun 28 14:31:07 puppet-server.computingpost.com systemd[1]: Starting puppetserver Service...

Jun 28 14:31:27 puppet-server.computingpost.com systemd[1]: Started puppetserver Service.

Configure Puppet Master on Ubuntu 20.04|18.04

After the Puppet master server has been installed, it is time to start the configuration. It is recommended to change Puppet Java process memory allocation Infrastructure size. I’ll assign my Puppet server 1gb of ram. This is done by editing environment file located on /etc/default/puppet-master

$ sudo vim /etc/default/puppetserver

JAVA_ARGS="-Xms1024m -Xmx1024m"

Restart puppet server process after making the change.

sudo systemctl restart  puppetserver

Configure Firewall:

If you have a firewall on your Ubuntu system, you need to open port 8140 which is used by the Puppet master service. Run the following commands to allow port on the firewall:

sudo ufw allow 8140/tcp

Configure PATH Environment

Add below lines in your bashrc file:

$ vim ~/.bashrc

 export PATH=$PATH:/opt/puppetlabs/bin

Source the ~/.bashrc file:

source ~/.bashrc

Confirm your current PATH settings:

$ echo $PATH

/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/opt/puppetlabs/bin

Install Puppet Agent on Managed Nodes

On the nodes to be automated with Puppet install puppet Agent:

Ubuntu 20.04:

sudo apt update

curl -O https://apt.puppet.com/puppet-release-focal.deb

sudo apt install ./puppet-release-focal.deb

sudo apt update

sudo apt install  puppet-agent

Ubuntu 18.04:

sudo apt update

sudo apt install wget

curl -O https://apt.puppet.com/puppet6-release-bionic.deb

sudo apt install ./puppet6-release-bionic.deb

sudo apt update

sudo apt install  puppet-agent

Open the /etc/hosts file and set name for the server and this agent:

$ sudo vim /etc/hosts 

[puppet-master-ip] puppetmaster puppet

[puppet-client-ip] puppetclient

Edit Puppet Agent configuration file and add Master server DNS alternative names:

$ sudo vim /etc/puppetlabs/puppet/puppet.conf

[server]

vardir = /opt/puppetlabs/server/data/puppetserver

logdir = /var/log/puppetlabs/puppetserver

rundir = /var/run/puppetlabs/puppetserver

pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid

codedir = /etc/puppetlabs/code

dns_alt_names=puppetmaster,puppetserver

Also configure main section like below:

$ sudo vim /etc/puppetlabs/puppet/puppet.conf

[main]

server = puppetmaster

certname = puppetclient

environment = production

runinterval = 1h

Now start the Puppet service:

sudo systemctl start puppet

sudo systemctl enable puppet

On the Puppet Master Node list all the available certificates:

$ sudo /opt/puppetlabs/bin/puppetserver ca list --all

Signed Certificates:

    puppetmaster       (SHA256)  88:75:01:73:8A:CE:50:1D:A1:55:6F:00:47:5C:0B:87:F5:AD:5E:B8:7F:70:F6:A7:7F:C4:92:67:35:07:3E:32	alt names: ["DNS:puppetmaster", "DNS:puppetmaster", "DNS:puppetserver", "DNS:puppetmaster"]	authorization extensions: [pp_cli_auth: true]

    puppetclient       (SHA256)  71:80:13:23:4F:30:18:32:05:01:80:52:F7:C2:48:BE:7B:89:AE:E6:DD:87:C4:6B:4C:4F:07:47:7D:D8:14:A2	alt names: ["DNS:puppet", "DNS:puppetclient"]	authorization extensions: [pp_cli_auth: true]

Sign any pending certificate:

sudo /opt/puppetlabs/bin/puppetserver ca sign --all

The Puppet Master should now be able to communicate with agent node and to control it. Confirm by running below command on the agent:

$ sudo /opt/puppetlabs/bin/puppet agent --test

Info: Using configured environment 'production'

Info: Retrieving pluginfacts

Info: Retrieving plugin

Info: Caching catalog for puppetmaster

Info: Applying configuration version '1624883476'

Notice: Applied catalog in 0.01 seconds

Add Puppet Binary folder to $PATH

Puppet binaries are located in /opt/puppetlabs/bin. This directory by default is not in your $PATH. As can be confirmed with:

$ ls /opt/puppetlabs/bin/

facter  hiera  puppet  puppetserver



$ which puppet

/usr/bin/which: no puppet in (/home/vagrant/.local/bin:/home/vagrant/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)

Add it to PATH:

$ vim ~/.bashrc

export PATH=$PATH:/opt/puppetlabs/bin



$ source ~/.bashrc

$ which puppet

/opt/puppetlabs/bin/puppet

Enjoy automating your infrastructure management and applications deployment with Puppet configuration management tool.

https://www.computingpost.com/install-puppet-master-and-agent-on-ubuntu-20-0418-04/?feed_id=15268&_unique_id=63512dbf1d3fd