Puppet is the most well-known configuration management tool in the DevOps world and used by systems administrators to centrally manage large numbers of servers and computer systems. There are several Puppet quickstart guides online. However, these guides are unnecessarily long and complicated in my opinion. For example, an administrator learning Puppet for the first time can download and run the Puppet Learning virtual machine image. Once downloaded, the admin can then learn how to configure Puppet by using a GUI interface. However, when the admin starts using Puppet for real they discover the GUI interface is only on the paid version. As a result, the admin must configure everything by editing text files. To me such setup guidelines seem unnecessarily complicated as a beginner would likely not buy the premium version before testing the software.
Here’s a less complicated setup that includes steps to get Puppet up and running in record time on two separate Ubuntu 16.04 LTS machines. One machine will act as the puppet master and the other as the client. You will need to be root to run all of these commands.
How to Quickly Setup Puppet on Two Linux Machines.
Step 1 – On the machine you want to act as the puppet master install the puppetmaster package.
root@puppetmaster:~# apt-get install puppetmaster
Step 2 – On the other machine install the puppet client.
root@puppetclient:~# apt-get install puppet
Step 3 – Still in the client machine, edit the /etc/puppet/puppet.conf file, and add this line under the [main] section.
server=FQDN or ip address of puppet master
Step 4 – Save the file, and then enable the puppet agent back at the command line.
root@puppet:~# puppet agent –enable
Step 5 – Run the puppet agent. It will attempt to communicate with the puppet master.
root@puppetclient:~# puppet agent -t Exiting; no certificate found and waitforcert is disabled
It may appear to have done nothing, but in the background it generated a certificate request.
Step 6 – Switch back to the puppet master where you will look for the cert.
root@puppetmaster:~# puppet cert list
Step 7 – If everything has gone well up to this point you should see a response similar to the following.
“puppetclient.localdomain” (SHA256) 05:0C:23:87:47:75:E1:70:7D:6A:5D:F7:18:EF:C9:3F:C3:F6:9C:CA:CB:90:F0:D9:65:16:86:D7:65:60:66:31
Step 8 – Sign the cert.
root@puppetmaster:~# puppet cert sign puppetclient.localdomain Notice: Signed certificate request for puppetclient.localdomain Notice: Removing file Puppet::SSL::CertificateRequest puppetclient.localdomain at '/var/lib/puppet/ssl/ca/requests/puppetclient.localdomain.pem'
The client and master should now be setup to communicate with each other.
Step 9 – Go back to the client to verify this by running the same command you ran last time.
root@puppetclient:~# puppet agent -t Info: Retrieving pluginfacts Info: Retrieving plugin Info: Caching catalog for puppetclient.localdomain Info: Applying configuration version '1469488836' Notice: Finished catalog run in 0.03 seconds
If you get an error complaining of a certificate mismatch, you can change the entry you made in /etc/puppet/puppet.config so that the server name matches what’s expected, and run the command again.
If you didn’t get any error message then congratulations, the puppet master and client are now in communication with each other. Success!
In part 2 I’ll wrap things up by showing you how to configure the puppet master so that you can centrally manage multiple servers. Feel free to contact me with any questions or check out our Cloud Services for relief of any configuration, production or scaling headaches.
Tony Fontanilla
Linux Administrator
SPK and Associates
