Now that CentOS 8 & RHEL 8 Linux distributions are available for production use, how can one Install Puppet Master & Puppet Agent on CentOS 8 / RHEL 8?. Puppet is one of the leading, widely adopted Automation and configuration management engine for Linux, Unix and Windows systems. Puppet uses an agent-master or the client-server architecture, but self-contained architecture can be done.

Puppet allows you to automate how your teams enforce state, secure, and deliver infrastructure faster. If it takes you days to add users to the system, install packages required by Developers, or update server configurations to match desired state, then welcome to Puppet.

Puppet server and Agent packages are distributed on a YUM repository, that is supported and updated by Puppet. Use our guide to install Puppet Master & Puppet Agent on CentOS 8 / RHEL 8 Linux system.

Setup requirements

These are the minimum hardware requirements.

  • 2 CentOS 8 / RHEL 8 Linux distributions – Master & Agent
  • 4GB of RAM on Master
  • 2vcpus on Master
  • At least 10GB disk space
  • sudo access

Once you’ve satisfied the hardware and software requirements, follow the steps below to install Puppet on RHEL 8 / CentOS 8.

Step 1: Update System

Start the setup from an updated Linux system.

sudo dnf -y update

As Kernel updates are sometimes installed when upgrade is done, it is a good practice to reboot your machine.

sudo reboot

Step 2: Add Puppet YUm repository

We’ll install Puppet packages from the project official YUM repository. I’ll add EPEL repository and Puppet repository.

sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf -y install https://yum.puppetlabs.com/puppet-release-el-8.noarch.rpm

Step 3: Install Puppet Master on CentOS 8 / RHEL 8

The package installed on Puppet Master/Server machine is different from the one installed on the Managed Nodes(Agent). The package required on Puppet Master nodes is puppetserver. Install this package by running the command below:

sudo dnf -y install puppetserver

Required dependencies such as Java will be installed automatically.

After installation, don’t start the services, just open service port on the firewall.

sudo firewall-cmd --add-port=8140/tcp --permanent
sudo firewall-cmd --reload

Step 4: Configure a Puppet Master Server on CentOS 8 / RHEL 8

After you’ve installed Puppet on Master Server(s), the configuration can be done.

Set proper server hostname:

sudo hostnamectl set-hostname puppetmaster.computingforgeeks.com --static
sudo hostnamectl set-hostname puppetmaster.computingforgeeks.com --transient
logout

Add server hostname and IP to /etc/hosts file.

$ sudo vi /etc/hosts
10.10.1.152 puppetmaster.computingforgeeks.com  puppetmaster

Login and confirm hostname configuration.

$ hostnamectl 
   Static hostname: puppetmaster.computingforgeeks.com
         Icon name: computer-vm
           Chassis: vm
        Machine ID: c0d6dc5d688e4304baca26862df123cc
           Boot ID: f3b99e71ee7743c8b9a67df4c82fa364
    Virtualization: kvm
  Operating System: CentOS Linux 8 (Core)
       CPE OS Name: cpe:/o:centos:centos:8
            Kernel: Linux 4.18.0-80.7.1.el8_0.x86_64
      Architecture: x86-64

Set Correct time / NTP

Set timezone.

sudo timedatectl set-timezone Africa/Nairobi

Then configure NTP.

How to Configure NTP Client Using Chrony on RHEL 8 / CentOS 8

Set Memory Limits

The default memory memory allocation for Puppet Java process is 2gb, this can be changed on the /etc/sysconfig/puppetserver file. Replace 2g with the amount of memory you want to allocate to Puppet Server.

Example below sets limit to 1GB.

$ sudo vi /etc/sysconfig/puppetserver
......
JAVA_ARGS="-Xms1g -Xmx1g ...."

Set Puppet Master DNS names

When you create the puppet master’s certificate, you must include every DNS name at which agent nodes might try to contact the master.

Add the dns_alt_names line under [master] block section.

$ sudo vi /etc/puppetlabs/puppet/puppet.conf

[master]
dns_alt_names = puppetmaster,puppetmaster.computingforgeeks.com,puppetmaster01
.....

Add the [main] section with servername and default environment.

[main]
certname = puppetmaster.computingforgeeks.com
server = puppetmaster.computingforgeeks.com
environment = production

Create the CA certificate and the puppet master certificate

After updating DNS names, run the command below to generate the CA certificate and puppet master certificates with the appropriate DNS names.

$ sudo su -
# puppetserver ca setup
Generation succeeded. Find your files in /etc/puppetlabs/puppet/ssl/ca

Start and set puppetserver service to start at system startup.

sudo systemctl enable --now puppetserver

If installation and configuration was done right, the service should be started.

$ systemctl status puppetserver
 ● puppetserver.service - puppetserver Service
    Loaded: loaded (/usr/lib/systemd/system/puppetserver.service; enabled; vendor preset: disabled)
    Active: active (running) since Fri 2019-10-04 13:03:25 EAT; 1min 3s ago
   Process: 10126 ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start (code=exited, status=0/SUCCESS)
  Main PID: 10135 (java)
     Tasks: 39 (limit: 4915)
    Memory: 680.6M
    CGroup: /system.slice/puppetserver.service
            └─10135 /usr/bin/java -Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger -XX:OnOutOfMemoryError=kill -9 %p>
 Oct 04 13:02:56 puppetmaster.computingforgeeks.com systemd[1]: Starting puppetserver Service…
 Oct 04 13:03:25 puppetmaster.computingforgeeks.com systemd[1]: Started puppetserver Service.

Step 4: Configure a Puppet Agent on CentOS 8 / RHEL 8

On your second server – Machine to be managed, install Puppet Agent.

sudo dnf -y install https://yum.puppetlabs.com/puppet-release-el-8.noarch.rpm
sudo dnf -y install puppet-agent
logout

Add Puppet server DNS name and IP to /etc/hosts file.

$ sudo vi /etc/hosts
10.10.1.152 puppetmaster.computingforgeeks.com  puppetmaster

Configure Puppet Agent

Add the [main] section with servername and default environment.

[main]
certname = puppet-agent.novalocal
server = puppetmaster.computingforgeeks.com
environment = production

Check connection from Agent to puppet master.

$ puppet agent --test --ca_server=puppetmaster.computingforgeeks.com

Your output should look similar to below.

Login to the Master server and accept certificate from Puppet Client.

# puppetserver ca list 
Requested Certificates:
    puppet-agent.novalocal   (SHA256)  21:81:3B:11:7A:A7:9D:37:21:5C:23:91:60:5D:CF:BB:4F:BC:61:1E:C8:9F:28:5F:93:53:D2:A6:31:21:B7:27

Sign the certificate.

# puppetserver ca sign --certname puppet-agent.novalocal
Successfully signed certificate request for puppet-agent.novalocal

# puppetserver ca list
No certificates to list

Step 5: Create Test Manifest on Puppet Master

Create a new puppet file.

sudo vi /etc/puppetlabs/code/environments/production/manifests/mytest.pp

Add below contents.

package { 'nginx':
    provider => yum,
    ensure   => installed,
}

file { '/tmp/mypuppettest.txt':
    ensure  => file,
    content => 'This is my puppet testing file.',
}

On the client, run:

sudo systemctl restart puppet

It is possible to run puppet manifest locally.

# puppet apply /etc/puppetlabs/code/environments/production/manifests/mytest.pp
Notice: Compiled catalog for puppetmaster.computingforgeeks.com in environment production in 0.41 seconds
Notice: /Stage[main]/Main/Package[nginx]/ensure: created
Notice: Applied catalog in 3.95 seconds

You have installed Puppet Master & Configured Puppet agent on a CentOS / RHEL Linux server. Read more on Puppet Documentation to get all the skills needed to manage Puppet Server and all your Infrastructure automation.

Related guides:

Install Ansible on RHEL / CentOS 8

Install Chef Server on RHEL / CentOS 8

Install Chef Workstation on RHEL / CentOS 8

Automate simple repetitive tasks with Ansible

Getting started with Chef Knife and Cookbooks