In this guide, we are going to install Puppet 7 Server Open Source in Ubuntu 22.04. We will set up a Puppet server and an agent and install Nginx using puppet manifests.
Puppet is a software configuration management tool which includes its own declarative language to describe system configuration. It is a model-driven solution that requires limited programming knowledge to use. Puppet operates in an agent-master architecture, in which a master node controls configuration information for a fleet of managed agent nodes.
Puppet is distributed in several packages. These include puppetserver, puppet-agent and puppetdb. Puppet Server controls the configuration information for one or more managed agent nodes. PuppetDB is where the data generated by Puppet is stored.
Related Content
Prerequisites
To follow along, ensure that you have:
- Updated Ubuntu 22.04 Puppet Server and Puppet Agent machine
- Root access to the servers
- Internet access from the server
- Knowledge of Linux terminal
Ensuring the servers are up to date
Before proceeding let us ensure that the server packages are up to date with the following command:
1
2
| sudo apt update
sudo apt upgrade -y
|
Set up Hostname
Puppet uses server hostnames to push manifests to the nodes. Connect to the puppet master.
The set up hostname:
1
| sudo hostnamectl set-hostname puppetmaster.citizix.com
|
Ensure the hostname has proper DNS record and also update /etc/hosts file.
Add this content:
1
| 10.20.5.51 puppetmaster.citizix.com puppetmaster
|
Confirm that the hostname reflects:
1
2
3
4
5
6
7
8
9
10
11
12
| $ sudo hostnamectl
Static hostname: puppetmaster.citizix.com
Icon name: computer-vm
Chassis: vm
Machine ID: ec231cbf3ee47ac3bd58ccb3c63b4f28
Boot ID: 4d8ec8cc4179435ebb3c2d6cc8845eb0
Virtualization: amazon
Operating System: Ubuntu 22.04.1 LTS
Kernel: Linux 5.15.0-1017-aws
Architecture: x86-64
Hardware Vendor: Amazon EC2
Hardware Model: t3.large
|
Confirm that you can reach
1
2
3
4
5
6
7
8
| $ ping puppetmaster
PING puppetmaster.citizix.com (127.0.1.1) 56(84) bytes of data.
64 bytes from puppetmaster.citizix.com (127.0.1.1): icmp_seq=1 ttl=64 time=0.018 ms
64 bytes from puppetmaster.citizix.com (127.0.1.1): icmp_seq=2 ttl=64 time=0.030 ms
^C
--- puppetmaster.citizix.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1008ms
rtt min/avg/max/mdev = 0.018/0.024/0.030/0.006 ms
|
Install Puppet Server
Enabling the Puppet platform repository makes the components needed for installation available on your system.
1
2
| curl -LO https://apt.puppet.com/puppet7-release-focal.deb
sudo dpkg -i ./puppet7-release-focal.deb
|
Puppet Server is a required application that runs on the Java Virtual Machine (JVM) on the primary server.
In addition to hosting endpoints for the certificate authority service, Puppet Server also powers the catalog compiler, which compiles configuration catalogs for agent nodes, using Puppet code and various other data sources.
In this section, you will install the puppetserver package and start the service.
Install the Puppet Server package
1
2
| sudo apt update
sudo apt install -y puppetserver
|
After the installation is complete, we need to configure the memory allocation for puppetserver. We will set the max memory allocation for puppetserver to 1GB.
Edit the puppetserver configuration using vim.
1
| sudo vim /etc/default/puppetserver
|
Now change the line as below, then save and exit.
1
| JAVA_ARGS="-Xms1g -Xmx1g ..."
|
Define Puppet Master FQDN and DNS alternative names:
1
| sudo vim /etc/puppetlabs/puppet/puppet.conf
|
Add the DNS settings under the [server] section.
1
2
3
4
5
6
7
| [server]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
dns_alt_names=puppetmaster.citizix,puppetmaster
|
Add main section. This is the puppet agent configs.
1
2
3
4
5
| [main]
certname = puppetmaster.citizix.com
server = puppetmaster.citizix.com
environment = production
runinterval = 30m
|
Starting and enabling puppet service
Once the in stallation and configuration is done, we can start the puppet server using this command:
1
| sudo systemctl start puppetserver
|
Check status of puppetserver service using this command:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| $ sudo systemctl status puppetserver
puppetserver.service - puppetserver Service
Loaded: loaded (/lib/systemd/system/puppetserver.service; disabled; vendor preset: enabled)
Active: active (running) since Thu 2022-08-18 20:08:25 UTC; 1min 16s ago
Process: 75738 ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start (code=exited, status=0/SUCCESS)
Main PID: 75799 (java)
Tasks: 44 (limit: 4915)
Memory: 738.7M
CPU: 56.177s
CGroup: /system.slice/puppetserver.service
└─75799 /usr/bin/java -Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger "-XX:OnOutOfMemoryError=kill -9 %p" -XX:ErrorFile=/var/lo>
Aug 18 20:07:39 puppetmaster.citizix.com systemd[1]: puppetserver.service: Killing process 75217 (java) with signal SIGKILL.
Aug 18 20:07:40 puppetmaster.citizix.com systemd[1]: puppetserver.service: Main process exited, code=killed, status=9/KILL
Aug 18 20:07:40 puppetmaster.citizix.com systemd[1]: puppetserver.service: Failed with result 'timeout'.
Aug 18 20:07:40 puppetmaster.citizix.com systemd[1]: Stopped puppetserver Service.
Aug 18 20:07:40 puppetmaster.citizix.com systemd[1]: puppetserver.service: Consumed 7.641s CPU time.
Aug 18 20:07:40 puppetmaster.citizix.com systemd[1]: Starting puppetserver Service...
Aug 18 20:07:55 puppetmaster.citizix.com puppetserver[75799]: WARNING: abs already refers to: #'clojure.core/abs in namespace: medley.core, being replaced by: #'medley.core>
Aug 18 20:08:25 puppetmaster.citizix.com systemd[1]: Started puppetserver Service.
|
Check if you installed the Puppet Server correctly, by running: puppetserver -v
1
2
| $ /opt/puppetlabs/bin/puppetserver -v
puppetserver version: 7.9.0
|
Now you can enable puppet server to always start on boot:
1
| sudo systemctl enable puppetserver
|
Open Service Port on the firewall
With the service started, open the port on the firewall so you can access the server from the network. This is only needed if you enforce firewall rules and you have firewalld installed.
1
2
| sudo firewall-cmd --add-port=8140/tcp --permanent
sudo firewall-cmd --reload
|
Add Puppet Binary folder to $PATH
Puppet binaries are located in /opt/puppetlabs/bin. This directory by default is not in your $PATH.
1
2
| echo 'export PATH=$PATH:/opt/puppetlabs/bin' | tee -a ~/.bashrc
source ~/.bashrc
|
Start the Puppet client
Lets start puppet agent service as well use it for some testing.
Let us register the puppet agent to the puppet master.
Start puppet agent:
1
| sudo systemctl start puppet
|
Check the status using this command:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
| $ sudo systemctl status puppet
● puppet.service - Puppet agent
Loaded: loaded (/lib/systemd/system/puppet.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2022-08-18 20:12:27 UTC; 13s ago
Main PID: 76605 (puppet)
Tasks: 1 (limit: 2309)
Memory: 78.1M
CPU: 1.992s
CGroup: /system.slice/puppet.service
└─76605 /opt/puppetlabs/puppet/bin/ruby /opt/puppetlabs/puppet/bin/puppet agent --no-daemonize
Aug 18 20:12:27 puppetmaster.citizix.com systemd[1]: Started Puppet agent.
Aug 18 20:12:29 puppetmaster.citizix.com puppet-agent[76605]: Starting Puppet client version 7.18.0
Aug 18 20:12:32 puppetmaster.citizix.com puppet-agent[76606]: Applied catalog in 0.01 seconds
|
Verify the Puppet Agent Configuration
After the puppet master signed the certificate file for the agent, run command below on the puppet agent to verify the configuration
1
2
3
4
5
6
7
8
| # puppet agent --test
Info: Using environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for puppetmaster.citizix.com
Info: Applying configuration version '1646343518'
Notice: Applied catalog in 0.02 secondscp
|
The Puppet agent pulled the configuration from the puppet master and applied to the server without any error.
Create Simple Manifest to Deploy Nginx
With the puppet master and agent installation and configuration complete, let us create a simple manifest for testing. We will create a manifest to install Nginx web server.
The puppet manifess will be stored in the environment specific directory in the /etc/puppetlabs/code/environments/<env> path. We have defined production in our case so lets switch to the production manifests directory using this:
1
| cd /etc/puppetlabs/code/environments/production/manifests
|
Create new manifest file.
Paste the following configuration.
1
2
3
4
5
6
7
8
9
| node 'puppetmaster.citizix.com' {
package { 'nginx':
ensure => "installed",
}
service { 'nginx':
ensure => running,
enable => true
}
}
|
Save and exit.
Now open the puppet agent server shell and run the command below.
The command will retrieve new manifest configuration file from the puppet master and then apply it to the agent server.
You can also apply the changes using the puppet apply command.
Following is the result.
1
2
3
4
5
6
| # puppet parser validate site.pp
# puppet apply site.pp
Notice: Compiled catalog for puppetmaster.citizix.com in environment production in 0.33 seconds
Notice: /Stage[main]/Main/Node[puppetmaster.citizix.com]/Package[nginx]/ensure: created
Notice: Applied catalog in 6.06 seconds
|
You can check Nginx using this command:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| $ sudo systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2022-03-03 21:40:32 UTC; 1min 44s ago
Docs: man:nginx(8)
Main PID: 20439 (nginx)
Tasks: 3 (limit: 4624)
Memory: 4.3M
CGroup: /system.slice/nginx.service
├─20439 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
├─20440 nginx: worker process
└─20441 nginx: worker process
Mar 03 21:40:32 puppetmaster.citizix.com systemd[1]: Starting A high performance web server and a reverse proxy server...
Mar 03 21:40:32 puppetmaster.citizix.com systemd[1]: Started A high performance web server and a reverse proxy server.
|
The nginx web server has been installed using the puppet manifest.
Conclusion
We managed to install and configure the Puppet Master and Puppet Agent on Ubuntu 22.04 Server successfully.