How to install and configure puppet 4 on ubuntu 16.04

Information TechnologyLinuxUbuntu

In this article, we will learn – How to install and configure the Puppet 4 on Ubuntu 16.04. Puppet is a configuration management tool which helps in the automation of tasks with respect to system administrators. These type of tools will save a lot of time and effort too.

Pre-requisites

Here in this article, we need at least two to three Ubuntu machines with the following requirements.

  • All the machines with a non-root user with Sudo permissions on the machine.
  • One Puppet master
  • One or two puppet agents to test the configuration.

Configuring the Host Files

All the server and clients needed to communicate with the host name, in general, this will be done by DNS server in this demo we don’t have any DNS server so we manually needed to add the hostname to the /etc/hosts file.

Need to add in all the /etc/hosts file(s) with the below text

$sudo vi /etc/hosts
192.168.0.1 puppet
192.168.0.200 ubuntu1

By default, the puppet master is called as puppet which makes to easy to setup the puppet. Which means, we need to assign the Puppet server as shown in the below example 192.168.0.1 , the puppet client will not be able to communicate to the server if we don’t specify the values in the Puppet master.

Installing and Configuring the Puppet Server

By default, the puppet package is not available with Ubuntu package manager as we will download and install this from the Puppet official repository. below is the command to install and add the puppet repository to the server machine.

Below is the command to install and add the puppet repository to the server machine –

puppet$ sudo curl -O https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 13662 100 13662 0 0 7787 0 0:00:01 0:00:01 --:--:-- 7784

puppet$ sudo dpkg -i puppetlabs-release-pc1-xenial.deb
Selecting previously unselected package puppetlabs-release-pc1.
(Reading database ... 91848 files and directories currently installed.)
Preparing to unpack puppetlabs-release-pc1-xenial.deb ...
Unpacking puppetlabs-release-pc1 (1.1.0-2xenial) ...
Setting up puppetlabs-release-pc1 (1.1.0-2xenial) ...

Installing the Puppet Master

puttet$ sudo apt-get update –y
Hit:1 http://in.archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://in.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:3 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Ign:4 http://apt.puppetlabs.com xenial InRelease
Get:5 http://apt.puppetlabs.com xenial Release [13.3 kB]
Get:6 http://apt.puppetlabs.com xenial Release.gpg [841 B]
Get:7 http://in.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:8 http://apt.puppetlabs.com xenial/PC1 amd64 Packages [11.9 kB]
Get:9 http://apt.puppetlabs.com xenial/PC1 i386 Packages [11.4 kB]
Get:10 http://apt.puppetlabs.com xenial/PC1 all Packages [6,786 B]
Fetched 351 kB in 1s (192 kB/s)
Reading package lists... Done

Once the update is completed, we need to run the below command to install the puppet on the local puppet server.

puppet$ sudo apt-get install puppetserver
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
ca-certificates-java fontconfig-config fonts-dejavu-core java-common
libavahi-client3 libavahi-common-data libavahi-common3 libcups2
libfontconfig1 libjpeg-turbo8 libjpeg8 liblcms2-2 libnspr4 libnss3
libnss3-nssdb libpcsclite1 libxi6 libxrender1 libxtst6
openjdk-8-jre-headless puppet-agent x11-common
Suggested packages:
default-jre cups-common liblcms2-utils pcscd openjdk-8-jre-jamvm libnss-mdns
fonts-dejavu-extra fonts-ipafont-gothic fonts-ipafont-mincho
ttf-wqy-microhei | ttf-wqy-zenhei fonts-indic
The following NEW packages will be installed:
ca-certificates-java fontconfig-config fonts-dejavu-core java-common
libavahi-client3 libavahi-common-data libavahi-common3 libcups2
libfontconfig1 libjpeg-turbo8 libjpeg8 liblcms2-2 libnspr4 libnss3
libnss3-nssdb libpcsclite1 libxi6 libxrender1 libxtst6
openjdk-8-jre-headless puppet-agent puppetserver x11-common
0 upgraded, 23 newly installed, 0 to remove and 91 not upgraded.
Need to get 79.8 MB of archives.
After this operation, 246 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
…
…
…
Setting up libjpeg-turbo8:amd64 (1.4.2-0ubuntu3) ...
Setting up liblcms2-2:amd64 (2.6-3ubuntu2) ...
Setting up x11-common (1:7.7+13ubuntu3) ...
update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults
Setting up libxtst6:amd64 (2:1.2.2-1) ...
Setting up libnspr4:amd64 (2:4.12-0ubuntu0.16.04.1) ...
Setting up java-common (0.56ubuntu2) ...
Setting up libavahi-common-data:amd64 (0.6.32~rc+dfsg-1ubuntu2) ...
Setting up libavahi-common3:amd64 (0.6.32~rc+dfsg-1ubuntu2) ...
Setting up libavahi-client3:amd64 (0.6.32~rc+dfsg-1ubuntu2) ...
Setting up libcups2:amd64 (2.1.3-4) ...
Setting up libjpeg8:amd64 (8c-2ubuntu8) ...
Setting up fonts-dejavu-core (2.35-1) ...
Setting up fontconfig-config (2.11.94-0ubuntu1.1) ...
…
…
…
Setting up openjdk-8-jre-headless:amd64 (8u121-b13-0ubuntu1.16.04.2) ...
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/rmid to provide /usr/bin/rmid (rmid) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java to provide /usr/bin/java (java) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/keytool to provide /usr/bin/keytool (keytool) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/jjs to provide /usr/bin/jjs (jjs) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/pack200 to provide /usr/bin/pack200 (pack200) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/rmiregistry to provide /usr/bin/rmiregistry (rmiregistry) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/unpack200 to provide /usr/bin/unpack200 (unpack200) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/orbd to provide /usr/bin/orbd (orbd) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/servertool to provide /usr/bin/servertool (servertool) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/tnameserv to provide /usr/bin/tnameserv (tnameserv) in auto mode
update-alternatives: using /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode
Setting up puppetserver (2.7.2-1puppetlabs1) ...
usermod: no changes
Processing triggers for libc-bin (2.23-0ubuntu3) ...
Processing triggers for systemd (229-4ubuntu10) ...
Processing triggers for ureadahead (0.100.0-19) ...

Enabling firewall for Puppet Server

After the installation, we needed to open the firewall for the puppet by default the default port for the puppet is 8140, below is the command to open the firewall (UFW) for Puppet server to allow the incoming connections from the client.

ubuntu@puppet:~$ sudo ufw allow 8140
Rules updated
Rules updated (v6)

Customizing Memory Allocation for Puppet Server and Nodes

By default 2 GB memory will be allocated to the Puppet master we can customize this depends on the memory we have for the Puppet server.

We needed to edit the below file “/etc/default/puppet server”, we needed to find the below line and edit accordingly `JAVA_ARGS=”-Xms2g -Xmx2g -XX:MaxPermSize=256m”`, here I am using 4 GB RAM

ubuntu@puppet$ sudo nano /etc/default/puppetserver
###########################################
# Init settings for puppetserver
###########################################
# Location of your Java binary (version 7 or higher)
JAVA_BIN="/usr/bin/java"
# Modify this if you'd like to change the memory allocation, enable JMX, etc
JAVA_ARGS="-Xms4g –Xmx4g -XX:MaxPermSize=256m"
# These normally shouldn't need to be edited if using OS packages
USER="puppet"
GROUP="puppet"
INSTALL_DIR="/opt/puppetlabs/server/apps/puppetserver"
CONFIG="/etc/puppetlabs/puppetserver/conf.d"
# Bootstrap path
BOOTSTRAP_CONFIG="/etc/puppetlabs/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/"
# SERVICE_STOP_RETRIES can be set here to alter the default stop timeout in
# seconds. For systemd, the shorter of this setting or 'TimeoutStopSec' in
# the systemd.service definition will effectively be the timeout which is used.
SERVICE_STOP_RETRIES=60
…
…

After completing the configuration we needed to start the Puppet Master and will check the status of the Puppet Master.

ubuntu@puppet:~$ sudo systemctl start puppetserver
ubuntu@puppet:~$ sudo systemctl status puppetserver
puppet server.service - puppet server Service
Loaded: loaded (/lib/systemd/system/puppetserver.service; disabled; vendor preset: enabled)
Active: active (running) since Mon 2017-02-13 13:19:02 IST; 3s ago
Process: 4943 ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start (code=exited, status=0/SUCCESS)
Main PID: 4954 (java)
Tasks: 26
Memory: 983.1M
CPU: 50.819s
CGroup: /system.slice/puppetserver.service
└─4954 /usr/bin/java -Xms2g -Xmx2g -XX:MaxPermSize=256m -Djava.security.egd=/dev/urandom -XX:OnOutOfMemoryError=k
Feb 13 13:18:10 puppet systemd[1]: Starting puppetserver Service...
Feb 13 13:18:10 puppet puppetserver[4943]: OpenJDK 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was r
Feb 13 13:19:02 puppet systemd[1]: Started puppetserver Service.

Installing Agents on Puppet Nodes

We needed to install agents for all the clients, for that we need to add the Official Puppet repository and then install the agent on the Client.

ubuntu@ubuntu1:~$ sudo wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
--2017-02-13 13:24:49-- https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
Resolving apt.puppetlabs.com (apt.puppetlabs.com)... 192.155.89.90, 2600:3c03::f03c:91ff:fedb:6b1d
Connecting to apt.puppetlabs.com (apt.puppetlabs.com)|192.155.89.90|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 13662 (13K) [application/x-debian-package]
Saving to: ‘puppetlabs-release-pc1-xenial.deb’
puppetlabs-release-pc1-xeni 100%[=========================================>] 13.34K --.-KB/s in 0.01s
2017-02-13 13:24:50 (1.29 MB/s) - ‘puppetlabs-release-pc1-xenial.deb’ saved [13662/13662]

ubuntu@ubuntu1:~$ sudo dpkg -i puppetlabs-release-pc1-xenial.deb
Selecting previously unselected package puppetlabs-release-pc1.
(Reading database ... 91848 files and directories currently installed.)
Preparing to unpack puppetlabs-release-pc1-xenial.deb ...
Unpacking puppetlabs-release-pc1 (1.1.0-2xenial) ...
Setting up puppetlabs-release-pc1 (1.1.0-2xenial) ...
sudo dpkg -i puppetlabs-release-pc1-xenial.deb
Selecting previously unselected package puppetlabs-release-pc1.
(Reading database ... 91848 files and directories currently installed.)
Preparing to unpack puppetlabs-release-pc1-xenial.deb ...
Unpacking puppetlabs-release-pc1 (1.1.0-2xenial) ...
Setting up puppetlabs-release-pc1 (1.1.0-2xenial) ...

$ sudo apt-get update
Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Hit:2 http://in.archive.ubuntu.com/ubuntu xenial InRelease
Ign:3 http://apt.puppetlabs.com xenial InRelease
Get:4 http://in.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:5 http://apt.puppetlabs.com xenial Release [13.3 kB]
Get:6 http://apt.puppetlabs.com xenial Release.gpg [841 B]
Get:7 http://in.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:8 http://apt.puppetlabs.com xenial/PC1 amd64 Packages [11.9 kB]
Get:9 http://apt.puppetlabs.com xenial/PC1 i386 Packages [11.4 kB]
Get:10 http://apt.puppetlabs.com xenial/PC1 all Packages [6,786 B]
Fetched 351 kB in 1s (201 kB/s)
Reading package lists... Done

Once the repository is added we needed to run the below command to install the agent

ubuntu@ubuntu1:~$ sudo apt-get install puppet-agent
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
puppet-agent
0 upgraded, 1 newly installed, 0 to remove and 91 not upgraded.
Need to get 15.5 MB of archives.
After this operation, 92.2 MB of additional disk space will be used.
Get:1 http://apt.puppetlabs.com xenial/PC1 amd64 puppet-agent amd64 1.9.1-1xenial [15.5 MB]
Fetched 15.5 MB in 32s (476 kB/s)
Selecting previously unselected package puppet-agent.
(Reading database ... 91853 files and directories currently installed.)
Preparing to unpack .../puppet-agent_1.9.1-1xenial_amd64.deb ...
Unpacking puppet-agent (1.9.1-1xenial) ...
Processing triggers for libc-bin (2.23-0ubuntu3) ...
Setting up puppet-agent (1.9.1-1xenial) ...
Created symlink from /etc/systemd/system/multi-user.target.wants/puppet.service to /lib/systemd/system/puppet.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/mcollective.service to /lib/systemd/system/mcollective.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/pxp-agent.service to /lib/systemd/system/pxp-agent.service.
Removed symlink /etc/systemd/system/multi-user.target.wants/pxp-agent.service.
Processing triggers for libc-bin (2.23-0ubuntu3) ...

Once the installation is succeed, We needed to start the agent and enable it at startup.

ubuntu@ubuntu1:~$ sudo systemctl start puppet
ubuntu@ubuntu1:~$ sudo systemctl enable puppet

Signing the Agent Node Sing Certificates on the Puppet Master

When we run the agent node for the first time the node will send the signing request to the Puppet master, before any communication will happen between the node and Puppet master a certificate sign request is created on the Puppet master

To see the current list of certificates request with the Puppet master run the bellow command

root@puppet:~# sudo /opt/puppetlabs/bin/puppet cert list
"ubuntu1" (SHA256) 60:4C:AE:CE:BD:3F:EC:2F:C6:70:F6:45:62:EC:9A:AF:B2:8B:1C:42:4A:67:BB:C5:F6:F4:AE:BF:38:87:EA:9E

Sign the Requests

To sign the requests run the below command for the particular node.

$ sudo /opt/puppetlabs/bin/puppet cert sign ubuntu1
Signing Certificate Request for:
"ubuntu1" (SHA256) 60:4C:AE:CE:BD:3F:EC:2F:C6:70:F6:45:62:EC:9A:AF:B2:8B:1C:42:4A:67:BB:C5:F6:F4:AE:BF:38:87:EA:9E
Notice: Signed certificate request for ubuntu1
Notice: Removing file Puppet::SSL::CertificateRequest ubuntu1 at '/etc/puppetlabs/puppet/ssl/ca/requests/ubuntu1.pem'

To sign the requests run the below command for all the nodes at a time

$ sudo /opt/puppetlabs/bin/puppet cert sign –all

Creating and Executing Demo Manifest

Example Manifest for demo

# vi /etc/puppetlabs/code/environments/production/manifests/site.pp
file {'/tmp/example-ip': # resource type file and filename
ensure => present, # make sure it exists
mode => '0644', # file permissions
content => "The Node IP address is ${ipaddress_eth0}!\n", # note the ipaddress_eth0 fact
}

This will display the IP address located in the /tmp folder and the manifest will ensures that all the nodes will have the example-IP file in the /tmp folder.

Executing the manifest from the Client

Below is the command to run the Demo manifest which we created on the server

root@ubuntu1:~# sudo /opt/puppetlabs/bin/puppet agent --test
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for ubuntu1
Info: Applying configuration version '1486993606'
Notice: /Stage[main]/Main/File[/tmp/example-ip]/ensure: defined content as '{md5}438876fa0fef0d66a99582754b266473'
Notice: Applied catalog in 0.21 seconds

In the above tutorial, we have learned about – How to install and configure the Puppet Master and Puppet nodes and how to add Sign in the certificates for the nodes. Also, we have created a demo to manifest and execute from the node to get the results.

raja
Published on 22-Oct-2019 11:26:20
Advertisements