Once you have configured the Puppet Server, you can start adding the puppet agents to it. This article will brief about installing and configuring the puppet agent on Linux systems (RHEL 7 and Ubuntu 14.04). Puppet agents are nothing but the client machines which will regularly pulls configuration catalogs from a Puppet master and applies them to the local system. Puppet agent supported on multi-platform including windows , all the Linux variants and Unix systems. This guide assumes that you have installed a monolithic puppet enterprise deployment and have the Puppet master, the PE console, and PuppetDB up and running on one node.
Puppet Server (Version 4.3.1): 192.168.203.131 / UA-HA (RHEL 7)
Puppet Agent : RHEL 7 (New Client)
Install Puppet agent on Linux Server:
Puppet agent installation method differs when you have different architecture than the master node.
- Puppet agent node has the same OS and architecture as Puppet master.
- Puppet agent node has a different OS and architecture than Puppet master.
Let’s see if you have puppet agent node has the same OS and architecture as puppet server.
1.Login to the RHEL 7 node in which you would like configure the puppet agent.
2. Execute the following command to install the puppet agent.
[root@UA-HA2 ~]# curl -k https://UA-HA:8140/packages/current/install.bash | sudo bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 14576 100 14576 0 0 9855 0 0:00:01 0:00:01 --:--:-- 9855 Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Cleaning repos: pe_repo Cleaning up everything Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. pe_repo | 2.5 kB 00:00:00 pe_repo/primary_db | 23 kB 00:00:00 Resolving Dependencies --> Running transaction check ---> Package puppet-agent.x86_64 0:1.3.2-1.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================ Package Arch Version Repository Size ================================================================================================================ Installing: puppet-agent x86_64 1.3.2-1.el7 pe_repo 21 M Transaction Summary ================================================================================================================= Install 1 Package Total download size: 21 M Installed size: 98 M Downloading packages: warning: /var/cache/yum/x86_64/7Server/pe_repo/packages/puppet-agent-1.3.2-1.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 4bd6ec30: NOKEY20 MB 00:00:00 ETA Public key for puppet-agent-1.3.2-1.el7.x86_64.rpm is not installed puppet-agent-1.3.2-1.el7.x86_64.rpm | 21 MB 00:00:04 Retrieving key from https://uaha.unixarena.com:8140/packages/GPG-KEY-puppetlabs Importing GPG key 0x4BD6EC30: Userid : "Puppet Labs Release Key (Puppet Labs Release Key) <info@puppetlabs.com>" Fingerprint: 47b3 20eb 4c7c 375a a9da e1a0 1054 b7a2 4bd6 ec30 From : https://uaha.unixarena.com:8140/packages/GPG-KEY-puppetlabs Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : puppet-agent-1.3.2-1.el7.x86_64 1/1 Verifying : puppet-agent-1.3.2-1.el7.x86_64 1/1 Installed: puppet-agent.x86_64 0:1.3.2-1.el7 Complete! service { 'puppet': ensure => 'stopped', } Notice: /Service[puppet]/ensure: ensure changed 'stopped' to 'running' service { 'puppet': ensure => 'running', enable => 'true', } service { 'puppet': ensure => 'running', enable => 'true', } Notice: /File[/usr/local/bin/facter]/ensure: created file { '/usr/local/bin/facter': ensure => 'link', target => '/opt/puppetlabs/puppet/bin/facter', } Notice: /File[/usr/local/bin/puppet]/ensure: created file { '/usr/local/bin/puppet': ensure => 'link', target => '/opt/puppetlabs/puppet/bin/puppet', } Notice: /File[/usr/local/bin/pe-man]/ensure: created file { '/usr/local/bin/pe-man': ensure => 'link', target => '/opt/puppetlabs/puppet/bin/pe-man', } Notice: /File[/usr/local/bin/hiera]/ensure: created file { '/usr/local/bin/hiera': ensure => 'link', target => '/opt/puppetlabs/puppet/bin/hiera', } [root@UA-HA2 ~]#
3. Login to the puppet enterprise console as admin user .
4. Navigate to the Nodes – > Unassigned certificates. Verify the node name and click on “Accept All” or “Accept” .
5. Once you have accepted the certificate of node “ua-ha2” , you should be able to see the message like below.
7. The new puppet agent node will not appear immediately on the puppet inventory (Default client check in time 30 minutes ). Once you have accepted the certificate on Puppet console , run the following command to re-run the puppet agent.
[root@UA-HA2 ~]# puppet agent -t Info: Caching certificate for ua-ha2 Info: Caching certificate_revocation_list for ca Info: Caching certificate for ua-ha2 Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Notice: /File[/opt/puppetlabs/puppet/cache/lib/facter]/ensure: created Notice: /File[/opt/puppetlabs/puppet/cache/lib/facter/aio_agent_build.rb]/ensure: defined content as '{md5}cdcc1ff07bc245c66cc1d46be56b3af5' /Stage[main]/Puppet_enterprise::Mcollective::Server::Certs/File[/etc/puppetlabs/mcollective/ssl/clients]/ensure: created Notice: Notice: /Stage[main]/Puppet_enterprise::Mcollective::Server::Facter/Cron[pe-mcollective-metadata]/ensure: created Notice: /Stage[main]/Puppet_enterprise::Mcollective::Server/File[/etc/puppetlabs/mcollective/server.cfg]/content: --- /etc/puppetlabs/mcollective/server.cfg 2015-12-02 14:14:08.000000000 -0500 +++ /tmp/puppet-file20160130-60237-181cepp 2016-01-30 00:20:26.914025013 -0500 @@ -1,27 +1,81 @@ -main_collective = mcollective -collectives = mcollective - -libdir = /opt/puppetlabs/mcollective/plugins - -# consult the "classic" libdirs too -libdir = /usr/share/mcollective/plugins -libdir = /usr/libexec/mcollective -logfile = /var/log/puppetlabs/mcollective.log -loglevel = info -daemonize = 1 - -# Plugins -securityprovider = psk -plugin.psk = unset +# Centrally managed by Puppet version 4.3.1 +# https://docs.puppetlabs.com/mcollective/configure/server.html +# Connector settings (required): +# ----------------------------- connector = activemq +direct_addressing = 1 + +# ActiveMQ connector settings: +plugin.activemq.randomize = false plugin.activemq.pool.size = 1 -plugin.activemq.pool.1.host = stomp1 -plugin.activemq.pool.1.port = 6163 +plugin.activemq.pool.1.host = uaha.unixarena.com +plugin.activemq.pool.1.port = 61613 plugin.activemq.pool.1.user = mcollective -plugin.activemq.pool.1.password = marionette +plugin.activemq.pool.1.password = gHQFayooU2pGXvu2XQdh +plugin.activemq.pool.1.ssl = true +plugin.activemq.pool.1.ssl.ca = /etc/puppetlabs/mcollective/ssl/ca.cert.pem +plugin.activemq.pool.1.ssl.cert = /etc/puppetlabs/mcollective/ssl/ua-ha2.cert.pem +plugin.activemq.pool.1.ssl.key = /etc/puppetlabs/mcollective/ssl/ua-ha2.private_key.pem +plugin.activemq.heartbeat_interval = 120 +plugin.activemq.max_hbrlck_fails = 0 + +# Security plugin settings (required): +# ----------------------------------- +securityprovider = ssl + +# SSL plugin settings: +plugin.ssl_server_private = /etc/puppetlabs/mcollective/ssl/mcollective-private.pem +plugin.ssl_server_public = /etc/puppetlabs/mcollective/ssl/mcollective-public.pem +plugin.ssl_client_cert_dir = /etc/puppetlabs/mcollective/ssl/clients +plugin.ssl_serializer = yaml -# Facts +# Facts, identity, and classes (recommended): +# ------------------------------------------ factsource = yaml plugin.yaml = /etc/puppetlabs/mcollective/facts.yaml + +identity = ua-ha2 + +classesfile = /opt/puppetlabs/puppet/cache/state/classes.txt + +# Registration (recommended): +# ----------------------- +registration = Meta +registerinterval = 600 + +# Subcollectives (optional): +# ------------------------- +main_collective = mcollective +collectives = mcollective + +# Auditing (optional): +# ------------------- +plugin.rpcaudit.logfile = /var/log/puppetlabs/mcollective-audit.log +rpcaudit = 1 +rpcauditprovider = logfile + +# Authorization (optional): +# ------------------------ +plugin.actionpolicy.allow_unconfigured = 1 +rpcauthorization = 1 +rpcauthprovider = action_policy + +# Logging: +# ------- +logfile = /var/log/puppetlabs/mcollective.log +loglevel = info + +# Platform defaults: +# ----------------- +daemonize = 1 +libdir = /opt/puppet/libexec/mcollective:/opt/puppetlabs/mcollective/plugins + +# Puppet Agent plugin configuration: +# --------------------------------- +plugin.puppet.splay = true +plugin.puppet.splaylimit = 120 +plugin.puppet.signal_daemon = 0 +plugin.puppet.command = /opt/puppetlabs/bin/puppet agent +plugin.puppet.config = /etc/puppetlabs/puppet/puppet.conf Notice: /Stage[main]/Puppet_enterprise::Mcollective::Server/File[/etc/puppetlabs/mcollective/server.cfg]/content: content changed '{md5}73e68cfd79153a49de6f5721ab60657b' to '{md5}dabe5d8af8f8a4fe3ecb360b43295f5c' Notice: /Stage[main]/Puppet_enterprise::Mcollective::Server/File[/etc/puppetlabs/mcollective/server.cfg]/mode: mode changed '0644' to '0660' Info: /Stage[main]/Puppet_enterprise::Mcollective::Server/File[/etc/puppetlabs/mcollective/server.cfg]: Scheduling refresh of Service[mcollective] Info: /Stage[main]/Puppet_enterprise::Mcollective::Server/File[/etc/puppetlabs/mcollective/server.cfg]: Scheduling refresh of Service[mcollective] Notice: /Stage[main]/Puppet_enterprise::Mcollective::Service/Service[mcollective]/ensure: ensure changed 'stopped' to 'running' Info: /Stage[main]/Puppet_enterprise::Mcollective::Service/Service[mcollective]: Unscheduling refresh on Service[mcollective] Notice: Applied catalog in 4.10 seconds [root@UA-HA2 ~]#
8. In Puppet console, you should be able to see the puppet agent node.
We have successfully configured Puppet agent on RHEL 7.
Let’s see if you have puppet agent node has a different OS and architecture than puppet server.
Server: Ubuntu TLS 14.04 x86_64 (Role: Puppet Agent node)
1. Login to the puppet console as admin user.
2. Navigate to Nodes – > Classification. Click on PE Master.
3. Navigate to Class and Add a new class . In my case, I would like to add Ubuntu TLS 14.04 x86_64 nodes as puppet agent. So the new class should be pe_repo , platform as Ubuntu 14. 04 64 Bit.
4. Once you have added the class , you should be able to see the below screen.
5. In the bottom , you need to click on the “commit changes” to save it .
6. Login to the puppet server as root user via ssh session and initiate the puppet run.
[root@UA-HA ~]# puppet agent -t Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for uaha.unixarena.com Info: Applying configuration version '1454507627' Notice: /Stage[main]/Pe_repo::Platform::Ubuntu_1404_amd64/Pe_repo::Debian[ubuntu-14.04-amd64]/Pe_repo::Repo[ubuntu-14.04-amd64 2015.3.1]/Pe_staging::Deploy[puppet-agent-ubuntu-14.04-amd64.tar.gz]/Pe_staging::File[puppet-agent-ubuntu-14.04-amd64.tar.gz]/Exec[/opt/puppetlabs/server/data/staging/pe_repo-puppet-agent-1.3.2/puppet-agent-ubuntu-14.04-amd64.tar.gz]/returns: executed successfully Notice: /Stage[main]/Pe_repo::Platform::Ubuntu_1404_amd64/Pe_repo::Debian[ubuntu-14.04-amd64]/Pe_repo::Repo[ubuntu-14.04-amd64 2015.3.1]/Pe_staging::Deploy[puppet-agent-ubuntu-14.04-amd64.tar.gz]/Pe_staging::Extract[puppet-agent-ubuntu-14.04-amd64.tar.gz]/Exec[extract puppet-agent-ubuntu-14.04-amd64.tar.gz]/returns: executed successfully Notice: Applied catalog in 131.98 seconds [root@UA-HA ~]#
7. Login to the Ubuntu 14.04 64 node and execute the following command to install the puppet agent.
root@uacloud:~# curl -k https://uaha.unixarena.com:8140/packages/current/install.bash | sudo bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 14576 100 14576 0 0 7560 0 0:00:01 0:00:01 --:--:-- 7560 Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: librabbitmq1 python-librabbitmq python-oslo.messaging python-oslo.rootwrap Use 'apt-get autoremove' to remove them. The following packages will be upgraded: apt-transport-https 1 upgraded, 0 newly installed, 0 to remove and 155 not upgraded. 4 not fully installed or removed. Need to get 25.0 kB of archives. After this operation, 0 B of additional disk space will be used. Get:1 http://in.archive.ubuntu.com/ubuntu/ trusty-updates/main apt-transport-https amd64 1.0.1ubuntu2.11 [25.0 kB] Fetched 25.0 kB in 9s (2,553 B/s) # ...and we should be good. exit 0 (Reading database ... 112997 files and directories currently installed.) Preparing to unpack .../apt-transport-https_1.0.1ubuntu2.11_amd64.deb ... Unpacking apt-transport-https (1.0.1ubuntu2.11) over (1.0.1ubuntu2.10) ... Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: librabbitmq1 python-librabbitmq python-oslo.messaging python-oslo.rootwrap Use 'apt-get autoremove' to remove them. The following NEW packages will be installed: puppet-agent 0 upgraded, 1 newly installed, 0 to remove and 155 not upgraded. 4 not fully installed or removed. Need to get 12.5 MB of archives. After this operation, 65.1 MB of additional disk space will be used. Get:1 https://uaha.unixarena.com:8140/packages/2015.3.1/ubuntu-14.04-amd64/ trusty/PC1 puppet-agent amd64 1.3.2-1trusty [12.5 MB] Fetched 12.5 MB in 4s (3,105 kB/s) Selecting previously unselected package puppet-agent. (Reading database ... 112997 files and directories currently installed.) Preparing to unpack .../puppet-agent_1.3.2-1trusty_amd64.deb ... Unpacking puppet-agent (1.3.2-1trusty) ... Processing triggers for ureadahead (0.100.0-16) ... ureadahead will be reprofiled on next reboot Setting up puppet-agent (1.3.2-1trusty) ... service { 'puppet': ensure => 'stopped', } Notice: /Service[puppet]/ensure: ensure changed 'stopped' to 'running' service { 'puppet': ensure => 'running', enable => 'true', } service { 'puppet': ensure => 'running', enable => 'true', } Notice: /File[/usr/local/bin/facter]/ensure: created file { '/usr/local/bin/facter': ensure => 'link', target => '/opt/puppetlabs/puppet/bin/facter', } Notice: /File[/usr/local/bin/puppet]/ensure: created file { '/usr/local/bin/puppet': ensure => 'link', target => '/opt/puppetlabs/puppet/bin/puppet', } Notice: /File[/usr/local/bin/pe-man]/ensure: created file { '/usr/local/bin/pe-man': ensure => 'link', target => '/opt/puppetlabs/puppet/bin/pe-man', } Notice: /File[/usr/local/bin/hiera]/ensure: created file { '/usr/local/bin/hiera': ensure => 'link', target => '/opt/puppetlabs/puppet/bin/hiera', } root@uacloud:~#
8. Run the puppet agent . (Otherwise you need to wait puppet agent to check-in automatically. The default interval is 30 minutes )
root@uacloud:~# puppet agent -t Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for uacloud Info: Applying configuration version '1454512140' Notice: Applied catalog in 0.42 seconds root@uacloud:~#
9. Go back to puppet console. Navigate to the Nodes – > Unassigned certificates. Verify the node name and click on “Accept All” or “Accept” .
or
# puppet cert list # puppet cert sign "host_name"
10. Go back to puppet agent node and re-run the puppet agent.
root@uacloud:~# puppet agent -t
You should be able to see the new puppet agent node in the Puppet enterprise console.
We have added two different type of puppet agent nodes in Puppet server. Hope this article is informative to you .
Share it ! Comment it !! Be Sociable !!!
Murugan says
Very good Document