Today we will explore installation of Puppet Server on CentOS 8 | RHEL 8|Rocky Linux 8 Linux machine. A separate guide on the installation and configuration of Puppet Agent will be published as well. Puppet operates in an agent-master architecture, in which a master node controls configuration information for a fleet of managed agent nodes.
The Puppet Server performs the role of the master node. Puppet Server is a Ruby and Clojure application that runs on the Java Virtual Machine (JVM) and provides the same services as the classic Puppet master application. It mostly does this by running the existing Puppet master code in several JRuby interpreters, but it replaces some parts of the classic application with new services written in Clojure.
There are two editions of Puppet:
- Puppet Enterprise (PE)
- Puppet Open Source
If you’re going for a Puppet Enterprise edition, its architecture is as shown below.
The Puppet platform comprises of the following components:
| Package | Contents |
|---|---|
puppetserver |
Puppet Server . This controls configuration information for a fleet of managed agent nodes |
puppetdb |
PuppetDB – collects data generated by Puppet . It enables advanced Puppet features like exported resources. |
puppet-agent |
Puppet, Facter, Hiera, the PXP agent, root certificates, and prerequisites like Ruby and Augeas. The agent runs on any node in Puppet cluster. |
puppetdb-termini |
Plugins to connect your master to PuppetDB |
Install Puppet 6.x Master on CentOS 8 / RHEL 8 / Rocky Linux 8
There are many ways of installing Puppet Master on CentOS 8 Linux system. The common and easiest method is pulling the packages required from the YUM repository provided and maintained by Puppet.
Step 1: Update CentOS machine
Ensure your CentOS 8 machine is updated:
sudo dnf -y update
sudo dnf -y install wget curl vim bash-completionAs update includes latest kernel packages, consider rebooting the machine if no critical applications are running in it.
sudo systemctl rebootStep 2: Set System Hostname and Configure Chrony
Set a proper hostname for your machine.
sudo hostnamectl set-hostname puppetmaster.example.comEnsure the hostname has proper DNS record and also update /etc/hosts file.
$ sudo vim /etc/hosts
192.168.122.12 puppetmaster.example.com puppetmasterWhere:
- 192.168.122.12 is the IP Address of Puppet Server
- puppetmaster.example.com is the FQDN of Puppet Server
Logout then login again to confirm the hostname.
$ exit
$ hostname
puppetmaster.example.com
Configure Chrony NTP
sudo dnf -y install chrony
sudo systemctl enable --now chronyd
sudo timedatectl set-timezone Africa/Nairobi --adjust-system-clock
sudo timedatectl set-ntp yesConfirm date and time is correctly configured.
$ timedatectl
Local time: Sat 2020-04-18 14:33:26 EAT
Universal time: Sat 2020-04-18 11:33:26 UTC
RTC time: Sat 2020-04-18 11:33:25
Time zone: Africa/Nairobi (EAT, +0300)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
Step 3: Add Puppet Yum repository
Add the repository required by running the command below in your terminal.
sudo dnf -y install https://yum.puppet.com/puppet-release-el-8.noarch.rpmAlso consider adding EPEL repository:
sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf config-manager --set-enabled powertoolsStep 4: Install Puppet Master on CentOS 8 / RHEL 8 / Rocky Linux 8
With all the pre-reqs configured, you can begin the installation of Puppet Master on CentOS 8 / RHEL 8 / Rocky Linux 8 Linux.
Update Package list cache:
$ sudo dnf makecache
CentOS-8 - AppStream 4.2 kB/s | 4.3 kB 00:01
CentOS-8 - Base 5.7 kB/s | 3.8 kB 00:00
CentOS-8 - Extras 1.8 kB/s | 1.5 kB 00:00
CentOS-8 - PowerTools 7.0 kB/s | 4.3 kB 00:00
Extra Packages for Enterprise Linux 8 - x86_64 24 kB/s | 39 kB 00:01
Puppet Repository el 8 - x86_64 3.3 kB/s | 2.5 kB 00:00
Metadata cache created.
Puppet repository should be in the list of repositories available in the system.
$ sudo dnf repolist
Last metadata expiration check: 0:00:30 ago on Sat 18 Apr 2020 02:36:49 PM EAT.
repo id repo name status
AppStream CentOS-8 - AppStream 5,281
BaseOS CentOS-8 - Base 2,231
PowerTools CentOS-8 - PowerTools 1,533
*epel Extra Packages for Enterprise Linux 8 - x86_64 5,315
extras CentOS-8 - Extras 15
puppet Puppet Repository el 8 - x86_64 148You can query a list of Puppet packages available on the repository:
$ sudo dnf search puppet
Last metadata expiration check: 0:03:16 ago on Thu 21 Oct 2021 04:40:12 AM EAT.
==================================================================================== Name Exactly Matched: puppet ====================================================================================
puppet.noarch : Network tool for managing many disparate systems
=================================================================================== Name & Summary Matched: puppet ===================================================================================
dmlite-puppet-dpm.noarch : Puppet modules for DPM configuration
puppet-agent.x86_64 : The Puppet Agent package contains all of the elements needed to run puppet, including ruby, facter, and hiera.
puppet-release.noarch : Release packages for the Puppet repository
puppet7-release.noarch : Release packages for the Puppet 7 repository
puppetdb.noarch : Puppet Labs puppetdb
puppetdb-termini.noarch : Termini for puppetdb
puppetserver.noarch : Puppet Labs puppetserver
python3-collectd_puppet.noarch : Collectd plugin to monitor puppet agents
rubygem-puppet-resource_api.noarch : This library provides a simple way to write new native resources for puppet
rubygem-puppet-resource_api-doc.noarch : Documentation for rubygem-puppet-resource_api
rubygem-puppetserver-ca.noarch : A simple CLI tool for interacting with Puppet Server's Certificate Authority
rubygem-puppetserver-ca-doc.noarch : Documentation for rubygem-puppetserver-ca
rubygem-semantic_puppet-doc.noarch : Documentation for rubygem-semantic_puppet
======================================================================================== Name Matched: puppet ========================================================================================
puppet-bolt.x86_64 : Stand alone task runner
rubygem-semantic_puppet.noarch : Useful tools for working with Semantic Versions
====================================================================================== Summary Matched: puppet =======================================================================================
pdk.x86_64 : Puppet Development KitInstall Puppet Master packages on CentOS 8 Linux.
sudo dnf install puppetserverPuppet Agent will be installed as a dependency:
Rocky Linux 8 - PowerTools 638 kB/s | 2.3 MB 00:03
Last metadata expiration check: 0:00:02 ago on Thu 21 Oct 2021 04:45:47 AM EAT.
Dependencies resolved.
======================================================================================================================================================================================================
Package Architecture Version Repository Size
======================================================================================================================================================================================================
Installing:
puppetserver noarch 7.4.1-1.el8 puppet 63 M
Installing dependencies:
copy-jdk-configs noarch 3.7-4.el8 appstream 26 k
java-1.8.0-openjdk-headless x86_64 1:1.8.0.302.b08-0.el8_4 appstream 34 M
javapackages-filesystem noarch 5.3.0-2.module+el8.3.0+125+5da1ae29 appstream 29 k
libjpeg-turbo x86_64 1.5.3-10.el8 appstream 154 k
lksctp-tools x86_64 1.0.18-3.el8 baseos 98 k
lua x86_64 5.3.4-11.el8 appstream 191 k
puppet-agent x86_64 7.12.0-1.el8 puppet 24 M
tzdata-java noarch 2021a-1.el8 appstream 190 k
Enabling module streams:
javapackages-runtime 201801
Transaction Summary
======================================================================================================================================================================================================
Install 9 Packages
Total download size: 122 M
Installed size: 299 M
Is this ok [y/N]: yAgree to import GPG key when prompted.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 22 MB/s | 122 MB 00:05
warning: /var/cache/dnf/puppet-caea408efb9b2853/packages/puppet-agent-7.12.0-1.el8.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 9e61ef26: NOKEY
Puppet Repository el 8 - x86_64 1.6 MB/s | 1.6 kB 00:00
Importing GPG key 0xEF8D349F:
Userid : "Puppet, Inc. Release Key (Puppet, Inc. Release Key) <[email protected]>"
Fingerprint: 6F6B 1550 9CF8 E59E 6E46 9F32 7F43 8280 EF8D 349F
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-release
Is this ok [y/N]: y
Key imported successfully
Puppet Repository el 8 - x86_64 3.1 MB/s | 3.1 kB 00:00
Importing GPG key 0x9E61EF26:
Userid : "Puppet, Inc. Release Key (Puppet, Inc. Release Key) <[email protected]>"
Fingerprint: D681 1ED3 ADEE B844 1AF5 AA8F 4528 B6CD 9E61 EF26
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-2025-04-06-puppet-release
Is this ok [y/N]: yConfirm package installation:
$ rpm -qi puppetserver
Name : puppetserver
Version : 7.7.0
Release : 1.el8
Architecture: noarch
Install Date: Fri May 6 12:42:25 2022
Group : System Environment/Daemons
Size : 106546740
License : ASL 2.0
Signature : RSA/SHA256, Tue Apr 5 03:09:51 2022, Key ID 4528b6cd9e61ef26
Source RPM : puppetserver-7.7.0-1.el8.src.rpm
Build Date : Tue Apr 5 03:06:26 2022
Build Host : k8s-jenkins-fpm-z70mg
Relocations : /
Packager : Puppet Labs <[email protected]>
Vendor : Puppet Labs <[email protected]>
URL : http://puppet.com
Summary : Puppet Labs puppetserver
....Step 4: Configure Puppet Master / Server on CentOS 8 / RHEL 8
With the installation of Puppet Master / Server done on CentOS 8, it is time to start configurations.
Define Puppet Master FQDN and DNS alternative names:
sudo vim /etc/puppetlabs/puppet/puppet.confAdd the DNS settings under the [server] section.
[server]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
dns_alt_names=puppetmaster.example.com,puppetmaster,puppetserverAlso configure main section like below:
[main]
certname = puppetmaster.example.com
server = puppetmaster.example.com
environment = production
runinterval = 1hWhere:
- puppetmaster.example.com is the FQDN of your Puppet server.
My configurations look like below after updating:
[master]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
dns_alt_names=puppetmaster.example.com,puppetmaster,puppetserver
[main]
certname = puppetmaster.example.com
server = puppetmaster.example.com
environment = production
runinterval = 1hConfigure JVM Memory Allocation
The file where you can set min and max memory for JVM is:
sudo vim /etc/sysconfig/puppetserverBy default it is set to 2GB. Adjust this depending on resources available on your machine.
JAVA_ARGS="-Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"Start Puppet Server on CentOS 8 / RHEL 8 / Rocky Linux 8
After our basic Puppet Server configuration, start the service and set it to start at system boot.
sudo systemctl enable --now puppetserverIf you had started it earlier, then restart after modifications.
sudo systemctl restart puppetserverCheck service status to confirm it is running.
$ systemctl status puppetserver
● puppetserver.service - puppetserver Service
Loaded: loaded (/usr/lib/systemd/system/puppetserver.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2020-04-18 14:56:58 EAT; 18s ago
Process: 4068 ExecStart=/opt/puppetlabs/server/apps/puppetserver/bin/puppetserver start (code=exited, status=0/SUCCESS)
Main PID: 4077 (java)
Tasks: 42 (limit: 4915)
Memory: 670.5M
CGroup: /system.slice/puppetserver.service
└─4077 /usr/bin/java -Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger -XX:OnOutOfMemoryError=kill -9 %p -cp />Open Service Port on the firewall
With the service started, open the port on the firewall so you can access the server from the network.
sudo firewall-cmd --add-service=puppetmaster --permanent
sudo firewall-cmd --reloadConfirm Puppet server is working using Puppet Client on CentOS 8:
$ sudo /opt/puppetlabs/bin/puppet agent --test --ca_server=puppetmaster.example.com
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Caching catalog for puppetmaster.example.com
Info: Applying configuration version '1587211455'
Info: Creating state file /opt/puppetlabs/puppet/cache/state/state.yaml
Notice: Applied catalog in 0.01 secondsOn the Puppet Master Node list all the available certificates:
$ sudo /opt/puppetlabs/bin/puppetserver ca list --all
Signed Certificates:
puppetmaster.example.com (SHA256) 82:D0:CB:2D:13:09:DD:66:36:F8:B9:7A:90:3F:28:08:C7:68:F1:73:75:EF:6A:B0:EA:CC:92:16:D5:F7:4B:7A alt names: ["DNS:puppetmaster.example.com", "DNS:puppetmaster", "DNS:puppetserver", "DNS:puppetmaster.example.com"] authorization extensions: [pp_cli_auth: true]You can sign all pending certificates by running the command:
sudo /opt/puppetlabs/bin/puppetserver ca sign --allAdd Puppet Binary folder to $PATH
Puppet binaries are located in /opt/puppetlabs/bin. This directory by default is not in your $PATH. As can be confirmed with:
$ ls /opt/puppetlabs/bin/
facter hiera puppet puppetserver
$ which puppet
/usr/bin/which: no puppet in (/home/vagrant/.local/bin:/home/vagrant/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin)Add it to PATH:
echo 'export PATH=$PATH:/opt/puppetlabs/bin' | tee -a ~/.bashrc
source ~/.bashrcTest if working as expected:
$ which puppet
/opt/puppetlabs/bin/puppetStart Puppet client
Let’s start puppet agent service as we’ll use it for some testing.
sudo systemctl start puppet
sudo systemctl enable puppetOur next guide will cover installation of Puppet Agent in your machines to be managed with Puppet. And how you can write basic manifest to install packages, add users, manage Linux services e.t.c.
Reference:
Similar guides:
- Install Ansible on CentOS / RHEL 8
- How To Install and Configure Ansible Tower on CentOS 7 / RHEL 7/8
- How To Setup Chef Infra Server on CentOS 8 / RHEL 8
