RHEL BasedRocky Linux

How To Install Puppet on Rocky Linux 9

Install Puppet on Rocky Linux 9

In this tutorial, we will show you how to install Rocky Linux 9. Puppet is a powerful configuration management tool that helps system administrators automate the provisioning, configuration, and management of servers and applications. In this comprehensive guide, we’ll walk you through the process of installing Puppet on Rocky Linux 9, a robust and stable Linux distribution. Whether you’re managing a small network or a large-scale infrastructure, Puppet can significantly streamline your operations and ensure consistency across your systems.

Understanding Puppet

Puppet is an open-source configuration management tool that allows you to define and manage the desired state of your IT infrastructure. It uses a declarative language to describe system configurations, which makes it easier to maintain and scale your infrastructure as it grows.

Some key benefits of using Puppet include:

  • Automation of repetitive tasks
  • Consistent configuration across multiple servers
  • Improved security through standardized configurations
  • Faster deployment of new systems
  • Easier troubleshooting and maintenance

Prerequisites for Installing Puppet on Rocky Linux 9

Before we begin the installation process, ensure that you have the following:

  • A Rocky Linux 9 system with root or sudo access
  • A stable internet connection
  • At least 2GB of RAM and 2 CPU cores for the Puppet server
  • Sufficient disk space (at least 20GB recommended)
  • Properly configured hostname and FQDN (Fully Qualified Domain Name)

Preparing the Environment

To ensure a smooth installation process, we need to prepare our Rocky Linux 9 environment. Follow these steps:

1. Update Your System

First, update your Rocky Linux 9 system to ensure you have the latest packages and security updates:

sudo dnf update -y

2. Set the Correct Hostname and FQDN

Puppet relies heavily on proper hostname configuration. Set your system’s hostname and FQDN:

sudo hostnamectl set-hostname puppet.example.com
sudo echo "127.0.0.1 puppet.example.com puppet" >> /etc/hosts

Replace “puppet.example.com” with your actual FQDN.

3. Configure Firewall Settings

If you have the firewall enabled, you’ll need to open the necessary ports for Puppet:

sudo firewall-cmd --permanent --add-port=8140/tcp
sudo firewall-cmd --reload

4. Disable SELinux (if necessary)

While it’s generally recommended to keep SELinux enabled, you may need to disable it if you encounter issues:

sudo setenforce 0
sudo sed -i 's/SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config

Installing Puppet Server

Now that our environment is prepared, let’s install the Puppet Server:

1. Add the Puppet Repository

First, we need to add the official Puppet repository to our system:

sudo rpm -Uvh https://yum.puppet.com/puppet7-release-el-9.noarch.rpm

2. Install Puppet Server Package

With the repository added, we can now install the Puppet Server package:

sudo dnf install puppetserver -y

3. Configure Puppet Server

After installation, we need to configure the Puppet Server. Open the main configuration file:

sudo nano /etc/puppetlabs/puppet/puppet.conf

Add the following lines to the file:

[main]
certname = puppet.example.com
server = puppet.example.com
environment = production
runinterval = 1h

[master]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code

Remember to replace “puppet.example.com” with your actual FQDN.

4. Adjust Memory Allocation

By default, Puppet Server is configured to use 2GB of RAM. If your system has less memory, you’ll need to adjust this setting:

sudo nano /etc/sysconfig/puppetserver

Find the JAVA_ARGS line and adjust the Xms and Xmx values according to your available memory:

JAVA_ARGS="-Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"

5. Start and Enable Puppet Server

Now, let’s start the Puppet Server service and enable it to start on boot:

sudo systemctl start puppetserver
sudo systemctl enable puppetserver

Installing Puppet Agent

With the Puppet Server installed, we can now set up Puppet Agents on our client machines:

1. Add Puppet Repository on Agent Nodes

On each client machine, add the Puppet repository:

sudo rpm -Uvh https://yum.puppet.com/puppet7-release-el-9.noarch.rpm

2. Install Puppet Agent Package

Install the Puppet Agent package:

sudo dnf install puppet-agent -y

3. Configure Puppet Agent

Edit the Puppet configuration file on the agent:

sudo nano /etc/puppetlabs/puppet/puppet.conf

Add the following lines:

[main]
certname = client.example.com
server = puppet.example.com
environment = production
runinterval = 1h

Replace “client.example.com” with the agent’s hostname and “puppet.example.com” with your Puppet Server’s FQDN.

4. Start and Enable Puppet Agent

Start the Puppet Agent service and enable it to start on boot:

sudo systemctl start puppet
sudo systemctl enable puppet

Configuring SSL Certificates

Puppet uses SSL certificates for secure communication between the server and agents. Here’s how to set it up:

1. Generate SSL Certificates on Puppet Server

On the Puppet Server, run:

sudo puppetserver ca setup

2. Sign Certificate Requests from Puppet Agents

When an agent tries to connect for the first time, it will generate a certificate signing request. On the Puppet Server, list pending requests:

sudo puppetserver ca list

To sign a specific certificate:

sudo puppetserver ca sign --certname client.example.com

Or to sign all pending certificates:

sudo puppetserver ca sign --all

3. Verify SSL Certificate Configuration

On the agent, run:

sudo /opt/puppetlabs/bin/puppet agent --test

If everything is configured correctly, you should see output indicating a successful connection to the Puppet Server.

Basic Puppet Configuration

Now that we have Puppet installed and configured, let’s explore some basic Puppet concepts:

Understanding Puppet Manifests and Modules

Puppet uses manifests to define the desired state of your systems. These manifests are typically organized into modules. Here’s a simple example of a manifest:

class example {
  file { '/tmp/example':
    ensure  => present,
    content => "Hello, Puppet!\n",
  }
}

include example

This manifest creates a file at /tmp/example with the content “Hello, Puppet!”.

Creating a Simple Manifest

Let’s create a simple manifest to ensure the Apache web server is installed and running:

sudo nano /etc/puppetlabs/code/environments/production/manifests/site.pp

Add the following content:

node default {
  package { 'httpd':
    ensure => installed,
  }

  service { 'httpd':
    ensure => running,
    enable => true,
  }
}

Applying Configurations to Nodes

To apply this configuration to a node, run the following command on the agent:

sudo /opt/puppetlabs/bin/puppet agent --test

Testing the Puppet Setup

To verify that Puppet is working correctly, you can check the status of the Apache service on the agent:

sudo systemctl status httpd

You should see that the service is running and enabled.

Advanced Puppet Features

As you become more comfortable with Puppet, you may want to explore some of its advanced features:

Introduction to Hiera

Hiera is Puppet’s built-in key-value lookup tool that allows you to separate data from code. This makes your Puppet code more reusable and configurable.

Using Puppet Modules

Puppet has a vast ecosystem of pre-built modules available on the Puppet Forge. These modules can help you manage complex configurations with ease.

Implementing Roles and Profiles

The roles and profiles pattern is a best practice for organizing your Puppet code. It helps separate your business logic from implementation details.

Troubleshooting Common Issues

Even with careful setup, you may encounter some issues. Here are some common problems and their solutions:

Certificate-related Problems

If you’re having certificate issues, you may need to clean and regenerate certificates:

On the agent:

sudo rm -rf /etc/puppetlabs/puppet/ssl
sudo /opt/puppetlabs/bin/puppet agent --test

On the server:

sudo puppetserver ca clean --certname client.example.com
sudo puppetserver ca sign --certname client.example.com

Connection Issues Between Server and Agent

If the agent can’t connect to the server, check your firewall settings and ensure the server’s hostname is resolvable by the agent.

Manifest Compilation Errors

If you’re seeing compilation errors, double-check your manifest syntax. The `puppet parser validate` command can help identify syntax errors.

Congratulations! You have successfully installed Puppet. Thanks for using this tutorial for installing the Puppet on Rocky Linux 9 system. For additional help or useful information, we recommend you check the official Puppet website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Back to top button