How to install Puppet Server on Linux (AlmaLinux)
As a configuration management tool, Puppet automates IT infrastructure provisioning, server configuration, and resource management. Puppet Server is the central hub that manages configuration information, compiles configuration catalogs, and serves them to Puppet Agents.
Key points
Having read this article in full, you will gain understanding of the following concepts related to Puppet software for configuration management:
- What are Puppet Server, Puppet Bolt, and Puppet Agent
- Getting started with Puppet
- Installing the Puppet Server, Puppet Bolt, and Puppet Agent software
- How to use Puppet
- How to test Puppet
- How to update Puppet
- How to uninstall Puppet
What are Puppet Server, Puppet Bolt, and Puppet Agent?
Puppet Agent is the software installed on each node that communicates with the Puppet Server to retrieve configuration instructions and apply them to the node. On the other hand, Puppet Bolt is a standalone agentless task runner that allows you to execute commands, scripts, and tasks across your infrastructure without requiring a Puppet Server or Puppet Agent setup.
Installing Puppet Server on AlmaLinux is essential for efficient and scalable infrastructure management. By centralizing configuration management, Puppet Server streamlines the deployment and maintenance of software and services across your AlmaLinux servers. It enables you to define desired states for your infrastructure, ensuring consistency and reducing manual intervention. With Puppet Server, you can easily enforce security policies, manage updates, and automate repetitive tasks, ultimately improving the reliability and agility of your Almalinux environment.
Prerequisites for installing Puppet Server
Here are the prerquisites necessary to have in place before you can install Puppet Server and Puppet Agents.
- Allocate two AlmaLinux servers for the Puppet software — this article uses two AlmaLinux 8 servers:
- 192.168.10.20 for Puppet Server
- 192.168.10.21 for Puppet Agent
- Confirm that you have root or sudo access to install the Puppet Server and Puppet Agent.
- Before installing Puppet Server and Puppet Agent, the AlmaLinux system must be updated to the most recent version.
Perform initial AlmaLinux server setup
The steps covered in the next sections give guidance with regard to the initial AlmaLinux server setup required.
Step #1. Updating the AlmaLinux system
Execute the following command to update the AlmaLinux system in preparation ahead of the Puppet Server and Puppet Agent installation:
sudo dnf update
Step #2. Configure the hostname in Puppet Server and Puppet Agent
To set the hostname for Puppet Server, execute the following command:
sudo hostnamectl set-hostname puppetserver.example.com
To set the hostname for Puppet Agent, execute the following command:
sudo hostnamectl set-hostname puppetagent.example.com
Replace puppetserver.example.com and puppetagent.example.com with the required values. Then, open the /etc/hosts file on both Puppet Server and Puppet Agent using any of the common Linux text editors such as nano or others:
sudo nano /etc/hosts
Add the following details, then save and close the file:
192.168.10.20 puppetserver.example.com puppetserver
192.168.10.21 puppetagent.example.com puppetagent
Replace the IP address and hostname with the IP address and hostname of your Puppet Server and Puppet Agent. To reflect the new hostname in the configuration, reboot both servers by executing the following command:
sudo reboot
Install Puppet Server
To install the Puppet Server on AlmaLinux, follow the these steps.
Step #1. Enable the Puppet repository
To enable the Puppet repository, execute the following command:
sudo rpm -Uvh https://yum.puppet.com/puppet6-release-el-8.noarch.rpm
Step #2. Install the Puppet Server
To install the Puppet Server package, execute the following command:
sudo dnf install puppetserver
Here is the output:
root@puppetserver ~]# sudo dnf install puppetserver
Puppet 6 Repository el 8 - x86_64 48 MB/s | 38 MB 00:00
Last metadata expiration check: 0:00:10 ago on Tue 20 Feb 2024 03:03:32 AM UTC.
Dependencies resolved.
====================================================================================================================================================
Package Architecture Version Repository Size
====================================================================================================================================================
Installing:
puppetserver noarch 6.20.0-1.el8 puppet6 75 M
Installing dependencies:
—-
—-
puppet-agent x86_64 6.28.0-1.el8 puppet6 26 M
—-
—-
Installed:
—-
—-
puppet-agent-6.28.0-1.el8.x86_64 puppetserver-6.20.0-1.el8.noarch
—-
—-
Complete!
To ensure that the Puppet Server has been installed, execute the following command:
rpm -qi puppetserver
Step #3. Configure the Puppet Server
To configure Puppet Server, open the Puppet Server configuration file /etc/puppetlabs/puppet/puppet.conf for editing:
sudo nano /etc/puppetlabs/puppet/puppet.conf
Add the following lines to the server section:
dns_alt_names=puppetserver.example.com,puppetserver
Next, add the following lines, then save and close the file.
[main]
certname = puppetserver.example.com
server = puppetserver.example.com
environment = production
runinterval = 1h
Replace puppetserver.example.com with Puppet Server’s hostname. To start the Puppet Server, execute the following command:
sudo systemctl start puppetserver
To enable the Puppet Server to start on boot, execute the following command:
sudo systemctl enable puppetserver
The Puppet Agent is also installed during Puppet Server installation. However, the Puppet Agent does not start automatically and must be started manually. To start the Puppet Agent, execute the following command:
sudo systemctl start puppet
To enable the Puppet Agent to start on boot, execute the following command:
sudo systemctl enable puppet
Step #4. Allow th ePuppet service in the firewall
To open the TCP port 8140 for the Puppet Server, execute the following command:
sudo firewall-cmd --reload
sudo firewall-cmd --list-all
Step #5. Add the Puppet binary folder to $PATH
Puppet binaries are stored in the /opt/puppetlabs/bin directory. By default, this directory is not in $PATH. To add Puppet binaries to $PATH, execute the following command:
echo 'export PATH=$PATH:/opt/puppetlabs/bin' | tee -a ~/.bashrc
Then, execute the following command to reload the ~/.bashrc file in the current shell. Doing so will update the PATH variable with the changes made in the previous command:
source ~/.bashrc
Step #6. Install the Puppet Bolt tool
Puppet Bolt is a tool for open-source orchestration, and it can be installed on both the Puppet Server and Puppet Agents. To install Puppet Bolt tool for orchestration, execute the following command:
sudo dnf install puppet-bolt
Install Puppet Agent
To install Puppet Agent on AlmaLinux, please follow the steps in the next sections.
Step #1. Enable the Puppet repository
To enable the Puppet repository, execute the following command:
sudo rpm -Uvh https://yum.puppet.com/puppet6-release-el-8.noarch.rpm
Step #2. Install the Puppet Agent
To install Puppet Agent, execute the following command:
sudo dnf install puppet-agent
Here is the output:
]# sudo dnf install puppet-agent
Puppet 6 Repository el 8 - x86_64 51 MB/s | 38 MB 00:00
Last metadata expiration check: 0:00:09 ago on Tue 20 Feb 2024 04:13:19 AM UTC.
Dependencies resolved.
====================================================================================================================================================
Package Architecture Version Repository Size
====================================================================================================================================================
Installing:
puppet-agent x86_64 6.28.0-1.el8 puppet6 26 M
—-
—-
Installed:
puppet-agent-6.28.0-1.el8.x86_64
Complete!
To start the Puppet Agent, execute the following command:
sudo systemctl start puppet
To enable the Puppet Agent to start on boot, execute the following command:
sudo systemctl enable puppet
Step #3. Configure the Puppet Agent
To configure Puppet Agent, open Puppet Server configuration file /etc/puppetlabs/puppet/puppet.conf for editing:
sudo nano /etc/puppetlabs/puppet/puppet.conf
Add the following lines, then save and close the file:
[agent]
server=puppetserver.example.com
ca_server=puppetserver.example.com
Then, restart Puppet Agent by executing the following command to reflect the changes:
sudo systemctl restart puppet
Step #4. Connect the Puppet Agent to Puppet Server
To generate a new certificate on the Puppet Agent and authenticate to the Puppet Server, execute the following command:
puppet ssl bootstrap
The output will show that the certificate still needs to be signed. Here is the output:
[root@puppetagent ~]# puppet ssl bootstrap
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for puppetagent.example.com
Info: Certificate Request fingerprint (SHA256): F9:C4:2D:AE:B8:EC:4E:06:BA:3C:8D:91:BA:F2:AB:FE:91:2A:B4:C4:38:A5:E9:DC:D2:B0:A7:3D:00:8C:5F:3A
Info: Certificate for puppetagent.example.com has not been signed yet
Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (puppetagent.example.com).
Info: Will try again in 120 seconds.
To verify the list of certificates (pending and accepted), execute the following command on the Puppet Server:
puppetserver ca list --all
Here is the output:
[root@puppetserver ~]# puppetserver ca list --all
Requested Certificates:
puppetagent.example.com (SHA256) F9:C4:2D:AE:B8:EC:4E:06:BA:3C:8D:91:BA:F2:AB:FE:91:2A:B4:C4:38:A5:E9:DC:D2:B0:A7:3D:00:8C:5F:3A
Signed Certificates:
puppetserver.example.com (SHA256) FA:E1:C4:02:B0:5A:DB:B6:DC:F9:CC:18:12:73:D3:35:45:7D:30:27:23:22:FE:D3:4C:E0:84:7D:05:03:39:3D alt names: ["DNS:puppetserver.example.com", "DNS:puppetserver", "DNS:puppetserver.example.com"] authorization extensions: [pp_cli_auth: true]
Then, sign the certificate request generated by the Puppet Agent by executing the following command:
puppetserver ca sign --certname puppetagent.example.com
Replace puppetagent.example.com using Puppet Agent’s hostname. Here is the output:
[root@puppetserver ~]# puppetserver ca sign --certname puppetagent.example.com
Successfully signed certificate request for puppetagent.example.com
The Puppet Agent should now display "Notice: Completed SSL initialization" message in the output:
[root@puppetagent ~]# puppet ssl bootstrap
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for puppetagent.example.com
Info: Certificate Request fingerprint (SHA256): F9:C4:2D:AE:B8:EC:4E:06:BA:3C:8D:91:BA:F2:AB:FE:91:2A:B4:C4:38:A5:E9:DC:D2:B0:A7:3D:00:8C:5F:3A
Info: Certificate for puppetagent.example.com has not been signed yet
Couldn't fetch certificate from CA server; you might still need to sign this agent's certificate (puppetagent.example.com).
Info: Will try again in 120 seconds.
Notice: Completed SSL initialization
Then, verify the list of certificates by executing the following command on the Puppet Server:
puppetserver ca list --all
If everything works properly, you should see the Puppet Agent certificate in the Signed Certificates section. Here is the output:
[root@puppetserver ~]# puppetserver ca list --all
Signed Certificates:
puppetserver.example.com (SHA256) FA:E1:C4:02:B0:5A:DB:B6:DC:F9:CC:18:12:73:D3:35:45:7D:30:27:23:22:FE:D3:4C:E0:84:7D:05:03:39:3D alt names: ["DNS:puppetserver.example.com", "DNS:puppetserver", "DNS:puppetserver.example.com"] authorization extensions: [pp_cli_auth: true]
puppetagent.example.com (SHA256) FE:7E:FF:D2:1E:05:60:6E:4A:BF:91:05:13:E2:0B:E5:50:45:29:57:A0:E5:12:32:17:CD:4B:EE:6C:5B:60:1A alt names: ["DNS:puppetagent.example.com"]
Step #5. Verify Puppet Installation
To check whether the Puppet Server is installed and running, execute the following command:
sudo systemctl status puppetserver
Here is the output:
[root@puppetserver ~]# sudo systemctl status puppetserver
● puppetserver.service - puppetserver Service
Loaded: loaded (/usr/lib/systemd/system/puppetserver.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2024-02-20 03:37:52 UTC; 59min ago
Main PID: 49775 (java)
Tasks: 48 (limit: 4915)
Memory: 1.0G
CGroup: /system.slice/puppetserver.service
└─49775 /usr/bin/java -Xms2g -Xmx2g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger -XX:OnOutOfMemoryError=kill -9 %p >
To check whether the Puppet Agent is installed and running, execute the following command:
sudo systemctl status puppet
Here is the output from the Puppet Server:
[root@puppetserver ~]# sudo systemctl status puppet
● puppet.service - Puppet agent
Loaded: loaded (/usr/lib/systemd/system/puppet.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2024-02-20 03:38:21 UTC; 1h 0min ago
Main PID: 49907 (puppet)
Tasks: 2 (limit: 24688)
Memory: 48.3M
CGroup: /system.slice/puppet.service
└─49907 /opt/puppetlabs/puppet/bin/ruby /opt/puppetlabs/puppet/bin/puppet agent --no-daemonize
Here is the output from the Puppet Agent:
[root@puppetagent ~]# sudo systemctl status puppet
● puppet.service - Puppet agent
Loaded: loaded (/usr/lib/systemd/system/puppet.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2024-02-20 04:30:20 UTC; 8min ago
Main PID: 49212 (puppet)
Tasks: 2 (limit: 24688)
Memory: 48.0M
CGroup: /system.slice/puppet.service
└─49212 /opt/puppetlabs/puppet/bin/ruby /opt/puppetlabs/puppet/bin/puppet agent --no-daemonize
To check whether the Puppet Bolt is installed and running, execute the following command:
bolt --version
See the How to install and configure Puppet on CentOS, Fedora, Ubuntu, or Opensuse article to learn more about the installation and configuration of Puppet on these other operating systems.
How to use Puppet
To use Puppet to manage system configurations and resources, review the steps in the following sections.
Step #1. Create Puppet manifests
Using the Puppet manifests (.pp files), define the desired state of your systems. Manifests describe the resources and configurations you want Puppet to manage.
Step #2. Apply manifests
Use the Puppet Agent to apply manifests from the Puppet Server to manage configurations across multiple systems:
sudo /opt/puppetlabs/bin/puppet agent --test
Step #3. Update Puppet manifests
Modify your Puppet manifests as needed to reflect changes in your infrastructure. Ensure that changes are tested in a controlled environment before applying them to production.
Step #4. Monitor and maintain your Puppet infrastructure
Regularly check your Puppet infrastructure to ensure that configurations are appropriately implemented. Address any errors or mistakes that may occur throughout the configuration management process.
How to test Puppet
To check that the Puppet Agent is correctly connected to the Puppet Server and applying configurations, please follow the steps below.
Step #1. Create a Puppet manifest
Create a simple Puppet manifest file (for example, sample_manifest.pp) on the Puppet Server in the default module directory (/etc/puppetlabs/code/environments/production/manifests):
# /etc/puppetlabs/code/environments/production/manifests/sample_manifest.pp
file { '/tmp/testfile':
ensure => present,
content => 'This is a test file created by Puppet.',
}
Step #2. Apply the manifest
Apply the manifest to the Puppet Server to confirm that it is syntactically correct and that the Puppet Agent can retrieve the configuration:
xsudo /opt/puppetlabs/bin/puppet apply /etc/puppetlabs/code/environments/production/manifests/sample_manifest.pp
Here is the output:
[root@puppetserver ~]# sudo /opt/puppetlabs/bin/puppet apply /etc/puppetlabs/code/environments/production/manifests/sample_manifest.pp
Notice: Compiled catalog for puppetserver.example.com in environment production in 0.01 seconds
Notice: /Stage[main]/Main/File[/tmp/testfile]/ensure: defined content as '{md5}a5c224c88a8a5f089eee59622303d1f3'
Notice: Applied catalog in 0.02 seconds
Step #3. Run Puppet Agent
On the Puppet Agent, run the Puppet Agent to retrieve and apply the configuration from the Puppet Server.
sudo /opt/puppetlabs/bin/puppet agent --test
Here is the output:
[root@puppetagent ~]# sudo /opt/puppetlabs/bin/puppet agent --test
Info: Using environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Caching catalog for puppetagent.example.com
Info: Applying configuration version '1708409468'
Notice: /Stage[main]/Main/File[/tmp/testfile]/ensure: defined content as '{md5}a5c224c88a8a5f089eee59622303d1f3'
Notice: Applied catalog in 0.02 seconds
Step #4. Verify Configuration
Check if the Puppet Agent has created the file required in the manifest (/tmp/testfile).
cat /tmp/testfile
It should show the information specified in the Puppet manifest. Here is the output:
[root@puppetagent ~]# cat /tmp/testfile
This is a test file created by Puppet.
How to update Puppet
To update the Puppet Server, execute the following command:
sudo dnf update puppetserver
To update the Puppet Agent, execute the following command:
sudo dnf update puppet-agent
To update Puppet Bolt, execute the following command:
sudo dnf update puppet-bolt
How to uninstall Puppet
To uninstall the Puppet Server, execute the following command:
sudo dnf remove puppetserver
To uninstall the Puppet Agent, execute the following command:
sudo dnf remove puppet-agent
To uninstall Puppet Bolt, execute the following command:
sudo dnf remove puppet-bolt
To remove any remaining configuration files manually, execute the following command:
sudo rm -rf /etc/puppetlabs/
Warning: It is critical to be cautious when using rm -rf since it can delete files and directories recursively and forcefully without prompting confirmation. If used incorrectly, it can result in permanent data loss with system folders such as /etc and /opt.
To remove any residual Puppet directories and files, execute the following command:
sudo rm -rf /opt/puppetlabs/
Get started with Puppet today! Empower your AlmaLinux setup on our hosting
Puppet installation on AlmaLinux is a simple procedure that can significantly improve your server management abilities. By following the instructions in this article, you can rapidly set up Puppet Server, Puppet Bolt, and Puppet Agent.
A well-done Puppet implementation using the instructions outlined in this post will let you automate tasks, manage configurations, and simplify your IT infrastructure. Puppet on AlmaLinux is a potent tool for effective and scalable server automation, regardless of your experience with server administration.
Purchasing a web hosting plan with Liquid Web to install Puppet on AlmaLinux is a strategic decision for enhancing server management and automation. Liquid Web's reliable hosting services provide a stable environment for running Puppet, ensuring seamless automation of tasks and efficient configuration management. Liquid Web's hosting plans offer the reliability and support needed to leverage Puppet on AlmaLinux effectively, making it an ideal choice for businesses looking to enhance their server automation capabilities.
Related Articles:
![Avatar for Mohammed Noufal](/static/087d08032a50c4c92d6876b3acec4052/9ca7a/78f79aa1903969121f83a04318ddb54c.png)
About the Author: Mohammed Noufal
Mohammed Noufal is a B.Tech graduate with a decade of experience in server administration and web hosting. He is a father to two daughters and finds fulfillment in their growth. In his free time, he enjoys blogging, sharing experiences, and listening to music. With a strong technical background, family commitment, and creative outlets, he represents a well-rounded life journey.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
Latest Articles
How to install PyTorch on Linux (AlmaLinux)
Read ArticleInnovative armor — exploring ThreatDown’s impact on cyber defense
Read ArticleControlling PHP settings with a custom php.ini file
Read ArticleLinux dos2unix command syntax — removing hidden Windows characters from files
Read ArticleChange cPanel password from WebHost Manager (WHM)
Read Article