Home / How To / How to set Puppet Master and Agent on CentOS 8

How to set Puppet Master and Agent on CentOS 8



Puppet is an open source configuration management tool and server automation framework. The puppet can run on Unix-like operating systems, as well as on Microsoft Windows systems. It allows you to manage and perform administrative tasks and the configuration of hundreds of systems from a main server.

In this tutorial, I will install Puppet on CentOS 8. I install and configure one CentOS 8 server as a puppet master and the other as "agent".

Prerequisites

  • 2 or more CentOS 8 Server
  • Root privileges

What we will do:

  • Puppet Pre-Installation
  • Install and configure Puppet server
  • Install and Configure Puppet Agent
  • Verify Puppet Agent Configuration
  • Creating First Puppet Manifest

Step 1
– Puppet Pre-Installation

In this first step, we will prepare both master and agent servers for the puppet installation. We will set hosts and FQDN for the server, set up the NTP server and add the puppet repository for CentOS 8 server.

Setup Hostnames

First, we will set up hosts and FQDN for both servers. The puppet master has a host name "master" with FQDN "master.hakase-labs.io", and the agent will have the host name "agent01" with FQDN "agent01.hakase-labs.io".

Set up the host name using the & # 39; hostnamectl & # 39; below.

  hostnamectl set-hostname hostname 

Then edit the "/ etc / hosts" file to configure the FQDN server.

  vim / etc / hosts [19659018] Change the IP address and domain name with your own and paste it into it. 

  10.5.5.21 master.hakase-labs.io master 
10.5.5.22 agent01.hakase-labs.io agent01

Save and close.

Now restart that host name service to apply a new host name and FQDN.

  systemctl restart systemd-hostname 

Then check the host name and FQDN with the following command.

  hostname 
hostname -f

And you get a new hostname and FQDN has been configured and applied to the system.

 Set the server host name

Setup NTP Server

For the NTP server we will use "chrony" for our servers.

Install chrony using the dnf command below.

  dnf install chrony 

Then edit the chrony configuration & # 39; /etc/chrony.conf' with the vim editor.

  vim /etc/chrony.confebrit19659018 right now. Change the pool server with the nearest pool in your country. You can check available pool NTP using & # 39; https: //www.pool.ntp.org/zone/COUNTRYID' Tu 19199009002 Copy all available NTP servers in your country and paste them into the & # 39; chrony.conf & # 39; below. 

  server 0.id.pool.ntp.org iburst 
server 1.id.pool.ntp.org iburst
server 2.id.pool.ntp.org iburst
server 3.id. pool.ntp.org iburst

Save and close.

Now start the chronyd service and add it to the startup time.

  systemctl start chronyd 
systemctl enable chronyd

The NTP server configuration has been completed.

 Setting date and time

Add dock for CentOS 8

For the CentOS 8 server puppet repository, you can manually install it with the rpm command using the rpm command as below.

  sudo rpm -Uvh https://yum.puppet.com/puppet6-release-el-8.noarch.rpmebrit19659018vardAfter that, check all available storage locations in the system using the dnf command below. 

  dnf repolist [19659018] And you get the puppet repository added to the CentOS 8 system. 

 Add puppet repository

Disable SELinux

To disable SELinux, you can edit the configuration & # 39; / etc / sysconfig / selinux & # 39; with the vim editor.

  vim / etc / sysconfig / selinux 

Now change the value "SELINUX" to "disabled".

  SELINUX = disabled [19659018] Save and close, then restart the server. 

  sudo reboot 

After you log in again, check SELinux status with the following command.

  sestatus 

And you will get SELinux-disabled status.

Step 2 - Install and configure Puppet server

In this step we will install and configure Puppet server on the master node.

Install puppet server with the dnf command below.

  sudo dnf install puppet server 

After that, we need to edit the & # 39; init settings & # 39; for puppet server and change the memory a location depending on the RAM we have.

Edit the dock service server setting located at & # 39; / etc / sysconfig / puppet server & # 39; with the vim editor.

  vim / etc / sysconfig / puppetserver 

Now change "JAVA_ARGS & # 39; memory allocation configuration depending on your RAM.

  JAVA_ARGS =" - Xms1g-Xmx1g .... "

Save and close .

Then go to the directory & # 39; / etc / puppetlabs & # 39; and edit the puppet configuration file & # 39; puppet.conf & # 39;

  cd / etc / puppetlabs / 
vim puppet / puppet. conf

Under the main configuration, define the DNS option names with FQDN on the master server. [19659021] [master]
....
dns_alt_names = master.hakase-labs.io, puppet
....

Define then the docking master server configuration as below. [19659021] [main]
certname = master.hakase-labs.io
server = master.hakase-labs.io
environment = production
run interval = 1h

Save and close. [19659002] Add dock service to start time for start and start service.

  systemctl enable puppetserver 
sy stemctl start puppet server

Puppet server is running on the CentOS 8 server with standard TCP port & # 39; 8140 & # 39; .

Add the puppet server port "8140" to the firewall with the following command.

  firewall-cmd --add-port = 8140 / tcp --permanent 
firewall-cmd - reload

And as a result, the installation and configuration of the puppet master has been successfully completed.

 Configure the firewall

Step 3 - Install and configure Puppet Agent

After installing Puppet master server master.hakase-labs .io & # 39 ;, we will install a puppet agent on & # 39 ; agent01 & # 39; server.

Login to & # 39; agent01 & # 39; server and install the puppet-agent package with the dnf command below.

  sudo dnf install puppet agent 

Then go to directory & # 39; / etc / puppetlabs & # 39; and edit the uration file configuration & # 39; puppet.conf & # 39; with the vim editor.

  cd / etc / puppetlabs / 
vim puppet / puppet.conf

Change the configuration "certname" and "server" with your own and paste it into the configuration.

  [main] 
certname = agent01.hakase-labs.io
server = master.hakase-labs.io
environment = production
run interval = 1h

Save and close.

Then start the dock service and register the Puppet Agent to the master server with the following command.

  / opt / puppetlabs / bin / puppet resource service puppet sure = running enable = true 

And you get results as below.

 Start the dock service

The Puppet agent is now running, it is trying to register on the Puppet master server.

Now back to the Puppet master server and checking pending certificate requests.

  / opt / puppetlabs / bin / puppetserver ca list 

And you get "agent01.hakase-labs.io" ce rtificate on the list.

Now sign the "agent01" certificate with the command below.

  / opt / puppetlabs / bin / puppetserver ca sign - certname agent01.hakase-labs.io 

And the puppet agent is now registered on the master server.

 Registering the Dock Agent

Step 4 - Verify the Puppet Agent Configuration

Now verify the Puppet Agent configuration and test the connection between the Dock Agent and the master using the following command.

  / opt / puppetlabs / bin / puppet agent - test 

And you get the result as below.

 Test puppet agent

As a result, Puppet Agent pulled the configuration from the puppet master and used it on the server without errors.

Step 5 - Creating the First Manifesto

At this stage, the installation and configuration of Puppet for master and agent has been completed. [19659002] And for this step, we will test our installation by creating the first puppy pet manifest for installing the httpd package.

Go to directory & # 39; / etc / dock tables / code / environments / production / manifest & # 39; and create the first puppet file & # 39; httpd.pp & # 39 ;.

  cd / etc / puppetlabs / code / 
cd environments / production / manifest

vim httpd.pp

Paste the following configuration.

  node & # 39; agent01.hakase-labs.io & # 39; {
package {& # 39; httpd & # 39;:
sure => "installed",
}
service {& # 39; httpd & # 39;:
safe => run,
enable => true
}
} [19659018] Save and close.

 Create Manifest

Now go to Puppet agent node & # 39; agento01 & # 39; and run the following command.

  / opt / puppetlabs / bin / puppet agent - test 

And you will see the result as below.

 Test the Doll Agent

The Puppet Agent took a new configuration from Puppet Master to install the httpd package and start the httpd service.

On the node "agent01", check the status of the httpd service and check the HTTP port "80"

  systemctl status httpd 
netstat -plntu

And you will get the httpd service running on & # 39; agent01 & # 39; server with the default HTTP port & # 39; 80 & # 39 ;. The Httpd package has been installed via the dock character manifest we created at the top.

 Check httpd status

And as a result, Puppet Master and agent installation and configuration on the CentOS 8 server have been successfully completed.

Reference


Source link