Thursday, January 19, 2012

Getting started with Puppet on CentOS 6

This is a how to for setting up Puppet on machines running CentOS 6. Instructions were tested on CentOS 6.2 machines.


Instructions below assume you have two machines named which will be the Puppet master and which will be the Puppet client.
Puppet requires machines to have full qualified domain names (FQDN). Also, the clocks on machines must be in sync. Enable NTP daemon on both machines to sync the machine clock to NTP servers.
# service ntpd start


Puppet requires "ruby" and "ruby-lib" packages installed.
To view puppet command-line help, you need "ruby-rdoc" package installed.
# yum ruby ruby-lib ruby-rdoc
Puppet is not available in CentOS "base" repository. PuppetLabs provides a Yum repository for puppet. You can install a RPM provided by PuppetLabs to configure the Yum repository.
# wget -c
# yum install puppetlabs-release-6-1.noarch.rpm

Puppet Server

Install Puppet server package on
[root@master ~]# yum install puppet-server
Start the Puppet master daemon.
[root@master ~]# service puppetmaster start

Puppet and SSL

Puppet clients uses HTTPS to communicate with the server. In order to communicate with the server Puppet clients require valid SSL certificate. Puppet master daemon acts as CA (certificate authority) for SSL certificates.
During the first run of the puppet client it generates a SSL certificate and sends to puppet master.
[root@client ~]# puppet agent --no-daemonize --onetime --verbose --debug
Before the client can successfully connect to the master, master has to sign the client certificate.
[root@master ~]# puppet cert list --all
[root@master ~]# puppet cert --sign

Puppet Client

Install Puppet client package on
[root@client ~]# yum install puppet
Test Puppet client from the command-line. We will assume that the master has valid signed certificate for
[root@client ~]# puppet agent --help
[root@client ~]# puppet agent --no-daemonize --onetime --verbose --debug
See the "puppet agent --help" to understand the command line flags.

In the next post, we will see how to setup a "helloworld" example for Puppet.