Skip to content

CentOS 6 Puppet Install

In this tutorial we’ll be covering the very basics of installing and configuring Puppet. Puppet is a system for automating system administration tasks. Its automation saves you countless hours of frustration, monotony and reinventing the wheel. It lets you perform administrative task from a central systems to any number of systems running any variant of operating system.

For a more complete description visit Puppet Labs.

Installing the Puppet CentOS 6 packages

Install the Puppet Repository

# rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm

Install the EPEL x86_64 YUM Repository

# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Install the Puppet Master packages

# yum install puppet-server

Install the Puppet Client packages

# yum install puppet

A Simple Manifest: Managing Ownership of a File

Step 1: Create a minimal manifest file called site.pp in /etc/puppet/manifests with the following content:

# vi /etc/puppet/manifests/site.pp
# /etc/puppet/manifests/site.pp

import "classes/*"

node default {
    include sudo
 }

Step 2: Next create the sudo.pp class in /etc/puppet/manifests/classes/ with the following content:

# vi /etc/puppet/manifests/classes/sudo.pp
# /etc/puppet/manifests/classes/sudo.pp

class sudo {
    file { "/etc/sudoers":
        owner => "root",
        group => "root",
        mode  => 440,
    }
}

This class which will ensure that the owner, group, and mode of the /etc/sudoers file will be set consistently across all systems that belong to that class.

Step 3: Start the Puppet Master service and enable startup on boot

# service puppetmaster start
# chkconfig puppetmaster on

Configuring Puppet

Configure the puppet client to connect to the server and enable logging. Edit the file /etc/sysconfig/puppet and uncomment the PUPPET_LOG and PUPPET_SERVER line specifying the servers address.

# vi /etc/sysconfig/puppet
# The puppetmaster server
PUPPET_SERVER=PuppetMaster

# If you wish to specify the port to connect to do so here
#PUPPET_PORT=8140

# Where to log to. Specify syslog to send log messages to the system log.
PUPPET_LOG=/var/log/puppet/puppet.log

# You may specify other parameters to the puppet client here
#PUPPET_EXTRA_OPTS=--waitforcert=500

The client will automatically pull configuration from the server every 30 minutes, start it as a service and enable startup on boot

# service puppet start
# chkconfig puppet on

Sign the SSL key request from the Puppet Client

In order for the two systems to communicate securely we need to create signed SSL certificates. You should be logged into both the Puppet Master and Puppet machines for this next step.

# puppetca --list
server2.example.co.za
# puppetca --sign server2.example.co.za
Signed server2.example.co.za

+George Rushby