Install Puppet Server CentOS 6

Install Puppet Server CentOS 6

Puppet is one of the neat configuration management tool used today. It is opensource and easy to administer the servers.

The system related resources are described in Ruby DSL (domain specific language) or Puppet’s declarative language. Information is stored in the form of Puppet Manifests.

Puppet uses the utility called Facter to collect the system information for a client server and compiles the manifests into system specific catalog. This catalog contains the resources and the resource dependency which are applied to the target client machines.

The following are the steps which are included to install puppet master server and the puppet client server on CentOS 6.

Install Puppet Server CentOS 6 – Add PuppetLabs Repo

Include the Puppet repository to the OS. Puppetlabs provides a repository which can be used to manage all the required binaries for Puppet.

[[email protected] ~]# rpm -ivh

Install Puppet Server CentOS 6 – Install puppet-server

Once Puppetlabs repository is added, install puppet-server using yum.

[[email protected] ~]# yum install puppet-server

It will install all the required dependencies along with puppet-server.

Start puppetmaster.

[[email protected] ~]# /etc/init.d/puppetmaster start

Install Puppet Server CentOS 6 – Enable puppetmaster on startup

Enable puppet master to run on the server startup by executing the following command.

[[email protected] ~]# puppet resource service puppetmaster ensure=running enable=true


Notice: /Service[puppetmaster]/enable: enable changed 'false' to 'true'
service { 'puppetmaster':
  ensure => 'running',
  enable => 'true',

Install Puppet Server CentOS 6 – Install webserver (apache)

In order to communicate with the client servers, puppet would require a webserver. You can install apache (http). Since puppet is written in Ruby we will require some ruby related dependencies for apache.

The following is the command that can be used to install apache and it’s related dependencies.

[[email protected] ~]# yum install httpd httpd-devel mod_ssl ruby-devel rubygems gcc-c++ curl-devel zlib-devel make automake openssl-devel

Install Puppet Server CentOS 6 – Install Rack & Passenger

Rack provides the interface between Apache and Ruby thereby acting as a middleware. Passenger aka Phusion Passenger is a web application server which works with apache. It is also referred as mod_rails and mod_rack.

These two are available as Ruby Gems.

The following command will install them.

[[email protected] ~]# gem install rack passenger


Successfully installed rack-1.5.2
Building native extensions.  This could take a while...
Successfully installed rake-10.2.2
Successfully installed daemon_controller-1.2.0
Successfully installed passenger-4.0.41
4 gems installed
Installing ri documentation for rack-1.5.2...
Installing ri documentation for rake-10.2.2...
Installing ri documentation for daemon_controller-1.2.0...
Installing ri documentation for passenger-4.0.41...
Installing RDoc documentation for rack-1.5.2...
Installing RDoc documentation for rake-10.2.2...
Installing RDoc documentation for daemon_controller-1.2.0...
Installing RDoc documentation for passenger-4.0.41...

Install the required apache module for passenger using the following command.

[[email protected] ~]# passenger-install-apache2-module


Welcome to the Phusion Passenger Apache 2 module installer, v4.0.41.

This installer will guide you through the entire installation process. It
shouldn't take more than 3 minutes in total.

Here's what you can expect from the installation process:

 1. The Apache 2 module will be installed for you.
 2. You'll learn how to configure Apache.
 3. You'll learn how to deploy a Ruby on Rails application.

Don't worry if anything goes wrong. This installer will advise you on how to
solve any problems.

Press Enter to continue, or Ctrl-C to abort.

Install Puppet Server CentOS 6 – Apache configuration

Create a apache virtual host configuration for the Puppet Server. I created something like below:

[[email protected] ~]# vim /etc/httpd/conf.d/gagan-puppetmaster.conf

Add the following contents to it after modifying the SSLCertificateFile & SSLCertificateKeyFile with the one you have.

# RHEL/CentOS:
LoadModule passenger_module  /usr/lib/ruby/gems/1.8/gems/passenger-4.0.41/buildout/apache2/
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.41/
PassengerRuby /usr/bin/ruby
# And the passenger performance tuning settings:
PassengerHighPerformance On
PassengerUseGlobalQueue On
# Set this to about 1.5 times the number of CPU cores in your master:
PassengerMaxPoolSize 9
# Recycle master processes after they service 1000 requests
PassengerMaxRequests 1000
# Stop processes if they sit idle for 10 minutes
PassengerPoolIdleTime 600
Listen 8140

    SSLEngine On
    # Only allow high security cryptography. Alter if needed for compatibility.
    SSLProtocol             All -SSLv2
    SSLCipherSuite          HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
    SSLCertificateFile      /var/lib/puppet/ssl/certs/gagan-puppetmaster.pem
    SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/gagan-puppetmaster.pem
    SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
    SSLCACertificateFile    /var/lib/puppet/ssl/ca/ca_crt.pem
    SSLCARevocationFile     /var/lib/puppet/ssl/ca/ca_crl.pem
    SSLVerifyClient         optional
    SSLVerifyDepth          1
    SSLOptions              +StdEnvVars +ExportCertData
    # These request headers are used to pass the client certificate
    # authentication information on to the puppet master process
    RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
    RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
    RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
    #RackAutoDetect On
    DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
        Options None
        AllowOverride None
        Order Allow,Deny
        Allow from All

Install Puppet Server CentOS 6 – Start Apache

We first would have to stop puppetmaster and then start apache.

[[email protected] ~]# /etc/init.d/puppetmaster stop
[[email protected] ~]# /etc/init.d/httpd start

We will also enable apache on server startup and disable puppetmaster.

[[email protected] ~]# chkconfig httpd on
[[email protected] ~]# chkconfig puppetmaser off

Verify port 8140 are open and listening on the server.

[[email protected] ~]# netstat -plant | grep :8140


tcp        0      0 :::8140                     :::*                        LISTEN      6555/httpd

[[email protected] ~]# lsof -i tcp:8140


httpd   6555   root    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)
httpd   6575 apache    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)
httpd   6576 apache    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)
httpd   6577 apache    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)
httpd   6578 apache    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)
httpd   6579 apache    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)
httpd   6580 apache    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)
httpd   6581 apache    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)
httpd   6582 apache    6u  IPv6  33855      0t0  TCP *:8140 (LISTEN)

Install Puppet Server CentOS 6 – Final Step

Add the following lines in /etc/puppet/puppet.conf

certname	= FQDN_FOR_PUPPET
ca		= true

Where, FQDN_FOR_PUPPET will be the FQDN for puppet master server.

Install Puppet Server CentOS 6

No Comments

Post a Comment

Time limit is exhausted. Please reload CAPTCHA.