Install Puppet Client CentOS 6
In our previous article we discussed about the installation and the setup of the Puppet server. http://gaganonthenet.com/2014/04/09/install-puppet-server-centos-6/
I will provide some broad details involved in the installation and the setup of puppet client on a server which will act as client node of Puppet server. This Puppet client will fetch the configuration changes from Puppet server.
Install Puppet Client CentOS 6 – Add PuppetLabs Repo
Add the Puppetlabs repository on the client server. We will use this repository to install Puppet client on this machine.
You can use the following command:
[[email protected] ~]# rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-10.noarch.rpm
Install Puppet Client CentOS 6 – Install Puppet
We can now install puppet on the client machine using the following command:
[[email protected] ~]# yum install puppet
I will install the required dependencies for Puppet client.
Install Puppet Client CentOS 6 – Modify puppet.conf
You will now have to modify the Puppet configuration and provide the FQDN for the Puppet Master server.
In order to accomplish this, you will have to modify the following file:
And add the following lines in the [agent] and the other required agent variables.
[agent] # Under this section!! server = FQDN_FOR_PUPPET_MASTER.TLD # It should be a FQDN. pluginsync = true report = true
In case you are not using DNS in your environment and don’t have a DNS name for the Puppet Master server you will have to use /etc/hosts file to resolve the DNS for puppet master.
Install Puppet Client CentOS 6 – Test Puppet
Once you have done that you can now test the execution of Puppet on the client node.
You will also have to make sure that the client node certificate is signed by Puppet master server.
In case you have the following option enabled on the puppet master, then you don’t have to worry about the signing of the client node certificate.
autosign = true
Personally, I prefer not to use this option since I don’t want any unknown puppet client node certificate signed by the puppet master. I prefer signing it myself.
Initiate the test execution of puppet on the client node, by running the following command as root.
[[email protected]]# puppet agent -t –noop –waitforcert 60
[[email protected]]# puppet agent -t –noop -w 60
This will create a self signed certificate and send the public certificate to the Puppet Master server. The –waitforcert option will ask puppet client to wait the number of seconds defined (in this case 60 seconds) while it is signed by the puppet master.
Note: Puppet client cannot communicate with the puppet master if the client certificate isn’t signed by puppet master.
On Puppet Master, use the following command to list the pending certificates to be signed:
[[email protected] ~]# puppet cert list
Locate the client which you want to sign the certificate for. Use the following command on Puppet Master to sign the certificate from the client node.
[[email protected] ~]# puppet cert sign gagan-client.mynetwork.net
Once this is done, the client node should be able to successfully communicate with the Puppet master.
If you are satisfied with the changes which will be implemented on the client node execute Puppet on client node using the following command:
[[email protected]]# puppet agent -t
Install Puppet Client CentOS 6 – Start Puppet and Enable on Startup
You should now be safe to start puppet and enable it during the server startup on the client node.
[[email protected]]# /etc/init.d/puppet start
[[email protected]an-client]# chkconfig puppet on
Install Puppet Client CentOS 6