Skip to content

Installing Puppet on CentOS 5

Puppet is a system for automating system administration tasks. Its automation saves you countless hours of frustration, monotony and reinventing the wheel. It lets you perform administrative task from a central systems to any number of systems running any variant of operating system.

For a more complete description visit Puppet Labs.

Installing the Puppet CentOS 5 packages

Install the Puppet Repository

rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm

Install the Puppet Master packages

yum install puppet-server

Install the Puppet Client packages

yum install puppet

A Simple Manifest: Managing Ownership of a File

Step 1: Create a minimal manifest file called site.pp in /etc/puppet/manifests with the following content

vi /etc/puppet/manifests/site.pp

/etc/puppet/manifests/site.pp

import "classes/*"

node default {
    include sudo
 }

Step 2: Next create the sudo.pp class in /etc/puppet/manifests/classes/ with the following content

vi /etc/puppet/manifests/classes/sudo.pp

class sudo {
    file { "/etc/sudoers":
        owner => "root",
        group => "root",
        mode  => 440,
    }
}

This class which will ensure that the owner, group, and mode of the /etc/sudoers file will be set consistently across all systems that belong to that class.

Step 3: Start the Puppet Master service and enable startup on boot

service puppetmaster start

chkconfig puppetmaster on

Configuring Puppet

Configure the puppet client to connect to the server and enable logging. Edit the file /etc/sysconfig/puppet and uncomment the PUPPET\_LOG and PUPPET\_SERVER line specifying the servers address.

vi /etc/sysconfig/puppet

# The puppetmaster server
PUPPET_SERVER=PuppetMaster

# If you wish to specify the port to connect to do so here
#PUPPET_PORT=8140

# Where to log to. Specify syslog to send log messages to the system log.
PUPPET_LOG=/var/log/puppet/puppet.log

# You may specify other parameters to the puppet client here
#PUPPET_EXTRA_OPTS=--waitforcert=500

The client will automatically pull configuration from the server every 30 minutes, start it as a service and enable startup on boot

service puppet start

chkconfig puppet on

Sign the SSL key request from the Puppet Client

In order for the two systems to communicate securely we need to create signed SSL certificates. You should be logged into both the Puppet Master and Puppet machines for this next step.

puppetca --list

server2.example.co.za

puppetca --sign server2.example.co.za

Signed server2.example.co.za