Puppet agent is a software application, provided by Puppet labs, which runs on any node in Puppet cluster. If one wants to manage any server using the Puppet master, the Puppet agent software needs to be installed on that particular server. In general, the Puppet agent will be installed on all the machines excluding the Puppet master machine on any given infrastructure. Puppet agent software has the capability to run on most of the Linux, UNIX, and Windows machines. In the following examples, we are using CentOS machine installation Puppet agent software on it.

Step 1 − Enable the official Puppet labs collection repository with the following command.

$ sudo rpm -ivh https://yum.puppetlabs.com/puppetlabs-release-pc1-el7.noarch.rpm

Step 2 − Install the Puppet agent package.

$ sudo yum -y install puppet-agent

Step 3 − Once the Puppet agent is installed, enable it with the following command.

$ sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable = true

One key feature of the Puppet agent is, for the first time when the Puppet agent starts running, it generates a SSL certificate and sends it to the Puppet master which is going to manage it for signing and approval. Once the Puppet master approves the agent’s certificate signature request, it will be able to communicate and manage the agent node.

Note − One needs to repeat the above steps on all the nodes which needs to be configured and managed any a given Puppet master.

Puppet – SSL Sign Certificate Setup

When the Puppet agent software runs for the first time on any Puppet node, it generates a certificate and sends the certificate signing request to the Puppet master. Before the Puppet server is able to communicate and control the agent nodes, it must sign that particular agent node’s certificate. In the following sections, we will describe how to sign and check for the signing request.

List Current Certificate Requests

On the Puppet master, run the following command to see all unsigned certificate requests.

$ sudo /opt/puppetlabs/bin/puppet cert list
As we have just set up a new agent node, we will see one request for approval. Following will be the output.
"Brcleprod004.brcl.com" (SHA259)
15:90:C2:FB:ED:69:A4:F7:B1:87:0B:BF:F7:ll:
B5:1C:33:F7:76:67:F3:F6:45:AE:07:4B:F 6:E3:ss:04:11:8d

It does not contain any + (sign) in the beginning, which indicates that the certificate is still not signed.

Sign a Request

In order to sign the new certificate request which was generated when the Puppet agent run took place on the new node, the Puppet cert sign command would be used, with the host name of the certificate, which was generated by the newly configured node that needs to be signed. As we have Brcleprod004.brcl.com’s certificate, we will use the following command.

$ sudo /opt/puppetlabs/bin/puppet cert sign Brcleprod004.brcl.com

Following will be the output.

Notice: Signed certificate request for Brcle004.brcl.com

Notice: Removing file Puppet::SSL::CertificateRequest Brcle004.brcl.com at

'/etc/puppetlabs/puppet/ssl/ca/requests/Brcle004.brcl.com.pem'

The puppet sever can now communicate to the node, where the sign certificate belongs.

$ sudo /opt/puppetlabs/bin/puppet cert sign --all

Revoking the Host from the Puppet Setup

There are conditions on configuration of kernel rebuild when it needs to removing the host from the setup and adding it again. These are those conditions which cannot be managed by the Puppet itself. It could be done using the following command.

$ sudo /opt/puppetlabs/bin/puppet cert clean hostname

Viewing All Signed Requests

The following command will generate a list of signed certificates with + (sign) which indicates that the request is approved.

$ sudo /opt/puppetlabs/bin/puppet cert list --all

Following will be its output.

+ "puppet" (SHA256) 5A:71:E6:06:D8:0F:44:4D:70:F0:
BE:51:72:15:97:68:D9:67:16:41:B0:38:9A:F2:B2:6C:B
B:33:7E:0F:D4:53 (alt names: "DNS:puppet", "DNS:Brcle004.nyc3.example.com") 
+ "Brcle004.brcl.com" (SHA259) F5:DC:68:24:63:E6:F1:9E:C5:FE:F5:
1A:90:93:DF:19:F2:28:8B:D7:BD:D2:6A:83:07:BA:F E:24:11:24:54:6A
+ " Brcle004.brcl.com" (SHA259) CB:CB:CA:48:E0:DF:06:6A:7D:75:E6:CB:22:BE:35:5A:9A:B3

Once the above is done, we have our infrastructure ready in which the Puppet master is now capable of managing newly added nodes.

So, this brings us to the end of blog. This Tecklearn ‘How to Set-up Puppet agent and How to sign and check for SSL Certificate’ blog helps you with commonly asked questions if you are looking out for a job in DevOps. If you wish to learn Puppet and build a career in DevOps domain, then check out our interactive, Continuous Deployment: Configuration Management using Puppet Training, that comes with 24*7 support to guide you throughout your learning period. Please find the link for course details:

https://www.tecklearn.com/course/continuous-deployment-configuration-management-using-puppet/

Continuous Deployment: Configuration Management using Puppet Training

About the Course

Tecklearn has specially designed this Continuous Deployment: Configuration Management using Puppet Training Course to advance your skills for a successful career in this domain. The course will cover different components of Git and GitHub and how they are used in software development operations. The course consists of Configuration Management using Puppet, Puppet Components, important concepts like Puppet Lifecycle, Puppet Language and Puppet Installation. You will get an in-depth knowledge of these concepts and will be able to work on related demos. Upon completion of this online training, you will hold a solid understanding and hands-on experience with Puppet.

Why Should you take Configuration Management using Puppet Training?

Average salary of Puppet Professional is $90k – Payscale.com
Uber, Salesforce, PayPal, Booking.com, MIT, Starbucks. & many other MNC’s worldwide use Puppet across industries.
According to Grand View Research, the DevOps market size is estimated to be worth $12.85 billion by 2025. DevOps professionals are highly paid and in-demand throughout industries including retail, eCommerce, finance, and technology.

What you will Learn in this Course?

Introduction to DevOps

What is Software Development
Software Development Life Cycle
Why DevOps?
What is DevOps?
DevOps Lifecycle
DevOps Tools
Benefits of DevOps
How DevOps is related to Agile Delivery
DevOps Implementation

Continuous Deployment: Configuration Management using Puppet

Need of Configuration Management
What is Puppet
Puppet Architecture
Puppet Components
Puppet Lifecycle
Setting up Master Slave using Puppet
Puppet Manifests
Puppet Modules
Applying configuration using Puppet
Puppet File Server
Hands On

Got a question for us? Please mention it in the comments section and we will get back to you.

484