Blog

Install Puppet on Ubuntu 18.04

What is Puppet?

In this tutorial, we will install Puppet on a Ubuntu 18.04 server. Puppet is an open core, server based, task management type of automation software that is primarily used to limit your interactions for many of the mundane, day to day server tasks that used to require personal intervention. 

This software allows you as the server owner to delegate specific functions to the software, thereby freeing you up for more critical business efforts. Puppet is a master/client based system that can interact with both Windows and Linux servers. The Puppet master server is run from a Linux server (a small downside given the time and effort it will save in the long run) but, can control efforts on other server types as well.

The work that needs to be completed on the remote server is defined by a configuration file called a manifest file. This file contains the instructions for the group or type of server(s) being controlled. A few of the tasks types that can be implemented are:

  • Quickly modify an action or process on the fly to a single server or a group of servers
  • Disperse or share a script among multiple servers and then run that script
  • Stop/Restart server services before or after a particular event has occurred
  • Implement changes in a specific order to a unique process
  • Execute an action(s) at a specific time over multiple groups of servers at a time of your choosing

Additionally, you can control which users can access and perform a set of tasks and have the changes documented in an audit trail log for later review and evaluation. If you have difficulty in selecting work that needs to be performed, you can search PuppetForge site to see if a manifest file already exists, so you’re not wasting time reinventing the wheel!

System Prerequisites and Requirements

Puppet’s master server calls for an increased amount of resources to satisfy the many remote requests from the clients, so a larger server with more RAM is needed if many clients are requesting updates. The amount of resources required on the master will depend on the following information:

  • The number of remote clients the master server is controlling
  • How often the remote clients are asking for updates
  • The number of resources that are managed on each remote client
  • The intricacy of the manifest files and modules being used by the master server
Note
 The puppet master server will not run on windows. It must be run on a Linux server. 

Hardware Requirements

Client Server:

There is no specific minimum resource required to run the puppet client software.

Master Server:

The resources for the puppet master server will be based on the number of client servers, the tasks being performed, the timeframe of each request, and the number of managed resources on the client servers. According to puppet labs, the following chart can be used to approximate the necessary resources on a master server.

Node volume Cores Heap ReservedCodeCache
dozens 2 1 GB n/a
1,000 2-4 4 GB 512m

Naming Resolution and Timekeeping

Naming Resolution

When setting up the client for install, there are a few caveats which need to be addressed first. The initial concerns will be utilizing a consistent naming scheme across the master and clients. This will allow for an easy way to allow for the addition of more clients down the road. Using server names like puppetclient01.domain.com or pc01.domain.com on the client indicates that this will be the first puppet client server. Using PM01.domain.com for the puppet master server will allow the client to locate and connect with the master easily. This change can be made in the puppet configuration file.

Timekeeping

For the master and clients to sync up correctly during task runs, we need to ensure that the Network Time Protocol (NTP) service is installed and running on the servers that are being used. This allows the master server to act as the certificate authority for the clients that are linked to it. This will reduce the number of certificate errors that can be encountered if this service is off. To verify the NTP settings are correct, use the timedatectl command:

root@host [~] timedatectl
Local time: Wed 2019-05-29 17:18:51 EDT
Universal time: Wed 2019-05-29 21:18:51 UTC
RTC time: Wed 2019-05-29 21:18:52
Time zone: America/New_York (EDT, -0400)
System clock synchronized: yes
systemd-timesyncd.service active: yes
RTC in local TZ: no

Configuration the Firewall

When using a master/client type of environment, the master server should always have a specific port open to allow for incoming server connections from the remote clients. You can utilize either of the commands below to ensure that a port is open and listening:

root@host [~] netstat -tulpn | grep LISTEN |grep 8140
root@host [~] lsof -i -P -n | grep LISTEN |grep 8140

If no answer is returned with the netstat or lsof commands, you will then need to open a port in both firewalls to enable the master/client to communicate effectively (the default port is 8140). To open a port in Ubuntu’s UFW firewall, try this command: 

root@host [~] ufw allow 8140/tcp
Rules updated
Rules updated (v6)
root@host [~]

Installation

Puppet Master Server Install

There are multiple versions of puppet available for Ubuntu, but in this article, we will be using the version for Ubuntu 18.04 (Bionic). On Ubuntu 18.04, you will need to enable the universe repository, which contains all of the packages necessary to install the  Puppet “Master” Server. To enable this repo from the commandline, simply run:

root@host[~] add-apt-repository "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) universe" && apt-get update
root@host[~] add-apt-repository "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) universe"
Hit:1 http://us.archive.ubuntu.com/ubuntu bionic InRelease
Get:2 http://us.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]                               
Get:3 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]                                            
Get:4 http://us.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]                                              
Get:5 http://us.archive.ubuntu.com/ubuntu bionic-updates/main i386 Packages [517 kB]                                        
Get:6 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB]                                                   
Get:7 http://us.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [618 kB]                     
Get:8 http://archive.ubuntu.com/ubuntu bionic/universe amd64 Packages [8570 kB]                                    
Get:9 http://archive.ubuntu.com/ubuntu bionic/universe i386 Packages [8531 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic/universe Translation-en [4941 kB]
Fetched 23.7 MB in 4s (5666 kB/s)                            
Reading package lists... Done
root@host[~] 

Now, let’s run a quick update to ensure we have access to all of the software in that repo: 

root@host [~] apt-get update
Hit:1 http://us.archive.ubuntu.com/ubuntu bionic InRelease
Hit:2 http://us.archive.ubuntu.com/ubuntu bionic-updates InRelease                            
Get:3 http://us.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]                
Get:4 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]                               
Hit:5 http://archive.ubuntu.com/ubuntu bionic InRelease                                                              
Fetched 163 kB in 1s (315 kB/s)                                                                                      
Reading package lists... Done

Once this repo has been enabled and updated, let’s run the install command:

root@host [~] apt install puppetmaster
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  augeas-lenses debconf-utils facter fonts-lato hiera javascript-common libaugeas0 libboost-filesystem1.65.1
  libboost-locale1.65.1 libboost-log1.65.1 libboost-program-options1.65.1 libboost-regex1.65.1 libboost-system1.65.1
  libboost-thread1.65.1 libcpp-hocon0.1.6 libfacter3.10.0 libjs-jquery libleatherman-data libleatherman1.4.0 libruby2.5
  libyaml-cpp0.5v5 puppet puppet-master rake ruby ruby-augeas ruby-deep-merge ruby-did-you-mean ruby-json ruby-minitest
  ruby-net-telnet ruby-power-assert ruby-selinux ruby-shadow ruby-test-unit ruby2.5 rubygems-integration unzip zip
Suggested packages:
  augeas-doc mcollective-common puppet-common apache2 | lighttpd | httpd augeas-tools ruby-rrd ruby-hocon ri ruby-dev
  bundler
The following NEW packages will be installed:
  augeas-lenses debconf-utils facter fonts-lato hiera javascript-common libaugeas0 libboost-filesystem1.65.1
  libboost-locale1.65.1 libboost-log1.65.1 libboost-program-options1.65.1 libboost-regex1.65.1 libboost-system1.65.1
  libboost-thread1.65.1 libcpp-hocon0.1.6 libfacter3.10.0 libjs-jquery libleatherman-data libleatherman1.4.0 libruby2.5
  libyaml-cpp0.5v5 puppet puppet-master puppetmaster rake ruby ruby-augeas ruby-deep-merge ruby-did-you-mean ruby-json
  ruby-minitest ruby-net-telnet ruby-power-assert ruby-selinux ruby-shadow ruby-test-unit ruby2.5 rubygems-integration
  unzip zip
0 upgraded, 40 newly installed, 0 to remove and 0 not upgraded.
Need to get 10.9 MB of archives.
After this operation, 50.0 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
...
(lots of output)
...
Setting up puppet (5.4.0-2ubuntu3) ...
Setting up puppet-master (5.4.0-2ubuntu3) ...
Created symlink /etc/systemd/system/puppetmaster.service → /lib/systemd/system/puppet-master.service.
Created symlink /etc/systemd/system/multi-user.target.wants/puppet-master.service → /lib/systemd/system/puppet-master.service.
Setting up puppetmaster (5.4.0-2ubuntu3) ...
Processing triggers for libc-bin (2.27-3ubuntu1) ...
Processing triggers for ureadahead (0.100.0-21) ...
Processing triggers for systemd (237-3ubuntu10.21) ...
root@host [~] 

 

Note

 Remember, the master puppet server will require an ample amount of RAM to run smoothly so, be sure to take that into account when creating your server.

Related posts

Winklevoss Backed Gemini Exchange to Begin Daily Ether Auctions

Viking Coin

AngelList ICO Spin-Off CoinList Raises $9.2 Million

Viking Coin

Linux / Unix: OpenSSH Multiplexer To Speed Up OpenSSH Connections

Viking Coin

Korean Banks Can Use Blockchain to Verify Customer IDs from July

Viking Coin

Dutch Supermarket Joins Arnhem’s Growing Bitcoin Economy

Viking Coin

BitPay API Update Lets Apps Enable Easy Bitcoin Refunds

Viking Coin

Did Ethereum ICO? Founder Joe Lubin Gives Uncertain Answer

Viking Coin

Winklevoss Price Ticker Makes Debut on Bloomberg

Viking Coin

Display Apache Server Status with mod_status

Viking Coin