Can i install puppet master and puppet agent on the same centos machine How will that work

0 votes
I wanted to know if there was a possibility of running puppet master and agent on the same centos machine that i'm using? If this is possible how should i proceed to experiment with this?
Aug 6, 2019 in Puppet by Shikha
917 views

1 answer to this question.

0 votes

Yes, It's now possible to install both Puppet Master and Agent on the same host with different certs for each, to avoid future conflicts when managing master server with puppet. You need to have 2 seperate entries on puppet.conf, one in [master] and one in [agent] so that separate certs are generated.

Before we proceed with the install need to make sure that a CNAME/alias name is setup for the puppetmaster and DNS for puppet agent and both should refer back to the same host.

Puppetmaster CNAME/Alias = puppetmaster.ppt.local

Puppet DNS = puppet.ppt.local

IP Address = 192.168.132.11

When using local DNS i.e. etc/hosts

Edit /etc/hosts to have 2 DNS names for the same host.

# vi /etc/hosts

192.168.132.11 puppet.ppt.local   puppetmaster.ppt.local

When using IDM/FreeIPA Server as DNS

Login to Idm server and add a CNAME entry for the puppetmaster to point to puppet server.

Goto --> Identity --> DNS --> ppt.local --> Add

Record name: puppetmaster

Record Type: CNAME

Hostname: puppet

Click Add

Now make sure both the hosts are resolved. Run the below commands.

# host puppetmaster

Output:

[root@puppet admin]# host puppetmaster
puppetmaster.ppt.local is an alias for puppet.ppt.local.
puppet.ppt.local has address 192.168.132.11

# host puppet

Output:

[root@puppet admin]# host puppet
puppet.ppt.local has address 192.168.132.11

We now see that both can be resolved and point to the same host IP address.

Now as we are ready with the DNS and CNAME for both puppet and puppetmaster, next step would be to start the install of puppet master and agent on the host.

Enable Puppet Repo

# rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm

Install Puppet server. Puppet agent is installed part of it.

# yum install puppet-server

Edit/Add puppet.conf with puppetmaster and puppet agent entry. Also enable autosign in [main] section.

# vi /etc/puppet/puppet.conf

[main]
autosign = true
[master]
certname = puppetmaster.ppt.local
[agent]
server = puppet.ppt.local

Now 1st start puppetmaster so that it can generate a cert for it. Check the logs to confirm it works.

# service puppetmaster start
# chkconfig puppetmaster on

Logs - /var/log/messages:

[root@puppet ~]# tail -f /var/log/messages
Dec 30 11:13:31 puppet puppet-master[2985]: puppetmaster.ppt.local has a waiting certificate request
Dec 30 11:13:31 puppet puppet-master[2985]: Signed certificate request for puppetmaster.ppt.local
Dec 30 11:13:31 puppet puppet-master[2985]: Removing file Puppet::SSL::CertificateRequest puppetmaster.ppt.local at '/var/lib/puppet/ssl/ca/requests/puppetmaster.ppt.local.pem'
Dec 30 11:13:31 puppet puppet-master[2985]: Removing file Puppet::SSL::CertificateRequest puppetmaster.ppt.local at '/var/lib/puppet/ssl/certificate_requests/puppetmaster.ppt.local.pem'

2nd start puppet agent so that it can generate a cert for it. Check the logs to confirm it works.

# service puppet start
# chkconfig puppet on

Logs - /var/log/messages:

Dec 30 11:17:25 puppet puppet-master[3061]: puppet.ppt.local has a waiting certificate request
Dec 30 11:17:25 puppet puppet-master[3061]: Signed certificate request for puppet.ppt.local
Dec 30 11:17:25 puppet puppet-master[3061]: Removing file Puppet::SSL::CertificateRequest puppet.ppt.local at '/var/lib/puppet/ssl/ca/requests/puppet.ppt.local.pem'

Now check the certs signed and you should see two certs in the list, one each for puppetmaster and puppet.

# puppet cert list --all

Output:

[root@puppet admin]# puppet cert list --all
+ "puppet.ppt.local"       (SHA256) EB:2F:34:A5:AC:F5:38:68:89:3F:69:7F:56:CB:9D:8C:6A:77:23:DE:FE:1A:62:C9:31:69:91:BF:44:B4:39:3A
+ "puppetmaster.ppt.local" (SHA256) 32:4D:2D:96:8C:1A:FF:CA:70:00:F5:99:58:1C:DF:4C:63:E2:55:B8:9E:8F:3B:BC:73:1F:CA:AC:49:ED:7E:59 (alt names: "DNS:puppet", "DNS:puppet.ppt.local", "DNS:puppetmaster.ppt.local")
answered Aug 6, 2019 by Sirajul
• 59,230 points

Related Questions In Puppet

+2 votes
1 answer

How do I trigger the puppet agent on slave to install docker using jenkins?

Hey @Mercy, you will have to write ...READ MORE

answered Aug 17, 2020 in Puppet by Karan
• 19,610 points
1,045 views
0 votes
1 answer

How do I Install puppet agent on linux?

Install the puppet-agent package on your Puppet agent nodes ...READ MORE

answered Mar 12, 2019 in Puppet by Yesha
970 views
0 votes
1 answer

Puppet: How can i remove all the node entries that are no longer managed by puppet?

You could try this: class remove_unmanaged { ...READ MORE

answered Aug 9, 2019 in Puppet by Sirajul
• 59,230 points
576 views
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
• 8,450 points
3,439 views
+2 votes
1 answer
0 votes
1 answer

How can i check the requests of certificates from puppet agent to puppet master?

You could do this by executing the ...READ MORE

answered Jul 24, 2019 in Puppet by Sirajul
• 59,230 points
2,530 views
0 votes
1 answer

Would i be able to utilize same module that i have in puppet master in my puppet agent?

Yes, you can do this. The issue that ...READ MORE

answered Aug 7, 2019 in Puppet by Sirajul
• 59,230 points
332 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP