Puppet is a popular open-source tool for managing and automating your infrastructure. It uses Infrastructure-as-code IaC and key concepts incorporating Idempotency, Agile methodology, and version control Git. This guide walks you through the installation and configuration of Puppet Server on Ubuntu 24.04.
Prerequisites
- A fresh installation of Ubuntu 24.04
- A non-root user with sudo privileges
- A hostname configured for your Puppet Server (e.g., puppet.example.com)
- At least 2 GB of RAM for optimal performance
Step 1: Update the System
Start by updating your package index and upgrading existing packages:
sudo apt update && sudo apt upgrade -yStep 2: Hostnames
Before installing, ensure the hostname resolution is set up in the /etc/hosts file. For example, if you have a hostname such as puppet.example.com for the puppet master and puppetclient.example.com for the puppetclient, include the following on both servers.
[IP-of-puppet-master-server] puppet.example.com puppet
[IP-of-puppet-client-server] puppetclient.example.com puppetclient
Then, you can save and exit the files.Step 3: Installing Puppet Server.
You can start by downloading the Puppet server on the master node. At the time of writing, Puppet 8 is the latest Puppet version. You can download the package and install it with the commands below:
wget https://apt.puppet.com/puppet-release-noble.deb
dpkg -i puppet8-release-noble.deb
apt update
apt install puppetserverOnce installed, you can start and enable the puppetserver service with:
Systemctl enable puppetserver
Systemctl start puppetserverYou can check if the service is up and running with the command below, and you should receive a similar output to the service running.
● puppet.service - Puppet agent
Loaded: loaded (/usr/lib/systemd/system/puppet.service; disabled; preset: enabled)
Active: active (running) since Sat 2025-01-04 22:13:52 UTC; 1min 45s ago
Docs: man:puppet-agent(8)
Main PID: 1534 (puppet)
Tasks: 2 (limit: 4218)
Memory: 77.3M (peak: 110.4M)
CPU: 1.783s
CGroup: /system.slice/puppet.service
└─1534 /usr/bin/ruby /usr/bin/puppet agent --no-daemonize
Jan 04 22:13:56 blogposts puppet-agent[1539]: (/File[/var/cache/puppet/lib/puppet/provider/mailalias]/ensure) created
Jan 04 22:13:56 blogposts puppet-agent[1539]: (/File[/var/cache/puppet/lib/puppet/provider/mailalias/aliases.rb]/ensure) defined content as '{sha256}36f6b8f04daace6c200261e9009424a45276cb880d5a48c2d186890ed32ffd47'
Jan 04 22:13:56 blogposts puppet-agent[1539]: (/File[/var/cache/puppet/lib/puppet/type]/ensure) created
Jan 04 22:13:56 blogposts puppet-agent[1539]: (/File[/var/cache/puppet/lib/puppet/type/mailalias.rb]/ensure) defined content as '{sha256}dddd3956b653e978ea3d19ac5da486cc20fc856e909e9c6af64b12f6c83a3424'Step 4. Install Puppet Agent
You can now log in to the client-server you want to manage, and you should have already added the records in the /etc/hosts file mentioned in Step 2. If the records are already added, you can now go ahead and download the puppet using the same commands:
wget https://apt.puppet.com/puppet-release-noble.deb
dpkg -i puppet8-release-noble.deb
apt updateNow, instead of installing the puppetserver, you should install puppet-agent.
apt install puppet-agentOnce installed, you can also test if the service is running with the command:
Systemctl status puppetagentIf the service is running, you should receive a similar output.
● puppet.service - Puppet agent
Loaded: loaded (/lib/systemd/system/puppet.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2025-01-04 22:12:35 UTC; 15min ago
Docs: man:puppet-agent(8)
Process: 665 ExecStart=/usr/bin/puppet agent (code=exited, status=0/SUCCESS)
Main PID: 1089 (puppet)
Tasks: 1 (limit: 4031)
Memory: 78.8M
CPU: 1.898s
CGroup: /system.slice/puppet.service
└─1089 /usr/bin/ruby /usr/bin/puppet agent
Jan 04 22:12:35 blogposts systemd[1]: Started Puppet agent.
Now you can open the puppet agent configuration file that you can find in /etc/puppet/puppet.conf and add the following content:[main]
ssldir = /var/lib/puppet/ssl
certname = puppetclient
server = puppet
[master]
vardir = /var/lib/puppet
cadir = /var/lib/puppet/ssl/ca
dns_alt_names = puppet
Then go ahead and restart the puppetagent with the following:Systemctl restart puppetStep 6. Puppet certificates
While logged on your puppetserver master node, you can check the list of puppet certificates with:
puppetserver ca list -allIt should show a similar output:
puppetserver ca list --all
Signed Certificates:
blogposts. (SHA256) FF:82:21:97:EA:DA:22:A3:BB:E9:4D:8C:26:00:7B:D6:92:B1:1E:1B:9A:68:D7:76:FD:F2:01:A8:A7:86:D0:
puppetclient (SHA256) 4C:57:B0:96:2B:AE:DC:E8:79:6D:01:DB:F7:32:31:D1:DF:25:4A:30:9C:A5:CF:AC:34:C4:35:1D:8F:3E:BB:12Now you can sign all SSL certificates with the command:
ca sign --all
Or you can specify a specific SSL certificate using the command:ca sign –all –certname <certificatename>
If the certificates are signed, you should receive an output indicating that the certificates have been signed successfully. You can run puppet agent -t, and you should get a similar output:
puppet agent -t
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Caching catalog for puppetclient
Info: Applying configuration version '1734041047'
Notice: Applied catalog in 0.01 secondsCongratulations
You have successfully installed and configured Puppet Master with one client node on Ubuntu 24.04.
However, if you have any difficulties with this configuration, our Linux admins can help. Simply sign up for one of our monthly management or per-incident server support plans, and we’ll take care of the rest. Our team is available 24/7.
