Puppet is a ruby based configuration management tool (IT automation software), licensed under Apache 2.0 designed to help system administrators, automate many repetitive task they regularly perform . It is open-source, flexible, customizable framework for managing the configuratons of computer system. It defines and enforce the state of your infrustructure throughout the software development cycle. Puppet ensures consistency and dependability across your infrustrucutre.
Puppet can be used to manage configuration on Unix, Linux and Microsoft Windows platform. Puppet can manage hosts throughout it’s life cycle: begining from initial builds and installation, to upgrade, maintenance and finally, end-of -life. Puppet is designed to continiously interect with the hosts.
Puppet is an open-source software configuration management tool based on ruby. Puppet is designed to manage the configuration of Unix-like and Microsoft Windows systems declaratively. The user describes system resources and their state, either using Puppet’s declarative language or a Ruby DSL (domain-specific language). This information is stored in files called “Puppet manifests”. Puppet discovers the system information via a utility called Facter, and compiles the Puppet manifests into a system-specific catalog containing resources and resource dependency, which are applied against the target systems. Any actions taken by Puppet are then reported.
Desired State of Puppet Infrastructure
- Facts: The puppet agent on each node, send data about the node’s state called as facts to the puppet master server.
- Catalog: The puppet master uses fact to compile detailed data about how the node should be configured, called the catalog and send it back to the puppet agent. The puppet agent makes any changes as per the catalog. The agent can also simulate these changes in –noop mode i.e. dry run.
- Report: Each puppet agent sends report to the puppet master, indicating any changes made to the configuration.
- Report Collection: Puppets open API can send data to the third-party tool. So, infrustructure can be shared with other teams.
System Requirements
Puppet Server is configured to use 2GB of RAM by default. Just to play around with an installation on a Virtual Machine. However, ram can be reduced to minimum of 512MB in test enviornment. Make sure you have good amount of ram when using puppet server in production though to guarantee optimal performance.
Puppet Server: Installing
Enable the puppetlabs package repository i.e. for centos and debian based systems. Check the operating system version and download the compatiable repository package.
[root@puppetserver ~]# rpm -Uvh https://yum.puppet.com/puppet5/puppet5-release-el-7.noarch.rpm
Retrieving https://yum.puppet.com/puppet5/puppet5-release-el-7.noarch.rpm
warning: /var/tmp/rpm-tmp.pQtEl9: Header V4 RSA/SHA512 Signature, key ID ef8d349f: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:puppet5-release-5.0.0-1.el7 ################################# [100%]
[root@puppetserver ~]# yum info puppetserver
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.fibergrid.in
* extras: mirrors.fibergrid.in
* updates: mirrors.fibergrid.in
Available Packages
Name : puppetserver
Arch : noarch
Version : 5.3.5
Release : 1.el7
Size : 67 M
Repo : puppet5/x86_64
Summary : Puppet Labs puppetserver. Contains: Puppet Server (puppetlabs/puppetserver 5.3.5,org.clojure/clojure 1.8.0,puppetlabs/puppetserver
: 5.3.5,puppetlabs/trapperkeeper-webserver-jetty9 2.1.2)
URL : http://puppet.com
License : ASL 2.0
Description : Puppet Labs puppetserver. Contains: Puppet Server (puppetlabs/puppetserver 5.3.5,org.clojure/clojure 1.8.0,puppetlabs/puppetserver
: 5.3.5,puppetlabs/trapperkeeper-webserver-jetty9 2.1.2)
[root@puppetserver ~]#
Install
Install the Puppet Server using the below command. This command will install puppetserver (don’t confuse with puppet-server) along with all it’s dependencies. The dependency packages are listed below as well. This gives an idea of the dependencies.
[root@puppetserver ~]# yum install puppetserver puppetdb puppetdb-termini Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.fibergrid.in * extras: mirrors.fibergrid.in * updates: mirrors.fibergrid.in base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 puppet5 | 2.5 kB 00:00:00 updates | 3.4 kB 00:00:00 updates/7/x86_64/primary_db | 5.2 MB 00:00:02 Resolving Dependencies --> Running transaction check ---> Package puppetdb.noarch 0:5.2.4-1.el7 will be installed --> Processing Dependency: puppet-agent >= 4.99.0 for package: puppetdb-5.2.4-1.el7.noarch --> Processing Dependency: java-1.8.0-openjdk-headless for package: puppetdb-5.2.4-1.el7.noarch --> Processing Dependency: net-tools for package: puppetdb-5.2.4-1.el7.noarch ---> Package puppetdb-termini.noarch 0:5.2.4-1.el7 will be installed ---> Package puppetserver.noarch 0:5.3.5-1.el7 will be installed --> Running transaction check ---> Package java-1.8.0-openjdk-headless.x86_64 1:1.8.0.181-3.b13.el7_5 will be installed --> Processing Dependency: tzdata-java >= 2015d for package: 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 --> Processing Dependency: nss-softokn(x86-64) >= 3.36.0 for package: 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 --> Processing Dependency: nss(x86-64) >= 3.36.0 for package: 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 --> Processing Dependency: copy-jdk-configs >= 2.2 for package: 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 --> Processing Dependency: lksctp-tools(x86-64) for package: 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 --> Processing Dependency: libjpeg.so.62(LIBJPEG_6.2)(64bit) for package: 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 --> Processing Dependency: jpackage-utils for package: 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 --> Processing Dependency: libjpeg.so.62()(64bit) for package: 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 ---> Package net-tools.x86_64 0:2.0-0.22.20131004git.el7 will be installed ---> Package puppet-agent.x86_64 0:5.5.6-1.el7 will be installed --> Running transaction check ---> Package copy-jdk-configs.noarch 0:3.3-10.el7_5 will be installed ---> Package javapackages-tools.noarch 0:3.4.1-11.el7 will be installed --> Processing Dependency: python-javapackages = 3.4.1-11.el7 for package: javapackages-tools-3.4.1-11.el7.noarch --> Processing Dependency: libxslt for package: javapackages-tools-3.4.1-11.el7.noarch ---> Package libjpeg-turbo.x86_64 0:1.2.90-5.el7 will be installed ---> Package lksctp-tools.x86_64 0:1.0.17-2.el7 will be installed ---> Package nss.x86_64 0:3.34.0-4.el7 will be updated --> Processing Dependency: nss = 3.34.0-4.el7 for package: nss-sysinit-3.34.0-4.el7.x86_64 --> Processing Dependency: nss(x86-64) = 3.34.0-4.el7 for package: nss-tools-3.34.0-4.el7.x86_64 ---> Package nss.x86_64 0:3.36.0-5.el7_5 will be an update --> Processing Dependency: nss-util >= 3.36.0-1 for package: nss-3.36.0-5.el7_5.x86_64 --> Processing Dependency: nspr >= 4.19.0 for package: nss-3.36.0-5.el7_5.x86_64 ---> Package nss-softokn.x86_64 0:3.34.0-2.el7 will be updated ---> Package nss-softokn.x86_64 0:3.36.0-5.el7_5 will be an update --> Processing Dependency: nss-softokn-freebl(x86-64) >= 3.36.0-5.el7_5 for package: nss-softokn-3.36.0-5.el7_5.x86_64 ---> Package tzdata-java.noarch 0:2018e-3.el7 will be installed --> Running transaction check ---> Package libxslt.x86_64 0:1.1.28-5.el7 will be installed ---> Package nspr.x86_64 0:4.17.0-1.el7 will be updated ---> Package nspr.x86_64 0:4.19.0-1.el7_5 will be an update ---> Package nss-softokn-freebl.x86_64 0:3.34.0-2.el7 will be updated ---> Package nss-softokn-freebl.x86_64 0:3.36.0-5.el7_5 will be an update ---> Package nss-sysinit.x86_64 0:3.34.0-4.el7 will be updated ---> Package nss-sysinit.x86_64 0:3.36.0-5.el7_5 will be an update ---> Package nss-tools.x86_64 0:3.34.0-4.el7 will be updated ---> Package nss-tools.x86_64 0:3.36.0-5.el7_5 will be an update ---> Package nss-util.x86_64 0:3.34.0-2.el7 will be updated ---> Package nss-util.x86_64 0:3.36.0-1.el7_5 will be an update ---> Package python-javapackages.noarch 0:3.4.1-11.el7 will be installed --> Processing Dependency: python-lxml for package: python-javapackages-3.4.1-11.el7.noarch --> Running transaction check ---> Package python-lxml.x86_64 0:3.2.1-4.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================================== Package Arch Version Repository Size ============================================================================================================================================================================== Installing: puppetdb noarch 5.2.4-1.el7 puppet5 24 M puppetdb-termini noarch 5.2.4-1.el7 puppet5 23 k puppetserver noarch 5.3.5-1.el7 puppet5 67 M Installing for dependencies: copy-jdk-configs noarch 3.3-10.el7_5 updates 21 k java-1.8.0-openjdk-headless x86_64 1:1.8.0.181-3.b13.el7_5 updates 32 M javapackages-tools noarch 3.4.1-11.el7 base 73 k libjpeg-turbo x86_64 1.2.90-5.el7 base 134 k libxslt x86_64 1.1.28-5.el7 base 242 k lksctp-tools x86_64 1.0.17-2.el7 base 88 k net-tools x86_64 2.0-0.22.20131004git.el7 base 305 k puppet-agent x86_64 5.5.6-1.el7 puppet5 20 M python-javapackages noarch 3.4.1-11.el7 base 31 k python-lxml x86_64 3.2.1-4.el7 base 758 k tzdata-java noarch 2018e-3.el7 updates 185 k Updating for dependencies: nspr x86_64 4.19.0-1.el7_5 updates 127 k nss x86_64 3.36.0-5.el7_5 updates 835 k nss-softokn x86_64 3.36.0-5.el7_5 updates 315 k nss-softokn-freebl x86_64 3.36.0-5.el7_5 updates 222 k nss-sysinit x86_64 3.36.0-5.el7_5 updates 62 k nss-tools x86_64 3.36.0-5.el7_5 updates 514 k nss-util x86_64 3.36.0-1.el7_5 updates 78 k Transaction Summary ============================================================================================================================================================================== Install 3 Packages (+11 Dependent packages) Upgrade ( 7 Dependent packages) Total download size: 146 M Is this ok [y/d/N]: y
Now, Puppet Server has been installed successfully with all the requisite packages. Start the Puppet Server service. Please verify and make sure that enough ram is allocated to the OS and JVM. Centos 7.0 comes with systemd as default i.e. system and service manager for Linux.
root@puppetserver:~# systemctl status puppetserver ● puppetserver.service - puppetserver Service Loaded: loaded (/lib/systemd/system/puppetserver.service; disabled; vendor preset: enabled) Active: inactive (dead) root@puppetserver:~# root@puppetserver:~# systemctl start puppetserver
Memory Allocation
Puppet Server will be configured to use 2GB of RAM by default. However, while using puppet server in production you should have a good amount of ram assigned to it for optimal performance. The syntax to change the Puppet Server memory allocation is shown below:
Open /etc/sysconfig/puppetserver and modify these settings
[root@puppetserver ~]# cat /etc/sysconfig/puppetserver ########################################### # Init settings for puppetserver ########################################### # Location of your Java binary (version 7 or higher) JAVA_BIN="/usr/bin/java" # Modify this if you'd like to change the memory allocation, enable JMX, etc JAVA_ARGS="-Xms1g -Xmx1g -Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger" # Modify this if you'd like TrapperKeeper specific arguments TK_ARGS="" # These normally shouldn't need to be edited if using OS packages USER="puppet" GROUP="puppet" INSTALL_DIR="/opt/puppetlabs/server/apps/puppetserver" CONFIG="/etc/puppetlabs/puppetserver/conf.d" # Bootstrap path BOOTSTRAP_CONFIG="/etc/puppetlabs/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/config/services.d/" # SERVICE_STOP_RETRIES can be set here to alter the default stop timeout in # seconds. For systemd, the shorter of this setting or 'TimeoutStopSec' in # the systemd.service definition will effectively be the timeout which is used. SERVICE_STOP_RETRIES=60 # START_TIMEOUT can be set here to alter the default startup timeout in # seconds. For systemd, the shorter of this setting or 'TimeoutStartSec' # in the service's systemd.service configuration file will effectively be the # timeout which is used. START_TIMEOUT=300 # Maximum number of seconds that can expire for a service reload attempt before # the result of the attempt is interpreted as a failure. RELOAD_TIMEOUT=120 [root@puppetserver ~]#
Performance
Puppet Server is fast. It has 3x performance improvement over puppet master. It means that an individaul Puppet Server can handle a much larger volume of puppet agent nodes. The performance gain will increase as it becomes more and more mature. Now we have to deal with simplified configuration in Puppet Server, rather than managing several discrete packages (Apache, Passenger, Puppet, etc.) with their separate configuration interfaces (Puppet Master).
Conclusion
Puppet Server is very straight forward to install and setup. Along with ease, it provides a huge performance improvement over the classic puppet master setup. Now, a single command does all the things (yum install puppetserver) for you.
After some hands on with the new Puppet Server, you will really feel the difference. You will enjoy.