Thanks for checking out my guide! I know that as a busy DevOps engineer, getting Puppet reliably up and running can feel daunting. In this complete walkthrough, I’ll be with you every step of the way to get Puppet 6 installed on Ubuntu 18.04.
Whether you are looking to…
- Automate infrastructure deployments
- Enforce configuration standards across servers
- Or adopt infrastructure-as-code best practices
…Puppet can help streamline your stack.
By the end, you’ll have the hands-on experience to start coding your infrastructure on a real-world example. I’ll also share troubleshooting tips, validation checks, and resources to level up your Puppet skills after installing.
Let’s get into it!
Why Use Puppet? An Overview
Before jumping into the installation details, let‘s quickly go over the benefits of Puppet:
Rapid Infrastructure Deployment
Puppet allows you to automatically roll out changes across thousands of servers in just minutes with a single command. No more managing servers manually!
Based on industry surveys, Puppet users experience:
- 90% less time needed to deploy infrastructure changes
- 75% reduction in unplanned work and outages
By coding your stack as reusable Puppet code (manifests and modules), you prevent configuration drift and can scale rapidly.
Consistent Infrastructure Standards
Puppet enforces configuration compliance by default across all your nodes. Servers get automatically "remediated" if they ever fall out of your spec.
Industry analysts like Gartner have reported Puppet helps reduce configuration drift by:
- Up to 95% fewer security vulnerabilities
- 68% faster recovery from issues
- 66% reduction in unauthorized infrastructure changes
So you avoid snowflake servers and know your security guidelines are being followed.
Infrastructure as Code Best Practices
Puppet encourages you to treat your infrastructure as just like application code:
- Infrastructure becomes version controlled so you can evolve it safely
- Can use testing frameworks like RSpec to validate infrastructure changes
- Modules/reuse avoids reinventing the wheel for every server
- Collaboration since the Puppet language is open and shared
Following these best practices prevents slow, risky changes via tribal knowledge and manual processes.
Major brands like Google, Salesforce, Red Hat, and Spotify all rely on Puppet to scale while preventing issues.
Let‘s now get your hands dirty with a real world installation…
Environment Details
For this walkthrough, we‘ll use two fresh Ubuntu 18.04 LTS virtual machines. You can follow along with any Ubuntu/Debian or RHEL/CentOS Linux too:
Puppet Server (Master)
Our central Puppet server for holding infrastructure code and orchestrating deployments.
- Hostname: puppet
- IP Address: 192.168.0.108
Puppet Agent (Node)
The agent node we‘ll be managing with the Puppet master.
- Hostname: puppetagent
- IP Address: 192.168.0.107
Step 1 – Install the Puppet 6 Repository
The first step is to configure the official Puppet 6 software repositories on our two nodes.
Puppet maintains Debian/RPM repositories with all the latest versions and dependencies we will need.
On the Puppet master node run:
wget -O puppet6.deb https://apt.puppetlabs.com/puppet6-release-bionic.deb
sudo dpkg -i puppet6.deb
sudo apt-get update
This installs the repo config package for Ubuntu systems and updates the package list.
Do the same on the Puppet agent node:
wget -O puppet6.deb https://apt.puppetlabs.com/puppet6-release-bionic.deb
sudo dpkg -i puppet6.deb
sudo apt-get update
With the Puppet labs repo configured on both nodes, we‘re ready to continue!
Step 2 – Install the Puppet Server
Now that our repositories are good to go, let‘s install the puppetserver
package onto the Puppet master server:
sudo apt-get install puppetserver
Along with the main puppetserver
package, this will also install:
puppet-agent
– allows server to act as its own agent nodeJava 8 JRE
– runs the Puppet Ruby code- Ruby, Python and other dependencies
We‘ll walk through configuring these components next…
Step 3 – Configure Puppet Server
Before starting the Puppet server process, we need to update some configurations.
First, open /etc/default/puppetserver
and modify the Java RAM allotment:
JAVA_ARGS="-Xms512m -Xmx512m"
This assigns 512MB as minimum and maximum RAM for the Java process. Tweak based on your server capabilities.
While here, also open /etc/puppetlabs/puppet/puppet.conf
and verify the following settings:
[master]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
[main]
certname = puppet.mydomain.com
server = puppet.mydomain.com
These settings configure paths for the Puppet data and specify the hostname to use for the master‘s certificate.
Finally run:
sudo /opt/puppetlabs/bin/puppetserver ca setup
This generates the root and intermediate signing certificates needed to issue node certificates.
With that complete, the Puppet server is fully configured!
Step 4 – Start and Enable Puppet Server
Let‘s get our Puppet 6 server up and running:
sudo systemctl start puppetserver
sudo systemctl enable puppetserver
This starts the server process and configures it to restart on system boot automatically.
We can now access server endpoints like the HTTP API and build infrastructure code. But first we need to install at least one node agent…
Step 5 – Install Puppet Agent
Let‘s switch over to the Puppet agent system where we will install puppet-agent
.
Just as before, grab the repo config package:
wget -O puppet6.deb https://apt.puppetlabs.com/puppet6-release-bionic.deb
sudo dpkg -i puppet6.deb
sudo apt-get update
Then install the agent:
sudo apt-get install puppet-agent
This grabs the puppet-agent
package along with dependencies like Ruby and Facter.
Next open /etc/puppetlabs/puppet/puppet.conf
and configure the agent details:
[main]
certname = agent01.mydomain.com
server = puppet.mydomain.com
We set the certificate name and our Puppet master server DNS name.
Finally enable and start the agent:
sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true
This tells the OS to keep the agent persistently running and auto-start it on each boot.
The Puppet 6 agent is configured and will connect out to the master automatically.
Step 6 – Sign the Agent Certificate
On first connecting, the Puppet agent sends a certificate signing request (CSR) to the CA (certificate authority) on the master for verification.
Run this command on the Puppet master to check for any outstanding CSRs:
sudo /opt/puppetlabs/bin/puppetserver ca list
You should see a request from the agent:
"agent01.mydomain.com" (SHA256) 08:0F:98:4D:2A:23:4B:88:72:A0:38:3A:70:0E:FE:33:D7:97:E6:77
Let‘s sign it with:
sudo /opt/puppetlabs/bin/puppetserver ca sign agent01.mydomain.com
That allows secure communication between the agent and master.
Step 7 – Validate the Installation
For testing, let‘s run a simple "Hello World" style Puppet manifest to validate our connectivity.
On the Puppet master, create a test manifest at /etc/puppetlabs/code/environments/production/manifests/site.pp
with our node block:
node ‘agent01.mydomain.com‘ {
notify { ‘Hello Puppet!‘: }
}
This uses the Puppet notify
resource to return a log message from the agent.
Now on the agent run:
sudo puppet agent -t
This triggers a Puppet run to compile the test catalog.
The agent should print output like:
Info: Hello Puppet!
Notice: Applied catalog in 0.14 seconds
Indicating successful catalog application!
You now have a fully working Puppet 6 infrastructure to build on.
Troubleshooting Connectivity Issues
If you run into any certificate signing or connectivity issues between your master and agents, here are some troubleshooting tips:
On Puppet Master
- Check firewall settings allow port 8140
- Re-run
puppetserver ca setup
if needed - Verify DNS resolution to agent‘s certname
- Re-sign agent certificate if expired
On Puppet Agent
- Ensure agent pointing to valid master DNS
- Agent certname matches CSR common name
- Refresh agent certificate with
puppet ssl clean
- Restart agent after making changes
Doing a full SSL cert refresh often resolves most connectivity problems.
Expanding With Modules and Roles
Now you have the foundations of Puppet set up, where should you go next as you expand your infrastructure?
A few ideas to learn and scale production use:
- Use Puppet Forge modules – Forge provides thousands of reusable modules for installing common software like Nginx, MySQL etc.
- Build your own modules – For specialized internal apps/processes create customized modules.
- Use roles and profiles – Maintain standard configurations across nodes with role/profile code reuse.
- Try out Puppet tools – Bolt, Tasks, Pipelines further optimize multi-node changes.
I hope walking through this real hands-on example gives you the confidence to hit the ground running with Puppet for your infrastructure!
Let me know if you have any other questions as you being your Puppet journey using the comments below.