These instructions were tested on a pi 3 with the latest version of raspbian (Raspbian GNU/Linux 9.8 (stretch)).
This guide assumes basic competency with the command line. It also assumes you have a functional puppet master set up with the hostname of puppet
. If you can ping puppet
, you should be all set. Also note that I am just getting into puppet and am not a master of this domain. There may be errors, and there is probably a better way to do this, but in my searching, I was unable to locate a good set of instructions to get this working, so here we are. Feel free to contact me for corrections.
You can either switch to root sudo -i
, or prepend all the following commands with sudo
.
apt update
apt upgrade -y
apt install ruby-full
gem install puppet
The gem install does less than a normal packaged install of puppet, so we need to fit some things into place.
mkdir -p /etc/puppetlabs/puppet/
touch /etc/puppetlabs/puppet/puppet.conf
puppet config set server 'puppet' --section main
puppet resource group puppet ensure=present
puppet resource user puppet ensure=present gid=puppet shell='/bin/false'
mkdir -p /etc/puppetlabs/code/environments/production/modules/
mkdir -p /etc/puppetlabs/code/environments/production/manifests/
cat << EOF > /etc/default/puppet
# You may specify parameters to the puppet client here
#PUPPET_EXTRA_OPTS=--waitforcert=500
EOF
cat << EOF > /etc/systemd/system/multi-user.target.wants/puppet.service
#
# Local settings can be configured without being overwritten by package upgrades, for example
# if you want to increase puppet open-files-limit to 10000,
# you need to increase systemd's LimitNOFILE setting, so create a file named
# "/etc/systemd/system/puppet.service.d/limits.conf" containing:
# [Service]
# LimitNOFILE=10000
# You can confirm it worked by running systemctl daemon-reload
# then running systemctl show puppet | grep LimitNOFILE
#
[Unit]
Description=Puppet agent
Wants=basic.target
After=basic.target network.target
[Service]
EnvironmentFile=-/etc/sysconfig/puppetagent
EnvironmentFile=-/etc/sysconfig/puppet
EnvironmentFile=-/etc/default/puppet
ExecStart=/usr/local/bin/puppet agent $PUPPET_EXTRA_OPTS --no-daemonize
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
[Install]
WantedBy=multi-user.target
EOF
This will fail if the .service file wasn't created properly.
puppet resource service puppet ensure=running enable=true
puppet agent -t
That's pretty much it, remember that this will error out the first time as you need to sign the cert on the puppetmaster.
Still not sure why, but the first time I ran this I received an abnormal certificate error and needed to clear the certificates out of the master and agent.
# On the master:
# puppetserver ca clean --certname agenthostname.localdomain
# On the agent:
# 1. puppet ssl clean
# 2. puppet agent -t
Good luck!