I have explained how to install and configure puppet server on this post.

After installing and configuring the puppet server, the next step is to register a client node with the server to make sure all the installation and configuration is in place.

Note: This post is based on Ubuntu 14.04.

To begin with, get your client node ready with proper network connectivity to the puppet server and the following port opened in your nodes firewall.

Installing Puppet Agent

Follow the steps given below to install puppet agent on your server.

Enable puppet repository on your server and update it using the following commands.

wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb
sudo dpkg -i puppetlabs-release-trusty.deb
sudo apt-get update

Now, install puppet using the following command.

sudo apt-get install puppet

Optionally, if you want the latest version of puppet, just execute the following command.

sudo apt-get update
sudo puppet resource package puppet ensure=latest

While upgrading if you get a “Setting templatedir is deprecated” warning, just delete “templatedir=$confdir/templates” line from /etc/puppet/puppet.conf file.

Configuring Puppet Agent

Next, we need to tell the agent which puppet server to contact for registration. These details have to be entered in the puppet.conf file located in /etc/puppet/puppet.conf location.

cd in to /etc/puppet/ and rename the original puppet.conf to puppet.conf.original using the following commands.

cd /etc/puppet/puppet.conf 
mv puppet.conf puppet.conf.original

Now, create a new puppet.conf file in the same directory and enter the following contents.

[main]
certname = node.jarvis.com
server = puppetserver.com
environment = development
runinterval = 1h

I will explain each parameter in the above code snippet in detail.

certname – A user defined name for your node certificate, which will be used as an identifier for puppet server.

server – Name of your puppet server. Here I have mentioned puppetserver.com. If you have a valid FQDN for your puppet server, you can use that name to contact the puppet server. If you don’t have a valid FQDN, use puppetserver.com or any other name that should be a resolvable host name of your puppet server and make a host file entry (/etc/hosts) in your agent node with the IP address of your puppet server as shown below.

172.0.0.99 puppetserver.com   puppet

where 17.0.0.99 is the IP of the puppet server.

Environment – Dev, test, prod etc.

runinterval – The time interval for running puppet agent on your client node to make sure the server is in the desired state.

Before starting the puppet agent, you need to edit the /etc/default/puppet file and change “START=no” parameter to “START=yes”

Registering Client Node with Puppet Server

We have all the configurations in place now. To register your node to the puppet server, start the puppet service using the following command.

sudo service puppet start

The above command will start the puppet agent and the agent send the certificate for signing to the puppet master.

Sign the Certificate Request from Puppet Server

Now,from your puppet server, if you issue the following command, you can see the certificate from your client, you can see the certificate signing request.

sudo sepuppet cert list

Example:

[puppetmaster@172 ~]# sudo puppet cert list
  "node.jarvis.com" (SHA256) B4:34:BA:7B:5A:EB:F8:EC:E7:6D:B9:A8:5F:FF:5D:2C:DB:F3:C1:A0:A6:49:45:9A:3F:E9:9A:BB:AF:43:50:8E
[puppetmaster@172 ~]#

The above code snippet shows a certificate signing request from node.jarvis.com.

Sign the certificate using the following command.

sudo puppet cert sign node.jarvis.com

In the above code snippet, change node.jarvis.com if you have used a different name or the name which is showing in the cert list command. Once the certificate is signed, your node gets registered with the puppet server.

Lets say you have three client nodes and you have 3 certificate requests. You can sign all the certificates at once using the following command.

sudo puppet cert sign --all

check the registration by running the following command of your puppet client node.

sudo puppet agent -t

The above command will return a successful catalog run as shown below.

jarvist@ip-172-0-0-217:~# sudo puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node.jarvis.com
Info: Applying configuration version '1441622403'
Notice: Finished catalog run in 0.01 seconds
jarvis@ip-172-0-0-217:~#

How to Re-Register puppet client node?

If you want to reregister your client node, first you need to do the following two things.

Remove the certificate entry from puppet server using the following command.

puppet cert clean <certificate-name>

Remove all the SSL certificates from your client node using the following command.

rm -rf /var/lib/puppet/ssl/*

Now, you can follow the registration steps given above to register your node.