Puppet End to End Setup and Configuration Tutorial for Beginners

This tutorial walks you through the setup and configuration of one of the configuration management tools Puppet. Configuration management tools are for more automation and less maintenance.


Puppet from Puppet Labs is a configuration management tool that helps system administrators to automate infrastructure provisioning, configuration, and management. Configuration management tools like Puppet can cut down infrastructure costs we spent for repeating tasks and ensures that our configurations are consistent and accurate across our infrastructure. Puppet comes in two varieties, Puppet Enterprise, and open source Puppet. It runs on most Linux distributions, various UNIX platforms, and Windows.

Note: The Puppetmaster must be reachable on port 8140. In this tutorial, I have disabled the firewall instead of allowing 8140 which is not recommended in real environments.

Demo Resources :



Private DNS Name


Puppet server



Puppet agent/client


Setup and Configure Puppet Server and Agent :

Follow the steps given below for setting up the puppet server.

Step 1: update and install puppet repo

sudo yum -y update
sudo yum -y install http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm

Once it is installed, check repo file generated under /etc/yum.repos.d folder.

ls -l /etc/yum.repos.d/puppetlabs.repo
-rw-r--r--. 1 root root 1550 Sep  9  2016 /etc/yum.repos.d/puppetlabs.repo

Step 2: Install the required package on the master node “puppet”

sudo yum -y install puppet-server

Step 3: Configure the puppet master server “puppet”

Puppet Configuration file is /etc/puppet/puppet.conf. It has the configuration of both master and agent

Define the DNS hostnames and certificate name for the puppet master by adding following lines in the main section of the puppet configuration file,

sudo vim /etc/puppet/puppet.conf
# Define the dns hostnames and certificate name
dns_alt_names = puppet, puppet.devopstree.com 
certname = puppet

Step 4: Generate the certificate from the puppet master node “puppet”

Execute below command to generate the certificate, press “CTRL + C” to cancel when you see the puppet service started with version as below, and start the “puppetmaster” service.

sudo -u puppet puppet master --no-daemonize --verbose
sudo systemctl start puppetmaster
sudo systemctl enable puppetmaster

Step 5: Install Puppet agent packages on the client node “client1”

Update and install puppet agent using below command,

sudo yum -y install puppet

Step 6: Configure the puppet agent on the client node “client1”

Define the puppet master hostname in the agent section [agent] of the puppet configuration file/etc/puppet/puppet.conf ,

sudo vim /etc/puppet/puppet.conf

# Define puppet master hostname
server = puppet.devopstree.com

Step 7: Generate the signing request certificate from the puppet agent node “client1”

[[email protected] ~]$ sudo puppet agent -t
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for client1.c.sublime-delight-200209.internal
Info: Certificate Request fingerprint (SHA256): DC:0C:D9:9A:5B:5D:2C:5F:D1:7E:0E:4B:5C:50:45:EF:C9:2E:B8:7A:B9:6E:31:4A:21:33:EE:C3:79:69:88:ED
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled

Here we could see there is no certificate found, So we should sign the certificate from the puppet master.

Step 8: List the certificates to be signed from the puppet master node “puppet” and sign it.

[[email protected] ~]$ sudo puppet cert list
"client1.devopstree.com" (SHA256) DC:0C:D9:9A:5B:5D:2C:5F:D1:7E:0E:4B:5C:50:45:EF:C9:2E:B8:7A:B9:6E:31
[[email protected] ~]$ sudo puppet cert sign client1.devopstree.com
Notice: Signed certificate request for client1.devopstree.com
Notice: Removing file Puppet::SSL::CertificateRequest client1.devopstree.com at '/var/lib/puppet/ ssl/ca/requests/client1.devopstree.com.pem'

Step 9: Start and enable the puppet agent service in client1,

[[email protected] ~]$ sudo systemctl start puppet

[[email protected] ~]$ sudo systemctl enable puppet

Verify the certificate signed properly with the puppet master node

[[email protected] ~]$ sudo puppet agent --fingerprint
(SHA256) B7:B0:8D:55:08:D1:5A:2D:31:A6:AE:49:40:DA:30:F9:A2:03:37:F7:6A:DC: 37:4E:35:B2:54:36:F0:75:3A:62

Now we could see client1 is joined under puppet master.

Main Manifest File

Puppet uses a domain-specific language to describe system configurations, and these descriptions are saved to files called “manifests”, which have a .pp file extension. The default main manifest file is located on your Puppet master server at /etc/puppet/manifests/site.pp.

If .pp file does not exist, create a placeholder file and add our first package install configuration in it,

[[email protected] ~]$ sudo vim /etc/puppet/manifests/site.pp
node 'client1.devopstree.com' {
        package { 'httpd':
        ensure => present, }

Once your manifest file is created, validate using the following command before apply,

sudo puppet parser validate /etc/puppet/manifests/site.pp

As a result of the above command executed successfully, we continue deployment using anyone of the below mechanisms.

Deployment Mechanism :

Puppet allows Push or Pull based mechanism for deployment,

We can push our configuration changes to the clients or we can pull the changes from client using below commands,

Command to push config to clients,

sudo puppet apply /path manifest/init.pp

Command to pull configuration to from the client,

sudo puppet agent —test

NOTE: all configuration should be with in class and node section

Example Manifest File to Deploy httpd Service:

Further we can see an example deployment using created manifest into the client1,
sudo cat /etc/puppet/manifests/site.pp

node 'client1.devopstree.com' {
        package { 'httpd':
          ensure => installed,

        service { 'httpd':
          name      => $service_name,
          ensure    => running,
          enable    => true

        file { '/var/www/html/index.html':
          owner  => "root",
          group  => "root",
          mode   => "0755",
          source  => "puppet:///modules/httpd/index.html",
          require => Package['httpd']
          # This source file would be located on the Puppet master at
          # /etc/puppet/modules/httpd/files/index.html
We have to use parse command to find out syntax errors. Also we need to create one index.html file under /etc/puppet/modules/httpd/files/ directory for puppet,
[[email protected] ~]# puppet parser validate /etc/puppet/manifests/site.pp

Finally run apply command like we shown in below and we can see httpd.services successfully running on client1,

[[email protected] ~]# puppet apply /etc/puppet/manifests/site.pp

You could find some more examples and troubleshoot methods in next tutorial.

Sharing is caring!


I'm an IT professional having multiple years of experience in IT Infrastructure planning, System integrations, Project implementation, and delivery. DevOps Enthusiast skilled with broad ranges of technology adoption. Well versed with Cloud Computing and Application Service Offerings such as SaaS/PaaS/IaaS. Expert in aligning business goals, mission and process to architect innovative solutions and strategies.

3 thoughts on “Puppet End to End Setup and Configuration Tutorial for Beginners

Comments are closed.