Set up Puppet Master and Agent on AWS EC2 [Part 2]

Set up Puppet Master and Agent on AWS EC2 [Part 2]

In the first part of this tutorial, we saw how to set up AWS EC2 instances so that they can communicate with each other. Now let’s see how we can finally set up Puppet Master and Agent on AWS EC2.

Install puppet and puppetmaster:

Make sure you are logged in as root while performing all of the below steps.

$ sudo -i
  1. On Master Node: In this step we are going to install puppetmaster, and upon installation, the puppetmaster service is automatically started, and a certificate for the master is generated and signed. Note that puppetmaster package also installs the puppet agent on the master node (which is useful in case of a single node puppet installation), but as we are trying to set up a multi-node puppet installation we ignore the puppet agent that comes along with `puppetmaster`.
    • Install puppetmaster package:
      # apt install puppetmaster -y
    • Check if puppetmaster is installed properly:
      # puppet --version
    • Check if puppetmaster service is running and active:
      # service puppetmaster status

      The output should look something like this:puppetmaster service status on Puppet Master and Agent on AWS EC2

  2. On Agent Nodes: 
    • Install the puppet package:
      # apt install puppet -y
    • Check if `puppet` is installed properly:
      # puppet --version
    • Edit /etc/puppet/puppet.conf and add server = to the `[main]` section.
      # vim /etc/puppet/puppet.conf

      The file should look something like this:/etc/puppet/puppet.conf file

Authorise Agent Nodes:

  1. On Both Agent Nodes:
    • Start puppet agent: This step initiates the puppet agent and generate a certificate for the master to sign. The certificate is sent to puppet master over SSL, so the transaction remains secure.
      # puppet agent --no-daemonize --onetime --verbsoe

      The output looks like this:puppet agent start

  2. On Master Node:
    • List all certificate requests that have been made to the puppet master.
      # puppet cert list -all

      The output should display the list of agent requests.

    • Now sign both agent’s certificates one by one.
      # puppet cert sign
      # puppet cert sign
  3. On Both Agent Nodes: 
    • Enable puppet agent and set server.
      # puppet agent --enable
      # puppet agent --server


Create Manifests file and add software configuration:

What is a manifests file?

  • The puppet manifests file is the actual file which contains the configuration details for the agents. This file is centrally stored at Puppet Master.
  • The Agents can “pull” new configurations or changes to existing configurations from Puppet Master. Note that Puppet (and Chef) use “PULL” type implementation whereas automation tools like Ansible and SaltStack use “PUSH” type implementations.

We will be defining a simple configuration which defines installation of `mysql-server` on Agent nodes.

  • Create environments/production/manifests directory.
    # mkdir -p /etc/puppet/code/environments/production/manifests/
  • `cd` into it and create a site.pp file (site.pp is the default manifest file)
    # cd /etc/puppet/code/environments/production/manifests/
    # vim site.pp
  • Define the configuration for mysql-server:
    node '', '' {
        package { 
                name => 'mysql-server',
                ensure => installed,
    • node ‘node_name’ specifies the target agent nodes to which the configuration applies to.
    • package defines a software package to be installed and also it’s attributes.
  • Validate the site.pp and check for any syntax errors.
    # puppet parser validate site.pp

    The command should run successfully without any errors.

Run Puppet Agent and apply the configuration :

  • On Both Agent Nodes:
    • Check if mysql is installed:
      # mysql

      The output should be something like:

      -bash: /usr/bin/mysql: No such file or directory

      Which is expected as we have not yet applied the configuration on agent nodes.

    • Fetch and apply configuration from Master:
      # puppet agent --test

      The output should show that the configuration was applied and mysql-server package was installed.puppet agent --test | Puppet Master and Agent on AWS EC2

    • You can confirm that mysql-server was installed by running the command `mysql`:
      # mysql

      Now it should take you into the mysql terminal!.

Automate the fetch and apply process:

It is tedious to run puppet agent --test on all your agent nodes and defeats the purpose of using a configuration management tool like Puppet in the first place. So let’s fix this by making our puppet agents periodically pull the newer configurations and updates.

  • Edit /etc/puppet/puppet.conf and add runinterval = 2m to the [main] section. This makes the agents fetch the changes every two minutes.
    # vim /etc/puppet/puppet.conf

    add runinterval to puppet.conf

That’s it!, the agents should now be able to fetch and apply the changes automatically.

While this tutorial shows you how to install and configure Puppet Master and Agent on AWS EC2, it does not give in-depth information on how Puppet works behind the scenes. If you are interested in learning Puppet, checkout this excellent YouTube video on Puppet by edureka.

Thank you for following along in this tutorial series. Please ask any questions or doubts you might have in the comment section below. And don’t forget to checkout my other articles on DevOps.


You can also consider making a small donation to support me. Your donation will contribute to covering the running cost of this website and hopefully my college too 🙂

Paypal:  |  UPI: [email protected]

0 0 vote
Article Rating
Notify of
Inline Feedbacks
View all comments