How to install and configure Puppet with Master/Slave configuration in Ubuntu/Debian

What is Puppet?

Puppet is an open-source, software configuration management tool. It helps in keeping configurations automated and consistent with what we require and what is on production or in our developer environment. It can run on various types of operating systems like Unix based systems, Microsoft Windows and Mac-os. It does not use any programming language, it has its own declarative language to set configuration settings. Puppet has a big community and a very large user base so if anyone is seeking help or support in Puppet, they will definitely get it.

Working Of Puppet:

Puppet follows a master-slave pull-based architecture, Where multiple slaves/agents serve a master or we can say a master node controls multiple slaves as follows in the diagram:

To achieve the above scenario Puppet slave first requests for a master certificate, the master sends its certificate and request for the slave certificate. All the information which is communicated between master and slave nodes is encrypted using SSL certificates. Once certificates are transferred on both ends, we need to sign the slave certificate on the master server in order to authenticate slave as shown in the below diagram: 

Puppet Installation:

Setting up the Master server:

You can run following commands to setup Puppet master on the master server:

By default, Puppet uses 2GB of RAM and can be customized as follows:


Puppet uses port 8140 to communicate, so we’ll ensure it’s open:

Installation can be checked by running the following commands:

To connect to the slave server, either slave should have DNS set up or we can set it up in the file named hosts:

Setting up the Slave server:

You can run following commands to setup Puppet Agent on multiple slave servers:

To connect to the master server:

As we started puppet on the slave, it’ll send a request to the master for the certificate and we can check and sign them on master server as following:

Manifest File:

Now when everything is set, we’ll create a manifest file that specifies the changes have to be made on the agent/slave server. So basically manifest is a collection of resource declarations, ends with the .pp extension. Resources and their states can be described either using Puppet’s declarative language or a Ruby DSL (domain-specific language).


Like scripting language variables, loops and conditional statements can be used while writing a manifest file.


1.Creating a file on the agent server through the master server:

First, create a manifest directory and manifest file named site.pp and put the content in it as shown below:


Note: replace the default with IP if you want to make changes on a specific IP/node, otherwise it’ll go for every slave request for the changes.

Now go to the agent and because the Puppet is a pull configuration tool so the agent has to request for the changes, now run the below command on the agent to test the above code working:

And that’s it, you can see the file inside your tmp directory having the same permissions and content we provided through the master’s manifest.

2.installing Nginx on agent server:

Now go to the agent server and run the below command to test the above code working:

By default, Puppet does polling every 30 mins but we can change it according to our requirement in /etc/puppet/puppet.conf file by changing the runinterval property.