Mastering Puppet: Deploy an LNMP Stack with Master/Agent Automation

With the rapid growth of the IT industry, traditional operations relying on manual effort become cumbersome, prompting the adoption of automation tools. After a brief introduction to Ansible, this article focuses on the powerful configuration‑management tool Puppet, built on Ruby and supporting Linux, Unix, and Windows platforms.

Puppet Overview

Puppet provides a centralized configuration system using its own declarative language to manage files, packages, services, users, cron jobs, and more, operating in a client‑server (C/S) or standalone mode.

Workflow

The Puppet workflow follows these steps:

Agent sends an authentication request to the Master.

Master validates and allows the connection.

Agent transmits its facts (hostname, memory, IP, etc.) over SSL.

Master compiles a catalog (pseudo‑code) based on the node’s manifest.

Agent receives the catalog and begins execution.

During execution, the Agent may request files from the fileserver.

Agent reports the execution result back to the Master.

Agent finishes and checks system status.

Puppet Master Configuration

System environment: CentOS 6.6 with hostname‑based communication via /etc/hosts and synchronized time.

Install required packages # yum install puppet puppet-server -y Create module directories

# cd /etc/puppet/modules/

# mkdir nginx/{files,manifests} php/{files,manifests} mysql/{files,manifests} -pv

Copy service configuration files

# cp /root/files/nginx.conf nginx/files/

# cp /root/files/www.conf php/files/

# cp /root/files/my.cnf mysql/files/

Define module manifests

Example nginx/manifests/init.pp:

class nginx {

package { 'nginx':

ensure => present,

name   => 'nginx',

}

file { 'nginx.conf':

ensure => file,

source => 'puppet:///modules/nginx/nginx.conf',

path   => '/etc/nginx/nginx.conf',

require => Package['nginx'],

}

service { 'nginx':

ensure    => true,

enable    => true,

subscribe => File['nginx.conf'],

}

}

Similar manifests are created for php and mysql modules, defining packages, configuration files, and services.

Site manifest imports the node definitions:

node 'node3.scholar.com' { include mysql }

node 'node4.scholar.com' { include nginx, php }

import "server/*.pp"

Resource Details

Key attributes for package, file, and service resources are explained, such as ensure, source, path, owner, mode, and relationship metaparameters like require, notify, and subscribe.

Starting Services

When the Puppet server is started for the first time, it creates a local CA and generates certificates under /var/lib/puppet/ssl/. For debugging, the server can be run in the foreground with the --debug flag to view detailed initialization steps.

After verification, start the master service: # service puppetmaster start Confirm it is listening on port 8140.

Puppet Agent Configuration

Install the agent on each node: # yum install puppet -y Specify the master server in /etc/puppet/puppet.conf:

[agent]

server = node1.scholar.com

Verify required packages are installed on agents, then start the agent service.

During the first run, the agent requests a certificate from the master; the master can list pending requests with puppet cert --list and sign them with puppet cert --sign nodeX (or --all for multiple nodes).

Puppet Kick for Immediate Updates

Agents normally check in every 30 minutes. To push urgent changes, enable the puppet kick feature. Configure the master to listen and allow agents:

# vim /etc/puppet/puppet.conf   (listen=true)

# vim /etc/puppet/namespaceauth.conf   (allow *.scholar.com)

# vim /etc/puppet/auth.conf   (path /run, method save, allow node1.scholar.com)

Restart the master, then trigger a kick: # puppet kick -p 10 --host node3.scholar.com The command reports success, confirming the immediate execution of the catalog on the target node.

Conclusion

The tutorial demonstrates a complete LNMP deployment using Puppet’s Master/Agent architecture, covering installation, module creation, resource definition, service management, agent setup, and rapid push with puppet kick. Puppet’s scalability and powerful features make it a strong alternative to tools like Ansible for large‑scale infrastructure automation.