System Requirements and Pre-Installation

A newer version is available; see the version menu above for details.

Before installing Puppet Enterprise:

  • Ensure that your nodes are running a supported operating system.
  • Ensure that your puppet master and console servers are sufficiently powerful.
  • Ensure that your network, firewalls, and name resolution are configured correctly and all target servers are communicating.
  • Plan to install the puppet master server before the console server, and the console server before any agent nodes. If you are separating roles, install them in this order:
    1. Puppet Master
    2. Database Support/PuppetDB
    3. Console
    4. Agents

Operating System

Puppet Enterprise 3.2 supports the following systems:

Operating system Version(s) Arch Roles
Red Hat Enterprise Linux 4, 5 & 6 x86 & x86_64 all (RHEL 4 supports agent only)
CentOS 4, 5 & 6 x86 & x86_64 all (CentOS 4 supports agent only)
Ubuntu LTS 10.04 & 12.04 i386 & amd64 all
Debian Squeeze (6) & Wheezy (7) i386 & amd64 all
Oracle Linux 4, 5 & 6 x86 & x86_64 all (Oracle Linux 4 supports agent only)
Scientific Linux 4, 5 & 6 x86 & x86_64 all (Scientific Linux 4 supports agent only)
SUSE Linux Enterprise Server 11 (SP1 and later) x86 & x86_64 all
Solaris 11 & 10 (Update 9 or later) SPARC & i386 agent
Microsoft Windows 2003, 2003R2, 2008, 2008R2, 7, 8, & 2012 x86 & x86_64 agent
AIX 5.3, 6.1, & 7.1 Power agent


Note: Upgrading your OS while PE is installed can cause problems with PE. To perform an OS upgrade, you’ll need to uninstall PE, perform the OS upgrade, and then reinstall PE as follows:

  1. Back up your databases and other PE files.

  2. Perform a complete uninstall (including the -p -d uninstaller option).

  3. Upgrade your OS.

  4. Install PE.

  5. Restore your backup.

Hardware

Puppet Enterprise’s hardware requirements depend on the type of installation you have and on the function a machine performs.

Monolithic (all-in-one) Installation

Monolithic installs are suitable for deployments up to 500 nodes. We recommend that your hardware meets the following:

  • The puppet master, PE console, and PuppetDB node: at least 4-8 processor cores, 8 GB RAM
  • All machines require very accurate timekeeping
  • Puppet agent nodes: any hardware able to run the supported operating system
  • For /var/, at least 1 GB of free space for each PE component on a given node
  • For PE-installed PostgreSQL, at least 100 GB of free space in /opt/ for data gathering
  • For no PE-installed PostgreSQL, /opt/ needs at least 1 GB of disk space available

Split Installation

For larger deployments (500-1000, or more nodes), we recommend a split install. We recommend that your hardware meets the following:

  • Puppet master, PE console, and PuppetDB nodes: at least 8 processor cores, 8 GB RAM (per node)
  • All machines require very accurate timekeeping
  • Puppet agent nodes: any hardware able to run the supported operating system
  • For /var/, at least 1 GB of free space for each PE component on a given node
  • For PE-installed PostgreSQL, at least 100 GB of free space in /opt/ for data gathering
  • For no PE-installed PostgreSQL, /opt/ needs at least 1 GB of disk space available

Browser

The following browsers are supported for use with the console:

  • Chrome: Current version
  • Firefox: Current version
  • Internet Explorer: 9 or higher
  • Safari: 5.1 and higher

Configuration

Before installing Puppet Enterprise at your site, you should make sure that your nodes and network are properly configured.

Timekeeping

We recommend using NTP or an equivalent service to ensure that time is in sync between your puppet master and any puppet agent nodes. If time drifts out of sync in your PE infrastructure, you may encounter issues such as nodes disappearing from live manangement in the console. A service like NTP (available as a Puppet Labs supported module) will ensure accurate timekeeping.

Name Resolution

  • Decide on a preferred name or set of names agent nodes can use to contact the puppet master server.
  • Ensure that the puppet master server can be reached via domain name lookup by all of the future puppet agent nodes at the site.

You can also simplify configuration of agent nodes by using a CNAME record to make the puppet master reachable at the hostname puppet. (This is the default puppet master hostname that is automatically suggested when installing an agent node.)

Firewall Configuration

Configure your firewalls to accommodate Puppet Enterprise’s network traffic. In brief: you should open up ports 8140, 61613, and 443. The more detailed version is:

  • All agent nodes must be able to send requests to the puppet master on ports 8140 (for Puppet) and 61613 (for orchestration).
  • The puppet master must be able to accept inbound traffic from agents on ports 8140 (for Puppet) and 61613 (for orchestration).
  • Any hosts you will use to access the console must be able to reach the console server on port 443, or whichever port you specify during installation. (Users who cannot run the console on port 443 will often run it on port 3000.)
  • If you will be invoking orchestration commands from machines other than the puppet master, they will need to be able to reach the master on port 61613. (Note: enabling other machines to invoke orchestration actions is possible but not supported in this version of Puppet Enterprise.)
  • If you will be running the console and puppet master on separate servers, the console server must be able to accept traffic from the puppet master (and the master must be able to send requests) on ports 443 and 8140. The console server must also be able to send requests to the puppet master on port 8140, both for retrieving its own catalog and for viewing archived file contents.

The answer file no longer gives the option of whether to install symlinks. These are now automatically installed by packages. To allow the creation of symlinks, you need to ensure that /usr/local is writable.

Dependencies and OS Specific Details

This section details the packages that are installed from the various OS repos. Unless you do not have internet access, you shouldn’t need to worry about installing these manually, they will be set up during PE installation.

PostgreSQL Requirement

If you will be using your own instance of PostgreSQL (as opposed to the instance PE can install) for the console and PuppetDB, it must be version 9.1 or higher.

OpenSSL Requirement

OpenSSL is a dependency required for PE. For RHEL 4, Windows, AIX, and Solaris 10 nodes, OpenSSL is included with PE; for all other platforms it is installed directly from the system repositories.

Centos

All Nodes Master Nodes Console Nodes Console/Console DB Nodes Cloud Provisioner Nodes
pciutils apr apr libjpeg libxslt
system-logos apr-util apr-util   libxml2
which curl curl    
libxml2 mailcap mailcap    
dmidecode libjpeg      
net-tools        
virt-what        


RHEL

All Nodes Master Nodes Console Nodes Console/Console DB Nodes Cloud Provisioner Nodes
pciutils apr apr libjpeg libxslt
system-logos apr-util apr-util   libxml2
which apr-util-ldap (RHEL 6) curl    
libxml2 curl mailcap    
dmidecode mailcap apr-util-ldap (RHEL 6)    
net-tools libjpeg      
cronie (RHEL 6)        
vixie-cron (RHEL 4, 5)        
virt-what        


SLES

All Nodes Master Nodes Console Nodes Console/Console DB Nodes Cloud Provisioner Nodes
pciutils libapr1 libapr1 libjpeg libxml2
pmtools libapr-util1 libapr-util1    
cron libxslt curl    
libxml2 curl      
net-tools libjpeg      
libxslt        


Debian

All Nodes Master Nodes Console Nodes Console/Console DB Nodes Cloud Provisioner Nodes
pciutils file file libjpeg62 libxslt1.1
dmidecode libmagic1 libmagic1   libxml2
cron libpcre3 libpcre3    
libxml2 curl curl    
hostname perl perl    
libldap-2.4-2 mime-support mime-support    
libreadline5 libapr1 libapr1    
virt-what libcap2 libcap2    
  libaprutil1 libaprutil1    
  libaprutil1-dbd-sqlite3 libaprutil1-dbd-sqlite3    
  libaprutil1-ldap libaprutil1-ldap    
  libjpeg62      


Ubuntu

All Nodes Master Nodes Console Nodes Console/Console DB Nodes Cloud Provisioner Nodes
pciutils file file libjpeg62 libxslt1.1
dmidecode libmagic1 libmagic1   libxml2
cron libpcre3 libpcre3    
libxml2 curl curl    
hostname perl perl    
libldap-2.4-2 mime-support mime-support    
libreadline5 libapr1 libapr1    
virt-what libcap2 libcap2    
  libaprutil1 libaprutil1    
  libaprutil1-dbd-sqlite3 libaprutil1-dbd-sqlite3    
  libaprutil1-ldap libaprutil1-ldap    
  libjpeg62      


AIX

In order to run the puppet agent on AIX systems, you’ll need to ensure the following are installed before attempting to install the puppet agent:

  • bash
  • zlib
  • readline

All AIX toolbox packages are available from IBM.

To install the packages on your selected node directly, you can run rpm -Uvh with the following URLs (note that the RPM package provider on AIX must be run as root):

  • ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/bash/bash-3.2-1.aix5.2.ppc.rpm
  • ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/zlib/zlib-1.2.3-4.aix5.2.ppc.rpm
  • ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/readline/readline-6.1-1.aix6.1.ppc.rpm (AIX 6.1 and 7.1 only)
  • ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/readline/readline-4.3-2.aix5.1.ppc.rpm (AIX 5.3 only)

Note: if you are behind a firewall or running an http proxy, the above commands may not work. Instead, use the link above to find the packages you need.

Note: GPG verification will not work on AIX, the RPM version used by AIX (even 7.1) is too old. The AIX package provider doesn’t support package downgrades (installing an older package over a newer package). Avoid using leading zeros when specifying a version number for the AIX provider (i.e., use 2.3.4 not 02.03.04).

The PE AIX implementation supports the NIM, BFF, and RPM package providers. Check the Type Reference for technical details on these providers.

Solaris

Solaris support is agent only.

For Solaris 10, the following packages are required:

  • SUNWgccruntime
  • SUNWzlib
  • In some instances, bash may not be present on Solaris systems. It needs to be installed before running the PE installer. Install it via the media used to install the OS or via CSW if that is present on your system. (CSWbash or SUNWbash are both suitable.)

For Solaris 11 the following packages are required:

  • system/readline
  • system/library/gcc-45-runtime
  • library/security/openssl

These packages are available in the Oracle Solaris release repository (enabled by default on Solaris 11). The PE installer will automatically install them; however, if the release repository is not enabled, the packages will need to be installed manually.


Next Steps

↑ Back to top