Configuration Management on Raspberry Pi with Puppet

Puppet is an open-source configuration management tool that helps automate the deployment and management of files and applications on target hosts. A puppet master contains the definition of the desired configurations in files called manifests or modules. Agents can query the master in order to know which configuration changes to apply.

Screen Shot 2016-06-02 at 19.16.55

puppet labs logo from Puppet Keynote by Luke Kanies

In this post, I will cover the installation of the puppet master and puppet agent, along with a simple example manifest. I intend to fully puppetize my project, delivering a set of manifests and modules, making it possible to recreate it with minimal effort.

Let’s get puppetizing!


For this guide, I am using a Raspberry Pi 3 running the latest version of Jessie.

After connecting via SSH (via ethernet or wifi), the file system was expanded using “raspi-config”:

Screen Shot 2016-05-29 at 14.29.35

Using the same application, the hostname was changed to “puppet”:

Screen Shot 2016-05-29 at 14.29.58 Screen Shot 2016-05-29 at 14.30.07

Finally, the software has been fully updated:

With that taken care of, we can proceed to the actual installation.

Puppet Master

The puppet master holds the definition of every node by means of reusable modules. A node is then defined by a specific combination of modules, in order to obtain a specific role.

Screen Shot 2016-06-02 at 19.14.57

Lifecycle of a Puppet Run from Puppet Keynote by Luke Kanies

Installation & Configuration

Installing puppet master is straightforward and can be done using the following command:

It will install the necessary dependencies.

Once installed, you should be able to query puppet to verify the installed certificates:

When new agents will attempt to perform a puppet run, a certificate will be generated on the master. Only when it is signed by the master, will the agent be able to successfully perform the puppet run.

To start or stop the puppet master, simply call the apache2 service:

Manifests & Modules

In puppet, manifests describe the configuration actions to be performed. This can be as simple as ensuring a certain file with specific content is present (or absent), but also more advanced like automatically installing and configuring a certain application.

To test the installation of the puppet master, a simple manifest can be used.

This manifest will ensure the file “testfile” is present in the “/tmp” folder, with read permission containing the text “test content”. If the file doesn’t exist, or the permissions or content are not as expected, puppet will correct it accordingly.

This example showcases a standalone manifest. Manifests can be combined with files and templates into a module. The purpose of the module is to complete a set of related actions, such as installing an application and configuring it for example.

Let’s install the agent and test out this manifest.

Puppet Agent

Puppet agent’s role is to retrieve the local machine’s configuration by contacting the Puppet Master, retrieve the configuration and apply it.

For this purpose, I used a second Raspberry Pi. I used the same preparation steps, except I gave it a different hostname: “piiot1”.


Installing and activating the agent is as easy as installing the master:

Once the agent is installed, an initial “puppet run” is required to generate the certificate on the master:

On the puppet master, it is possible to list the certificates. The certificate for node “piiot1” is not signed yet, preventing the actual execution of the manifest.

On the same master, the certificate can be signed, as the node is known to be part of our setup.

A “+” sign is added in front of the certificate, indicating it is signed.

With the certificate signed, it is now possible to perform a puppet run and execute the actions defined in the manifest.

Puppet Run

Repeating the same command to perform the puppet run, now results in the execution of the manifest defined on the master:

The test file has been created, has the required permissions and content:


Success! Puppet master and agent have successfully been deployed. We can now continue by defining more elaborate manifests and modules which will help us simplify future deployments.

It may be hard to grasp or see the advantages of setting up puppet based on this example, but instead of deploying a simple file, imagine this “puppet run” installing and configuring a set applications. Sounds rather neat, right? That’s what you can expect for in a future post!

10 thoughts on “Configuration Management on Raspberry Pi with Puppet”

    1. Hi,

      the version from the repo was good enough for me, even if not the latest one.
      You can indeed install a more recent version, but I haven’t tried, so I don’t know if it will work.

  1. Very good read for fast information! Did you by chance happen to expand to more elaborate configurations? I’m curious about using a git repo as the ‘master’.

  2. Hi,
    Very good tutorial. Here are some things that i ran into and you might be able to update.
    My version: 3.7.2 running on Jessy
    Here are my observations:
    – Might want to incluse the expected result of ‘sudo service apache2 status’
    – Might point out if there are problems with certificate how to ‘clean’ and reboot.
    – on my installation, the agent wants to connect to ‘puppet’, this does not resolve ‘puppet.local’ is. So had to start server manually sudo puppet agent -t –server puppet.local’ …
    – Because of the modification of the server name, had to regenerate the certificates. ‘sudo puppet cert clean puppet.home’ and then ‘sudo puppet cert generate puppet.home –dns_alt_names puppet,puppet.home,puppet.local’

Leave a Reply

Your email address will not be published. Required fields are marked *