First

 apt install puppet
 

You can choose how to reach the server by configuring it or using dns, which is a great advantage if you have all the servers in one domain.

 puppet config set server puppet.starlab.cz

1. make sure you have properly setup hostname in /etc/hostname and /etc/hosts
2. add puppet to your /etc/hosts

10.0.4.60 puppet puppet.starlab.cz

or

212.20.102.91 puppet puppet.starlab.cz

1. initiate connection to server

   xen-starlab:~# puppetd --server puppet --test
   info: Creating a new SSL key for xen.starlab.cz
   info: Caching certificate for ca
   info: Creating a new SSL certificate request for xen.starlab.cz
   info: Certificate Request fingerprint (md5): AA:A6:EA:69:9A:35:91:C2:EA:8B:CF:B4:70:8E:2E:4B
   Exiting; no certificate found and waitforcert is disabled

v novejsi verzi puppetu:

xen-starlab:~# puppet agent --server puppet --test

The service seems to be running properly netstat's output - port 8140

tcp        0      0 0.0.0.0:8140            0.0.0.0:*               LISTEN      22428/ruby1.8

Hey! We have a new client

root@ibm:~# puppet cert --list
  "xen.starlab.cz" (AA:A6:EA:69:9A:35:91:C2:EA:8B:CF:B4:70:8E:2E:4B)

So sign it!

puppet cert --sign xen.starlab.cz
notice: Signed certificate request for xen.starlab.cz
notice: Removing file Puppet::SSL::CertificateRequest xen.starlab.cz at '/path/to.pem'

puppetd --server puppet --waitforcert 80 --test

Warning –test doesn't mean 'test', it is a short for:

´onetime´, ´verbose´, ´ignorecache´, ´no-daemonize´, ´no-usecacheonfailure´, ´detailed-exit-codes´, ´no-splay´, and ´show_diff´

Here is the output:

xen-starlab:~# puppetd --server puppet --waitforcert 80 --test
info: Caching catalog for xen.starlab.cz
info: Applying configuration version '1413471896'
notice: /Stage[main]//File[nrpe_local.cfg]/content: 
--- /etc/nagios/nrpe_local.cfg  2013-03-09 08:53:33.000000000 +0100
+++ /tmp/puppet-file20141106-21693-vorhz2-0     2014-11-06 20:57:19.823561813 +0100
@@ -1,3 +1,10 @@
-######################################
-# Do any local nrpe configuration here
-######################################
+command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
+command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
+command[check_disk]=/usr/lib/nagios/plugins/check_disk -w 8% -c 4% 
+command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
+command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200 
+command[check_apt]=/usr/lib/nagios/plugins/check_apt
+command[check_linux_raid]=/usr/lib/nagios/plugins/check_linux_raid
+command[check_rdiff]=sudo /usr/lib/nagios/plugins/check_backup_storage
+command[check_smart]=sudo /usr/lib/nagios/plugins/check_smart
+command[check_ipmi]=/usr/lib/nagios/plugins/check_ipmi

info: FileBucket adding {md5}19c1c67393a0b6002f4595b535c71cc2
info: /Stage[main]//File[nrpe_local.cfg]: Filebucketed /etc/nagios/nrpe_local.cfg to puppet with sum 19c1c67393a0b6002f4595b535c71cc2
notice: /Stage[main]//File[nrpe_local.cfg]/content: content changed '{md5}19c1c67393a0b6002f4595b535c71cc2' to '{md5}d8116d9a68b755368037d6bc08d3f1db'
notice: Finished catalog run in 0.44 seconds

Create a cron job

    puppet resource cron puppet-agent ensure=present user=root minute=30 command='/usr/bin/puppet agent --onetime --no-daemonize --splay'

Output:

notice: /Cron[puppet-agent]/ensure: created
cron { 'puppet-agent':
  ensure  => 'present',
  command => '/usr/bin/puppet agent --onetime --no-daemonize --splay',
  minute  => ['30'],
  target  => 'root',
  user    => 'root',
}

and the cron line is not system wide, but root's

server:~# crontab -l
# HEADER: This file was autogenerated at Thu Nov 06 21:21:15 +0100 2014 by puppet.
# HEADER: While it can still be managed manually, it is definitely not recommended.
# HEADER: Note particularly that the comments starting with 'Puppet Name' should
# HEADER: not be deleted, as doing so could cause duplicate cron jobs.
# Puppet Name: puppet-agent
30 * * * * /usr/bin/puppet agent --onetime --no-daemonize --splay

Why cron job instead of daemon? Cron job can sometimes perform better and use less memory.

puppet agent --enable
service puppet restart