Installing agents

Puppet Enterprise (PE) agent nodes monitor your infrastructure and help keep it in your desired state. You can install agents on *nix, Windows, and macOS nodes.

There are multiple ways to install agents. We recommend using the install script or installing agents from the console, and we have provided instructions for other cases, such as non-root agents, offline installation, and manually-transferred certificates. After installing agents, you must accept their certificate signing requests (CSRs).

You usually install agents from the PE package management repository on your primary server, which is created when you install your primary server. This repository serves packages over HTTPS using the same port as the primary server (port 8140). This means agent nodes don't require you to open any ports other than the one they already use to communicate with the primary server.

You can find agent packages on the primary server at /opt/puppetlabs/server/data/packages/public/<PE VERSION>/. This directory contains the platform-specific repository file structure for agent packages. For example, if your primary server runs on CentOS 7, in the agent packages directory there is a directory named el-7-x86_64. This directory contains multiple subdirectories with the packages needed to install an agent.

To install FIPS-enabled PE agents, install the appropriate FIPS-enabled agent on a third party supported platform with FIPS mode enabled. You can use FIPS-enabled agents with a non-FIPS enabled primary server.

All agent installation instructions assume your nodes use Supported operating systems.