Install compilers

Installing a compiler adds the specified node to the PE Infrastructure Agent and PE Compiler node groups and installs the PuppetDB service on the node.

Before you begin:
The node you want to provision as a compiler must have a Puppet agent installed, or you must be able to connect to a non-agent node with SSH.

Ensure that you have a valid admin RBAC token. For instructions, see Token-based authentication.

Before you install compilers in multi-region installations, contact Support for guidance. If your primary server and compilers are connected with high-latency links or congested network segments, you might experience better PuppetDB performance with legacy compilers.

To install a FIPS-compliant compiler, install the compiler on a supported platform with FIPS mode enabled. The node must be configured with sufficient available entropy or the installation process fails.

Configure the agent on infrastructure nodes to connect to the primary server.

In the console, click Node groups, and in the PE Infrastructure group, select the PE Agent > PE Infrastructure Agent group.
If you manage your load balancers with agents, on the Rules tab, pin load balancers to the group.
Pinning load balancers to the PE Infrastructure Agent group ensures that they communicate directly with the primary server.

On the Classes tab, find the puppet_enterprise::profile::agent class and specify these parameters:

Parameter	Value
manage_puppet_conf	Specify `true` to ensure that your setting for `server_list` is configured in the expected location and persists through Puppet runs.
pcp_broker_list	Hostname for your primary server and replica, if you have one. Hostnames must include port 8142, for example `["PRIMARY.EXAMPLE.COM:8142", "REPLICA.EXAMPLE.COM:8142"]`.
primary_uris	Hostname for your primary server and replica, if you have one, for example `["PRIMARY.EXAMPLE.COM", "REPLICA.EXAMPLE.COM"]`. This setting assumes port 8140 unless you specify otherwise with `host:port`.
server_list

Remove any values set for pcp_broker_ws_uris.
Commit changes.
Run Puppet on all agents classified into the PE Infrastructure Agent group.

Pin the node that you want to provision to the PE Infrastructure Agent group, and then run Puppet on the node (run puppet agent -t).
On your primary server, logged in as root, run the following command to provision a single compiler:
```
puppet infrastructure provision compiler <COMPILER_FQDN>
```
This command accepts a maximum of one compiler FQDN; this command can't provision multiple compilers at once. Additionally, you can specify these optional parameters:
- dns-alt-names: Comma-separated list of any alternative names that agents use to connect to the compiler. The installation uses puppet by default.
  If your puppet.conf file includes a dns_alt_names entry, you must include the dns-alt-names parameter when provisioning your compiler.
- no-dns-alt-names: Prevents the installer from setting the default alternative name, puppet. Use this parameter if you don't allow alternative names (as indicated by allow-subject-alt-names: false in your ca.conf file).
- use-ssh: Enables installing on a node that doesn't have a Puppet agent currently installed. You must be able to connect to the node with SSH. You can pair this flag with additional SSH parameters. Run puppet infrastructure provision --help for details.
Verify that the contents of the global layer Hiera file on the new compiler, located at /etc/puppetlabs/puppet/hiera.yaml, match the contents of the global layer Hiera file on the primary server.
- If necessary, update hiera.yaml on the compiler to match hiera.yaml on the primary server.
- If you use code to manage the contents of hiera.yaml on the primary server, ensure that the new compiler is also classified to manage the contents of its own hiera.yaml file.

What to do next
Configure compilers to appropriately route communication between your primary server and agent nodes.