DRAFT ..
[root@scientificlinux, load: 0.47] (Sat Oct 11 - 05:12:06)
/etc/sysconfig/network-scripts $ cat ifcfg-Auto_eth1
HWADDR=08:00:27:F4:47:4A
TYPE=Ethernet
BOOTPROTO=none
IPADDR=192.168.56.107
PREFIX=24
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="Auto eth1"
UUID=fdc72b1d-bc20-46c1-8945-cd908aeb30e4
ONBOOT=yes
LAST_CONNECT=1411865726
[root@scientificlinux, load: 0.47] (Sat Oct 11 - 05:12:13)
/etc/sysconfig/network-scripts $
sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
https://www.digitalocean.com/community/tags/configuration-management?primary_filter=tutorials
Other OS:
https://www.digitalocean.com/community/tutorials/how-to-install-puppet-on-a-digitalocean-vps
Installation instructions for other Linux distros, OS X, Windows,
the BSDs or Solaris are available, here:
http://docs.puppetlabs.com/guides/installation.html#installing-puppet-1
#PreInstall Guide:
https://docs.puppetlabs.com/guides/install_puppet/pre_install.html
#Install Puppet
Red Hat Enterprise Linux (and Derivatives)
https://docs.puppetlabs.com/guides/install_puppet/install_el.html
#postInsall Guide:
https://docs.puppetlabs.com/guides/install_puppet/post_install.html
Puppet Install guide:
https://docs.puppetlabs.com/guides/install_puppet/install_el.html
#Enable the Puppet Labs Package Repository
"On the master server":
Enterprise Linux 7
$ sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
#Install puppet-server
"One the clinet:"
Enterprise Linux 7
$ sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
Enterprise Linux 6
http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
#[root@node puppet]# yum repolist | grep puppet
puppetlabs-deps Puppet Labs Dependencies El 6 - x86_64 68
puppetlabs-products Puppet Labs Products El 6 - x86_64 430
[root@node puppet]#
#[root@scientificlinux, load: 0.01] (Fri Oct 10 - 20:44:27)
/etc/puppet/manifests $ puppet --version
3.7.1
#[root@scientificlinux, load: 0.01] (Fri Oct 10 - 20:46:49)
/etc/puppet/manifests $ facter | grep hostname
hostname => scientificlinux
#[root@scientificlinux, load: 0.01] (Fri Oct 10 - 20:47:29)
/etc/puppet/manifests $ facter | grep fqdn
fqdn => scientificlinux.example.com
[root@scientificlinux, load: 0.01] (Fri Oct 10 - 20:47:38)
/etc/puppet/manifests $
#Install puppet on the clinet
yum install puttet
#Next At this point, Puppet is installed, but it isn’t configured or running.
#You should now do the post-install tasks.
#Post Install Guide:
Configure a Puppet Master Server
After installing Puppet on a node that will act as a puppet master server,
you need to:
Get the master’s names and certificates set up
Configure any necessary settings
Put your Puppet modules and manifests in place
Configure a production-ready web server
Configure load balancing and CA service routing if you’re using multiple masters
Start the puppet master service
#Setup Certificate:
Decide on a main name for Puppet services at your site, and make sure
your DNS resolves it to the puppet master (or its load balancer). Unconfigured agents
will try to find a master at puppet, so if you use this name it can reduce setup time.
In the [main] section of the master’s puppet.conf file, set the dns_alt_names setting to
a comma-separated list of each hostname the master should be allowed to use:
dns_alt_names = puppet,puppet.example.com,scientificlinux.example.com
192.168.56.107 scientificlinux.example.com scientificlinux puppet
192.168.56.107 puppet.example.com puppet
#Setup CA
If this is the only puppet master in your deployment, or if it will be acting as the CA server for a multi-master site, you should now run:
$ sudo puppet master --verbose --no-daemonize
#[root@scientificlinux, load: 0.01] (Fri Oct 10 - 20:27:45)
~ $ puppet master --verbose --no-daemonize
Info: Creating a new SSL key for ca
Info: Creating a new SSL certificate request for ca
Info: Certificate Request fingerprint (SHA256): 3A:BB:79:ED:C6:93:E6:C1:A4:2D:F7:90:8D:59:F2:B8:9E:2A:AE:AE:F3:1F:6F:C6:CA:02:C0:CC:FB:FC:06:DE
Notice: Signed certificate request for ca
Info: Creating a new certificate revocation list
Info: Creating a new SSL key for scientificlinux.example.com
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for scientificlinux.example.com
Info: Certificate Request fingerprint (SHA256): BD:08:FE:D9:43:F4:FA:56:A4:F7:38:A6:31:8B:87:6E:BC:6F:64:F9:DC:F5:E7:A4:1C:48:B4:F7:57:6F:EB:DE
Notice: scientificlinux.example.com has a waiting certificate request
Notice: Signed certificate request for scientificlinux.example.com
Notice: Removing file Puppet::SSL::CertificateRequest scientificlinux.example.com at
'/var/lib/puppet/ssl/ca/requests/scientificlinux.example.com.pem'
Notice: Removing file Puppet::SSL::CertificateRequest scientificlinux.example.com at
'/var/lib/puppet/ssl/certificate_requests/scientificlinux.example.com.pem'
Notice: Starting Puppet master version 3.7.1
^CNotice: Caught INT; calling stop
[root@scientificlinux, load: 0.01] (Fri Oct 10 - 20:28:58)
~ $
#Master related settings
https://docs.puppetlabs.com/puppet/latest/reference/config_important_settings.html#settings-for-puppet-master-servers
#Main Manifest
https://docs.puppetlabs.com/puppet/latest/reference/dirs_manifest.html
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
server = scientificlinux.example.com
report = true
pluginsync = true
certname = node.example.com
[root@node puppet]#
#[root@scientificlinux, load: 0.38] (Fri Oct 10 - 21:00:38)
/var/log $ puppet cert --list
"node.example.com" (SHA256) 40:4C:EB:38:56:A1:4B:ED:3A:49:29:F6:4B:64:1C:EE:6B:8B:D9:41:A6:C5:E5:EA:66:4A:80:9E:F0:30:FF:4E
[root@scientificlinux, load: 0.38] (Fri Oct 10 - 21:01:44)
/var/log $
#[root@scientificlinux, load: 0.38] (Fri Oct 10 - 21:01:44)
/var/log $ puppet cert --sign node.example.com
Notice: Signed certificate request for node.example.com
Notice: Removing file Puppet::SSL::CertificateRequest node.example.com at '/var/lib/puppet/ssl/ca/requests/node.example.com.pem'
[root@scientificlinux, load: 0.38] (Fri Oct 10 - 21:02:47)
/var/log $
#[root@scientificlinux, load: 0.38] (Fri Oct 10 - 21:04:57)
/var/lib/puppet/ssl/ca/signed $ ll
total 8
-rw-r--r--. 1 puppet puppet 1972 Oct 10 21:02 node.example.com.pem
-rw-r--r--. 1 puppet puppet 2078 Oct 10 20:28 scientificlinux.example.com.pem
#[root@scientificlinux, load: 0.38] (Fri Oct 10 - 21:05:17)
/var/lib/puppet/ssl/ca/signed $ cat /etc/puppet/puppet.conf
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
#Setup for Certificate DNS names allowed.
server = scientificlinux.example.com
dns_alt_names = puppet,puppet.example.com,scientificlinux.example.com
[agent]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
[root@scientificlinux, load: 0.38] (Fri Oct 10 - 21:05:21)
/var/lib/puppet/ssl/ca/signed
[root@scientificlinux, load: 0.30] (Fri Oct 10 - 21:18:06)
~ $ yum install git
#Module Install
#[root@scientificlinux, load: 0.47] (Fri Oct 10 - 21:29:37)
/etc/puppet/modules $ puppet module install puppetlabs-mysql
Notice: Preparing to install into /etc/puppet/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
/etc/puppet/modules
ââ⬠puppetlabs-mysql (v2.3.1)
âââ puppetlabs-stdlib (v4.3.2)
#[root@scientificlinux, load: 0.47] (Fri Oct 10 - 21:30:21)
/etc/puppet/modules $ ll
total 8
drwxr-xr-x. 8 root root 4096 Jul 18 11:19 mysql
drwxr-xr-x. 6 root root 4096 Jul 16 14:11 stdlib
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 21:30:35)
/etc/puppet/modules $
#[root@scientificlinux, load: 0.47] (Fri Oct 10 - 21:36:21)
/etc/puppet/manifests $ cat site.pp
node node.example.com {
class { 'mysql': }
class { 'mysql::server':
config_hash => { 'root_password' => 'redhat' }
}
}
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 21:36:24)
/etc/puppet/manifests $
#[root@node puppet]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Could not parse for environment production: Syntax error at '['; expected ']' at /etc/puppet/manifests/site.pp:1 on node node.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
[root@node puppet]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse for
environment production: Syntax error at 'node' at /etc/puppet/manifests/site.pp:1 on node node.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
[root@node puppet]#
#TroubleShooting:
https://docs.puppetlabs.com/pe/latest/trouble_comms.html
#[root@scientificlinux, load: 0.47] (Fri Oct 10 - 21:36:24)
/etc/puppet/manifests $ hostname -f
scientificlinux.example.com
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 23:05:45)
/etc/puppet/manifests $ vi site.pp
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 23:06:13)
/etc/puppet/manifests $ ll
total 4
-rw-r--r--. 1 root root 267 Oct 10 23:06 site.pp
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 23:06:50)
/etc/puppet/manifests $ puppet apply site.pp
Notice: Compiled catalog for scientificlinux.example.com in environment production in 0.14 seconds
Notice: /Stage[main]/Main/Node[scientificlinux.example.com]/File[/root/example_file.txt]/ensure: defined content as '{md5}8a2d86dd40aa579c3fabac1453fcffa5'
Notice: Finished catalog run in 0.03 seconds
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 23:06:56)
/etc/puppet/manifests $ cat site.pp
node "scientificlinux.example.com" {
file { '/root/example_file.txt':
ensure => "file",
owner => "root",
group => "root",
mode => "700",
content => "Congratulations!
Puppet has created this file.
",}
} # End node scientificlinux.example.com
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 23:07:16)
/etc/puppet/manifests $ ll /root/example_file.txt
-rwx------. 1 root root 47 Oct 10 23:06 /root/example_file.txt
#
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 23:07:28)
#/etc/puppet/manifests $ cat /root/example_file.txt
Congratulations!
Puppet has created this file.
[root@scientificlinux, load: 0.47] (Fri Oct 10 - 23:07:41)
/etc/puppet/manifests $
#[root@scientificlinux, load: 0.47] (Sat Oct 11 - 00:20:56)
#~ $ ~ $ vi example_file.txt
#~ $ puppet apply /etc/puppet/manifests/site.pp
Notice: Compiled catalog for scientificlinux.example.com in environment production in 0.13 seconds
Notice: /Stage[main]/Main/Node[scientificlinux.example.com]/File[/root/example_file.txt]/content:
content changed '{md5}a4db201e177c3e23fcc8128adaf8a1ab' to '{md5}8a2d86dd40aa579c3fabac1453fcffa5'
Notice: Finished catalog run in 0.04 seconds
[root@scientificlinux, load: 0.47] (Sat Oct 11 - 00:20:36)