Here’s an explanation of how to set up puppet.
I’m newbie to puppet.
just referred to http://www.unixmen.com/install-puppet-master-and-client-in-ubuntu/
many thanks!
I have prepared two boxes , one is puppet master , the other is puppet client.
root@puppetmaster:~# tail -1 /etc/lsb-release
DISTRIB_DESCRIPTION="Ubuntu 12.04.2 LTS"
root@puppetmaster:~# uname -ri
3.2.0-38-generic x86_64
|
puppet master : 192.168.10.225
puppet client : 192.168.10.247
on the puppet master
root@puppetmaster:~# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.10.225 puppetmaster.localdomain puppetmaster
192.168.10.247 puppetclient.localdomain puppetclient
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
root@puppetmaster:~# cat /etc/hostname
puppetmaster
root@puppetmaster:~#
|
on the puppet client
root@puppetclient:~# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain
192.168.10.225 puppetmaster puppetmaster.localdomain
192.168.10.247 puppetclient puppetclient.localdomain
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
root@puppetclient:~#
root@puppetclient:~# cat /etc/hostname
puppetclient
root@puppetclient:~#
|
before installing puppet , confirm whether you can send / receive ping packets from both boxes.
root@puppetmaster:~# ping -c 1 puppetclient.localdomain
PING puppetclient.localdomain (192.168.10.247) 56(84) bytes of data.
64 bytes from puppetclient.localdomain (192.168.10.247): icmp_req=1 ttl=64 time=0.845 ms
--- puppetclient.localdomain ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.845/0.845/0.845/0.000 ms
|
[ install puppet client ]
on the puppet client box
root@puppetclient:~# apt-get install puppet –y
|
[ install puppetmaster ]
on the puppet master box
root@puppetmaster:~# apt-get install -y puppet puppetmaster
|
create a manifest on the puppet master box
This manifest will enable puppet client to install apache2 and create a file /tmp/testfile
root@puppetmaster:~# cat /etc/puppet/manifests/site.pp
package{
'apache2':
ensure => installed
}
service {
'apache2':
ensure => true,
require => Package['apache2']
}
package {
'vim':
ensure => installed
}
class test_class {
file {"/tmp/testfile":
ensure => present,
mode => 600,
owner => root,
group => root
}
}
node puppetclient {
include test_class
}
|
on the puppet master , start puppetmaster process
root@puppetmaster:~# /etc/init.d/puppetmaster restart
* Restarting puppet master [ OK ]
|
on the puppet client , register puppet master
edit puppetd.conf
root@puppetclient:~# cat /etc/puppet/puppetd.conf
server = puppetmaster.localdomain
# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir=/var/log/puppet
vardir=/var/lib/puppet
rundir=/var/run
|
confirm whether the client can send / receive ping packets to the puppet master.
root@puppetclient:~# ping puppetmaster.localdomain -c 1
PING puppetmaster (192.168.10.225) 56(84) bytes of data.
64 bytes from puppetmaster (192.168.10.225): icmp_req=1 ttl=64 time=1.07 ms
|
on the puppet client
root@puppetclient:~# puppetd --server puppetmaster.localdomain --waitforcert 60 --test
info: Creating a new SSL key for puppetclient
info: Caching certificate for ca
info: Creating a new SSL certificate request for puppetclient
info: Certificate Request fingerprint (md5): AB:6D:6E:55:3F:9E:12:6F:7D:89:B3:CF:08:07:1A:6A
|
on the puppet master
root@puppetmaster:~# puppetca --list --all
"puppetclient" (0E:75:CC:A3:A3:98:28:F6:96:20:F7:10:F5:A3:AE:FD)
+ "puppetmaster" (D2:C3:3B:69:B0:30:39:97:23:07:1C:FC:6C:19:B6:09)
|
on the puppet master
sign CA for the client. nnn , error
root@puppetmaster:~# puppetca --sign puppetclient.localdomain
err: Could not call sign: Could not find certificate request for puppetclient.localdomain
|
oh , no need to specify the domainname..
root@puppetmaster:~# puppetca --sign puppetclient
notice: Signed certificate request for puppetclient
notice: Removing file Puppet::SSL::CertificateRequest puppetclient at '/etc/puppet/ssl/ca/requests/puppetclient.pem'
|
on the puppet client
error..
root@puppetclient:~# puppetd --server puppetmaster.localdomain --waitforcert 60 --test
info: Creating a new SSL key for puppetclient
info: Caching certificate for ca
info: Creating a new SSL certificate request for puppetclient
info: Certificate Request fingerprint (md5): 0E:75:CC:A3:A3:98:28:F6:96:20:F7:10:F5:A3:AE:FD
info: Caching certificate for puppetclient
err: Could not retrieve catalog from remote server: Server hostname 'puppetmaster.localdomain' did not match server certificate; expected puppetmaster
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
err: Could not send report: Server hostname 'puppetmaster.localdomain' did not match server certificate; expected puppetmaster
|
try again.
I’ve changed –server options to puppetmaster from puppetmaster.localdomain.
Okay
root@puppetclient:~# puppetd --server puppetmaster --waitforcert 60 –test
info: Caching certificate_revocation_list for ca
info: Caching catalog for puppetclient
info: Applying configuration version '1363665357'
notice: /Stage[main]/Test_class/File[/tmp/testfile]/ensure: created
notice: Finished catalog run in 0.12 seconds
root@puppetclient:~# echo $?
0
|
on the puppet client
root@puppetclient:~# ls /tmp/testfile
/tmp/testfile
root@puppetclient:~# ps aux | grep apache2 | grep -v grep
root 1060 0.0 0.2 69988 2980 ? Ss 12:45 0:00 /usr/sbin/apache2 -k start
www-data 1062 0.0 0.2 69720 2080 ? S 12:45 0:00 /usr/sbin/apache2 -k start
www-data 1063 0.0 0.2 358960 2532 ? Sl 12:45 0:00 /usr/sbin/apache2 -k start
www-data 1064 0.0 0.2 358960 2532 ? Sl 12:45 0:00 /usr/sbin/apache2 -k start
|
If you can successfully install apache2 and create a file on the puppet client , start puppet on the puppet client box.
By default , puppet client polls the server every 30 minutes.
on the puppet client.
root@puppetclient:~# cat /etc/default/puppet
# Defaults for puppet - sourced by /etc/init.d/puppet
# Start puppet on boot?
#START=no
START=yes
# Startup options
DAEMON_OPTS=""
root@puppetclient:~# /etc/init.d/puppet restart
* Restarting puppet agent
|
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.