Wednesday, February 8, 2017

Puppet Master Configuration





Puppet Master Configuration

Step 1 : Install Puppet repository
[root@node1 ~]# rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-11.noarch.rpm
Retrieving http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-11.noarch.rpm
Preparing...                ########################################### [100%]
        package puppetlabs-release-6-11.noarch is already installed
[root@node1 ~]#

Step 2 : Configure hostname

[root@node1 ~]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=node1.jayesh.com
[root@node1 ~]#

Step 3 : Configure name of Master and Minion (agent) in hosts file
[root@node1 ~]# cat /etc/hosts
127.0.0.1      node1.example.com                localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
192.168.74.128 node1.jayesh.com
192.168.74.129 node2.jayesh.com
[root@node1 ~]#

Step 4 : Try to ping  master from agent and vice-versa.
[root@node1 ~]# ping node2.jayesh.com
PING node2.jayesh.com (192.168.74.129) 56(84) bytes of data.
64 bytes from node2.jayesh.com (192.168.74.129): icmp_seq=1 ttl=64 time=18.9 ms
64 bytes from node2.jayesh.com (192.168.74.129): icmp_seq=2 ttl=64 time=0.618 ms
64 bytes from node2.jayesh.com (192.168.74.129): icmp_seq=3 ttl=64 time=0.430 ms
64 bytes from node2.jayesh.com (192.168.74.129): icmp_seq=4 ttl=64 time=0.396 ms
64 bytes from node2.jayesh.com (192.168.74.129): icmp_seq=5 ttl=64 time=0.500 ms

[root@node2 ~]# ping node1.jayesh.com
PING node1.jayesh.com (192.168.74.128) 56(84) bytes of data.
64 bytes from node1.jayesh.com (192.168.74.128): icmp_seq=1 ttl=64 time=14.0 ms
64 bytes from node1.jayesh.com (192.168.74.128): icmp_seq=2 ttl=64 time=0.419 ms
64 bytes from node1.jayesh.com (192.168.74.128): icmp_seq=3 ttl=64 time=0.467 ms
64 bytes from node1.jayesh.com (192.168.74.128): icmp_seq=4 ttl=64 time=0.653 ms
64 bytes from node1.jayesh.com (192.168.74.128): icmp_seq=5 ttl=64 time=0.629 ms


Step 5 :  yum install puppet puppet-server facter –y





Step 6 :  Firewall configuration
Puppet master TCP port is 8140. Accpets requests from agent on this port


[root@node1 ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0] 
-A INPUT -p tcp -m state --state NEW --dport 8140 -j ACCEPT

Add the line marked in yellow
Restart  IPTABLES
/etc/init.d/iptables restart

Step 7 : Updating Master Configuration
 Vi /etc/puppet/puppet.conf
Add  the following line in main section
certname=node1.jayesh.com

For eg :
[root@node1 ~]# cat /etc/puppet/puppet.conf
[main]
    # The Puppet log directory.
    # The default value is '$vardir/log'.
    logdir = /var/log/puppet

    # Where Puppet PID files are kept.
    # The default value is '$vardir/run'.
    rundir = /var/run/puppet

    # Where SSL certificates are kept.
    # The default value is '$confdir/ssl'.
    ssldir = $vardir/ssl
    certname = node1.example.com
[agent]
    # The file in which puppetd stores a list of the classes
    # associated with the retrieved configuratiion.  Can be loaded in
    # the separate ``puppet`` executable using the ``--loadclasses``
    # option.
   
Step 8:  /etc/init.d/puppetmaster start
As soon you start the puppet master CA certificate will generate
[root@node1 ~]# ls -l /var/lib/puppet/ssl/
total 28
drwxr-xr-x 5 puppet puppet 4096 Nov 14 04:16 ca
drwxr-xr-x 2 puppet puppet 4096 Nov 21 00:10 certificate_requests
drwxr-xr-x 2 puppet puppet 4096 Nov 21 00:10 certs
-rw-r--r-- 1 puppet puppet  967 Nov 14 04:16 crl.pem
drwxr-x--- 2 puppet puppet 4096 Nov 14 04:16 private
drwxr-x--- 2 puppet puppet 4096 Nov 21 00:10 private_keys
drwxr-xr-x 2 puppet puppet 4096 Nov 21 00:10 public_keys
[root@node1 ~]#



Agent Configuration :    

Step 1 : Install Puppet repository
[root@node2 ~]# rpm -ivh http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-11.noarch.rpm
Retrieving http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-11.noarch.rpm
Preparing...                ########################################### [100%]
        package puppetlabs-release-6-11.noarch is already installed

Step 2 : Configure hostname

[root@node2 ~]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=node2.jayesh.com

Step 3 : Configure name of Master and Minion (agent) in hosts file
[root@node1 ~]# cat /etc/hosts
127.0.0.1      node1.example.com                localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
192.168.74.128 node1.jayesh.com
192.168.74.129 node2.jayesh.com

Step 4 :  yum install puppet facter –y

Step 5 :  Updating Agent configuration
Add  entry in vi /etc/puppet/puppet.com
    server = node1.jayesh.com

For eg :
[root@node2 ~]# cat /etc/puppet/puppet.conf
[main]
    # The Puppet log directory.
    # The default value is '$vardir/log'.
    logdir = /var/log/puppet

    # Where Puppet PID files are kept.
    # The default value is '$vardir/run'.
    rundir = /var/run/puppet

    # Where SSL certificates are kept.
    # The default value is '$confdir/ssl'.
    ssldir = $vardir/ssl
    server = node1.jayesh.com
[agent]

Step 7 :  /etc/init.d/puppet start



Now  We  NEED to sign the certificate for the  authenticating purpose

Now  Agent request for the certification :

[root@node2 ~]# puppet agent --test --server=node1.jayesh.com --waitforcert 100
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node2.jayesh.com
Info: Applying configuration version '1486239174'
Notice: Finished catalog run in 1.77 seconds
[root@node2 ~]#

On Master
[root@node1 ~]# puppet cert list
[root@node1 ~]# puppet cert sign node2.jayesh.com


Now Simple configuration in Puppet to start and install httpd

Step 1 :   cd /etc/puppet/manifests/
Step 2 :  vi site.pp

Step 3 : [root@node1 manifests]# cat site.pp
package{ 'httpd' :
  ensure => present,
}
service { 'httpd' :
 ensure => running ,
 enable => true,
}

Step 4: Now on Agent

root@node2 ~]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node2.jayesh.com
Info: Applying configuration version '1486245474'
Notice: /Stage[main]/Main/Service[httpd]/ensure: ensure changed 'stopped' to 'running'
Info: /Stage[main]/Main/Service[httpd]: Unscheduling refresh on Service[httpd]
Notice: Finished catalog run in 3.90 seconds
[root@node2 ~]# service httpd status
httpd (pid  4266) is running...


Now to stop the httpd :

[root@node1 manifests]# cat site.pp
package{ 'httpd' :
  ensure => present,
}
service { 'httpd' :
 ensure => stopped ,
 enable => true,
}

[root@node2 ~]# puppet agent --test
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for node2.jayesh.com
Info: Applying configuration version '1486246263'
Notice: /Stage[main]/Main/Service[httpd]/ensure: ensure changed 'running' to 'stopped'
Notice: Finished catalog run in 3.43 seconds
[root@node2 ~]# service httpd status
httpd is stopped

By : Jayesh Pal









1 comment:

  1. This post is very nice as well as very informative. I want to thank you for this informative read. I really appreciate sharing this great. Here step by step procedure for how to install this app is shown hence is a nice guide. View at custom essay writing service page if you are interesting on online essay services.

    ReplyDelete