Install Puppet 3 1. Installation Note: By default, in Ubuntu repos, it’s not the latest version of Puppet. It’s actually the prior version (2.x). Puppet 3 can be easy installed on Ubuntu from puppetlabs repos: sudo dpkg -i puppetlabs-release-precise.deb sudo apt-get update sudo apt-get install puppetmaster Basic configurations to get puppet master up & running Create site.pp file (/etc/puppet/manifests) Add this import 'nodes.pp' $puppetserver = 'puppetmaster.evs.local' Enable autosign on the master echo "*" > /etc/puppet/autosign.conf add in puppet.conf in [master] section: certname = puppetmaster.evs.local autosign = /etc/puppet/autosign.conf Create nodes.pp file in /etc/puppet/manifests . This will act as main config file for adding the nodes . Example for adding a first node under puppet: node webserver1.evs.local { include sudo include sshd include firewall } Add a node using regular expressions: This example will match all nodes from evs.local domain with hostnames webserver1, webserver2, etc node /^webserver\d+\.evs\.local/ { include sudo } SSL certificates - list, remove, generate - to list all certificates: puppet cert list --all - to list a host certificate: puppet cert list hostname - revoke a certificate on the master : puppet clean hostname on the agent: rm -f /var/lib/puppet/ssl/certs/webserver1.pem puppet agent -t [ for more output / debug use: puppet agent --serve=server_hostname --no-daemonize --verbose ] Notes: - Important: add to nodes host file an entry for puppetmaster (EX: 192.168.0.1 puppetmaster.evs.local) - Running puppet agent on a node with verbose to see what is happening: puppet agent --server=puppetmaster.evs.local --no-daemonize --verbose

Install Puppet 3

Download DOCX Report

Upload
marian
View
8
Download
0

Embed Size (px)

DESCRIPTION

How to install puppet

Citation preview

Install Puppet 3

1. Installation

Note: By default, in Ubuntu repos, it’s not the latest version of Puppet. It’s actually the prior version (2.x).

Puppet 3 can be easy installed on Ubuntu from puppetlabs repos:sudo dpkg -i puppetlabs-release-precise.debsudo apt-get updatesudo apt-get install puppetmaster

Basic configurations to get puppet master up & running

Create site.pp file (/etc/puppet/manifests)Add thisimport 'nodes.pp'$puppetserver = 'puppetmaster.evs.local'

Enable autosign on the masterecho "*" > /etc/puppet/autosign.conf

add in puppet.conf in [master] section:certname = puppetmaster.evs.localautosign = /etc/puppet/autosign.conf

Create nodes.pp file in /etc/puppet/manifests . This will act as main config file for adding the nodes . Example for adding a first node under puppet:

node webserver1.evs.local {include sudoinclude sshdinclude firewall

}

Add a node using regular expressions:This example will match all nodes from evs.local domain with hostnames webserver1, webserver2, etc

node /^webserver\d+\.evs\.local/ {include sudo

}

SSL certificates - list, remove, generate- to list all certificates: puppet cert list --all

- to list a host certificate:puppet cert list hostname

- revoke a certificateon the master : puppet clean hostnameon the agent: rm -f /var/lib/puppet/ssl/certs/webserver1.pem

puppet agent -t [ for more output / debug use: puppet agent --serve=server_hostname --no-daemonize --verbose ]

Notes:- Important: add to nodes host file an entry for puppetmaster (EX: 192.168.0.1 puppetmaster.evs.local)

- Running puppet agent on a node with verbose to see what is happening:puppet agent --server=puppetmaster.evs.local --no-daemonize --verbose

Common errors found - and fixed :-)

Error: Exiting; no certificate found and waitforcert is disabled

Summary - It turns out the client requests the revocation list from the master, you can disable that by setting it’s property to false. You add this line in the puppet.conf file: (on the agent)certificate_revocation = false

Then run on puppetmaster :puppet cert sign --allpuppet cert clean --all

And on the agentrm -rf /var/lib/puppet/ssl/*puppet agent -t

Error: Error 1: err: Could not request certificate: getaddrinfo: Name or service not known

This is when running the puppet agent

Make sure you run puppet under “root”

http://blog.adityapatawari.com/2012/02/puppet-and-common-errors.htmlhttp://bitcube.co.uk/content/puppet-errors-explained

http://www.craigdunn.org/2012/05/239/ <- roles & profiles