Difference between revisions of "Puppet: Setup and install puppet"
Jump to navigation
Jump to search
| Line 36: | Line 36: | ||
[master] | [master] | ||
certname = puppetmaster.virtual.viglen.co.uk | certname = puppetmaster.virtual.viglen.co.uk | ||
| + | </syntaxhighlight> | ||
| + | I'm autosigning all hosts, too lazy (this would be dangerous in a production setup) | ||
| + | <syntaxhighlight> | ||
| + | $ cat /etc/puppet/autosign.conf | ||
| + | * | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 64: | Line 69: | ||
# this must work | # this must work | ||
ping puppet | ping puppet | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | Clean out all SSL certs (needed to do this as the first few attempts failed - DNS errors, make sure both hosts can resolve each other correctly) | ||
| + | <syntaxhighlight> | ||
| + | $ rm -rf $(puppet agent --configprint ssldir) | ||
| + | $ puppet agent --test | ||
| + | |||
| + | # sample output if it goes through ok | ||
| + | info: Creating a new SSL key for calx13.pxe.boston.co.uk | ||
| + | warning: peer certificate won't be verified in this SSL session | ||
| + | info: Caching certificate for ca | ||
| + | warning: peer certificate won't be verified in this SSL session | ||
| + | warning: peer certificate won't be verified in this SSL session | ||
| + | info: Creating a new SSL certificate request for calx13.pxe.boston.co.uk | ||
| + | info: Certificate Request fingerprint (md5): 20:18:76:F9:6E:D5:89:1D:77:02:61:70:20:04:49:9E | ||
| + | warning: peer certificate won't be verified in this SSL session | ||
| + | warning: peer certificate won't be verified in this SSL session | ||
| + | info: Caching certificate for calx13.pxe.boston.co.uk | ||
| + | pcilib: Cannot open /proc/bus/pci | ||
| + | lspci: Cannot find any working access method. | ||
| + | info: Caching certificate_revocation_list for ca | ||
| + | info: Caching catalog for calx13.pxe.boston.co.uk | ||
| + | info: Applying configuration version '1354922612' | ||
| + | info: Creating state file /var/lib/puppet/state/state.yaml | ||
| + | notice: Finished catalog run in 0.09 seconds | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | == Problems == | ||
| + | Error starting the puppet master after --genconfig | ||
| + | <syntaxhighlight> | ||
| + | root@ubuntu1204-cobbler:~# /etc/init.d/puppetmaster restart | ||
| + | * Restarting puppet master | ||
| + | start-stop-daemon: warning: failed to kill 25584: No such process | ||
| + | Could not prepare for execution: Got 1 failure(s) while initializing: change from directory to file failed: Could not set 'file on ensure: Is a directory - /var/lib/puppet/facts | ||
| + | </syntaxhighlight> | ||
| + | Resolution: Comment out the facts | ||
| + | <syntaxhighlight> | ||
| + | #factdest = /var/lib/puppet/facts/ | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 23:22, 7 December 2012
Make sure you have the EPEL repository available.
Basic Server Setup
yum install puppet facterPuppet configuration files will be in: /etc/puppet
Create the /etc/puppet/puppet.conf file
puppetmasterd --genconfig > /etc/puppet/puppet.confCreate the default /etc/puppet/puppet.conf file. To create the first configuration, run the command:
puppetmasterd --genconfig > puppet.confAdding in a line to autosign certs:
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
# dp autosign
autosign = /etc/puppet/autosign.conf
[master]
certname = puppetmaster.virtual.viglen.co.ukI'm autosigning all hosts, too lazy (this would be dangerous in a production setup)
$ cat /etc/puppet/autosign.conf
*Create the /etc/puppet/manifests/site.pp file
# site.pp
import 'systems/*.pp'
import 'classes/*.pp' # not needed immediately, only when classes are created
Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" } # required when modules need to run exec commandsShow help
If no arguments are entered when using puppet you may get the error " No help available unless you have RDoc::usage installed" to enable help messages install ruby-rdoc.
yum install ruby-rdocBasic Client Setup
- Install puppet
yum install puppet- make sure the /etc/hosts file has an entry for puppet (the master host)
# this must work
ping puppetClean out all SSL certs (needed to do this as the first few attempts failed - DNS errors, make sure both hosts can resolve each other correctly)
$ rm -rf $(puppet agent --configprint ssldir)
$ puppet agent --test
# sample output if it goes through ok
info: Creating a new SSL key for calx13.pxe.boston.co.uk
warning: peer certificate won't be verified in this SSL session
info: Caching certificate for ca
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
info: Creating a new SSL certificate request for calx13.pxe.boston.co.uk
info: Certificate Request fingerprint (md5): 20:18:76:F9:6E:D5:89:1D:77:02:61:70:20:04:49:9E
warning: peer certificate won't be verified in this SSL session
warning: peer certificate won't be verified in this SSL session
info: Caching certificate for calx13.pxe.boston.co.uk
pcilib: Cannot open /proc/bus/pci
lspci: Cannot find any working access method.
info: Caching certificate_revocation_list for ca
info: Caching catalog for calx13.pxe.boston.co.uk
info: Applying configuration version '1354922612'
info: Creating state file /var/lib/puppet/state/state.yaml
notice: Finished catalog run in 0.09 secondsProblems
Error starting the puppet master after --genconfig
root@ubuntu1204-cobbler:~# /etc/init.d/puppetmaster restart
* Restarting puppet master
start-stop-daemon: warning: failed to kill 25584: No such process
Could not prepare for execution: Got 1 failure(s) while initializing: change from directory to file failed: Could not set 'file on ensure: Is a directory - /var/lib/puppet/factsResolution: Comment out the facts
#factdest = /var/lib/puppet/facts/