Puppet Master and Puppet Client For CentOs or RedHat

This tutorial is about installing and configuring puppet master in centos or RHEL servers. We will also be installing puppet client and connect the client to puppet master so that puppet master can deploy changes to the pupppet client

sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm

sudo rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

for 32 bit download from the below link

sudo rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
  • Now add this repo for ruby dependencies
vi /etc/yum.repos.d/extra.repo
[os]
name=OS 6 Mirror
baseurl=http://ftp.is.co.za/mirror/centos/6/os/x86_64/
gpgcheck=0
enabled=1
[os-updates]
name=OS 6 Updates
baseurl=http://ftp.is.co.za/mirror/centos/6/updates/x86_64/
enabled=1
gpgcheck=0
  • Now clean the old yum cache and build it again
yum clean all

yum repolist

 

  • Install the required packages for puppetmaster , puppet client and ruby-rdoc
yum install puppet-server puppet ruby-rdoc
  • To change hostname , go to /etc/sysconfig/network and change HOSTNAME field
  • Make sure its FQDN, hostname with domain name
vi /etc/sysconfig/network
HOSTNAME= puppet.chandu.com
NETWORKING=yes
  • Another important thing, put ipaddress , fqdn and short name for servers you will be using, in my case i have ipaddress or puppet(puppetmaster and puppet-node(puppet client)
vi /etc/hosts

192.168.2.20            puppet.chandu.com

192.168.2.21            puppet-node.chandu.com

 

reboot

 

mkdir /etc/puppet/files/

 

  • copy /etc/hosts files to /etc/puppet/files/ folder
  • we do this so that puppet knows which servers it is pushing changes to
  • instead of copying host file you can create a file inside /etc/puppet/files/ directory and  put the list of servers in that file
cp /etc/hosts /etc/puppet/files/hosts
  • #add following lines to /etc/puppet/fileserver.conf
vi /etc/puppet/files/fileserver.conf

[Files]
path /etc/puppet/files
  • add following lines to /etc/puppet/auth.conf
vi /etc/puppet/auth.conf
  
#Edited by bijan for puppet file /etc/puppet/files
path /
auth any
allow *
  • /etc/puppet/manifests/ is a folder where all the configurations you want to push to client servers from puppetmaster recides
cd /etc/puppet/manifests

vi site.pp
node default {
file { '/tmp/hello':
content => "Hello,World\n",
}
}

On the [main] section of the puppet.conf file  set the dns_alt_names setting to a comma-separated list of each hostname the master should be allowed to use.

dns_alt_names = puppet, puppetchandu.com

To manually push puppet

cd /etc/puppet/manifests
puppet apply site.pp
puppet agent --test --server puppet
service pupppetmaster start
chkconfig puppetmaster on
service pupppet start
chkconfig puppet on

 

client

make sure you hostname is FQDN

for eg  our node is puppet-node.chandu.com

 

sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm

 

sudo rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

 

                                                or

sudo rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

 

  • Now add this repo for ruby dependencies
vi /etc/yum.repos.d/extra.repo
[os]
name=OS 6 Mirror
baseurl=http://ftp.is.co.za/mirror/centos/6/os/x86_64/
gpgcheck=0
enabled=1
[os-updates]
name=OS 6 Updates
baseurl=http://ftp.is.co.za/mirror/centos/6/updates/x86_64/
enabled=1
gpgcheck=0
  • Now clean the old yum cache and build it again
yum clean all

yum repolist

 

  • Install the required packages for puppet client
yum install puppet
service puppet start
chkconfig puppet on

#) Joining Agent to the Puppet Master

On the puppet.conf file of the agent add the following entries in the [agent] section.

server = puppet.chandu.com

listen = true

report = true

pluginsync = true

request for certificate on client

puppet agent --test

#) Sign the certificates for the agent from the master

$) puppet cert list (will list all the pending certificates)

$) puppet cert sign puppet-node.chandu.com

OR

$) puppet cert sign --all (if you want to sign all pending certificates)
  • Adding more contents to site.pp and deploying to clients

 

vi /etc/puppet/manifests/site.ppwith content " Hello,World"
node default {
file { '/tmp/hello':
content => "Hello, World\n",
owner => 'root',
group => 'root',
mode => '0666',
}
}

 

  • To install a package called vsftpd and make start the service vsftpd (Installing package and insuring service start)
package{"vsftpd": ensure => present,}

service {"vsftpd": ensure => running,}
}

 

  • To create a user called eric, and create user eric a home directory called /home/eric, add comment for user eric (creating User and making passwordless connection)
user{'eric':
ensure => present,
comment => 'Eric, Good',
home => '/home/eric',
managehome => true,

        }
  • setting password less login for user eric from puppetserver as user root
  user => 'eric',        ssh_authorized_key {'from_root_puppet_ssh':

        type => 'rsa',

        key  => 'AAAAB3NzaC1yc2EAAAABIwAAAQEAvc0RhAB0u3vcynLQNWGLC4mw5ktCstTY6tWLQFG4ASn6mACURSnzRL/ZHJMLHO08dOpFSJspOIu9v8NBt7zUK+WAn4f2alI/5xFo+cd2PmYP+7U/C+dKeyetXnL1BNW6WwSXg1MIY1tc0X8rIkjwowBgTAMOojkSehSo95yL3aAxN2dBPGUkB8SmuQh2PCLXJvOl+eE6l1qoGKdXmEAIm0uAL4gB7kyd9CO2NZLnYzbwe1CjqA94ZFsmNgJOeufwR/f6DDQeOWCV8e7sy9d5SWdVAHBP1QuHwNWsCTB99k3PgwVu3QqW9sBnoBjC+/pwXB+m40ye5JzE/zfE4RtP9w==',

                          }

}

 

          To deploy the changes done

puppet agent --test --server puppet

 

working with modules

  • cd /etc/puppet/modules
  • mkdir  /etc/puppet/modules/sudoers
  • cd    /etc/puppet/modules/sudoers
  • mkdir files manifests
  • cd files
  • cp /etc/sudoers /etc/puppet/modules/sudoers/files/
  • chmod 666 sudoers
  • vim sudoers

root    ALL=(ALL)       ALL

eric    ALL=(ALL)       NOPASSWD:  ALL                                       add this below root ALL=(ALL)     ALL

  • cd /etc/puppet/modules/sudoers/manifests/
  • vi init.pp

#Manage the sudoers file

 class sudoers {

            file{‘/etc/sudoers’:

             source => ‘puppet:///modules/sudoers/sudoers’,

              mode => ‘444’,

              owner => ‘root’,

              group => ‘root’,

                        }

              }

  • cd /etc/puppet/manifests
  • vi site.pp

#Creating module and calling module class

include sudoers                                           add this line (class) to site.pp file above }

To deploy the changes done

  • puppet agent –test –server puppet

Now test in client node,

  • su – eric
  • sudo useradd kathmandu
  • grep kathmandu /etc/passwd

            kathmandu:x:501:501::/home/kathmandu:/bin/bash

To run Commands

  • vi /etc/puppet/manifests/site.pp

# running an arbitrary command

        exec { ‘Run arbitrary command’:

         command => ‘/bin/echo I ran this command on /bin/date >> /tmp/commandout.txt’,        }                     add these to end of the  file site.pp before }

}

To deploy the changes done

  • puppet agent –test –server puppet

Adding dashboard

  • yum install mysql-server mysql
  • service mysqld start
  • chkconfig mysqld on
  • mysqladmin -u root password ‘root123’
  • mysql -u root -p

            Enter password:

CREATE DATABASE dashboard CHARACTER SET utf8;

CREATE USER ‘puppetuser’@’localhost’ IDENTIFIED BY ‘root123’;

GRANT ALL PRIVILEGES ON dashboard.* TO ‘puppetuser’@’localhost’;

show database;

SELECT User FROM mysql.user;

exit

  • yum install puppet-dashboard
  • cd /usr/share/puppet-dashboard/config
  • vi database.yml

                        production:

  database: dashboard

  username: puppetuser

  password: root123

  encoding: utf8

  adapter: mysql

development:

  database: dashboard

  username: puppetuser

  password: root123

  encoding: utf8

  adapter: mysql

test:

  database: dashboard

  username: puppetuser

  password: root123

  encoding: utf8

  adapter: mysql

  • cd /usr/share/puppet-dashboard
  • rake db:migrate
  • rake gems:refresh_specs
  • /etc/init.d/puppet-dashboard start
  • chkconfig puppet-dashboard on

#changing mysql parameter

  • vi /etc/my.cnf

            [mysqld]

datadir=/var/lib/mysql

socket=/var/lib/mysql/mysql.sock

user=mysqlmax_allowed_packet = 32M

#Adding reporting to puppet.conf (both in master and agent)

  • vi /etc/puppet/puppet.conf

[main]

    # The Puppet log directory.

    # The default value is ‘$vardir/log’.

    logdir = /var/log/puppet

    # Where Puppet PID files are kept.

    # The default value is ‘$vardir/run’.

    rundir = /var/run/puppet

    server = puppet

    # Where SSL certificates are kept.

    # The default value is ‘$confdir/ssl’.

    ssldir = $vardir/ssl

[agent]

    # The file in which puppetd stores a list of the classes

    # associated with the retrieved configuratiion.  Can be loaded in

    # the separate puppet executable using the –loadclasses

    # option.

    # The default value is ‘$confdir/classes.txt’.

    classfile = $vardir/classes.txt

    # Where puppetd caches the local configuration.  An

    # extension indicating the cache format is added automatically.

   # The default value is ‘$confdir/localconfig’.

   localconfig = $vardir/localconfig

    report = true

[master]

 reports = store, http

reporturl = http://192.168.1.30:3000/reports/upload                           puppetserver ip address

  • cd /etc/puppet/environments
  • service puppetmaster restart
  • service puppet restart
  • chown puppet-dashboard /usr/share/puppet-dashboard/log/
  • service mysqld restart

browse :

http://192.168.1.30:3000

/etc/init.d/puppet-dashboard start (x3)

Leave a Reply