Extracts from Digitalocean tutorial

From MyWiki
Revision as of 17:29, 5 May 2016 by George2 (Talk | contribs)

Jump to: navigation, search

Reference - https://www.digitalocean.com/community/tutorials/how-to-install-puppet-4-in-a-master-agent-setup-on-ubuntu-14-04
Ubuntu 14.04
timedatectl list-timezones
sudo timedatectl set-timezone America/New_York
sudo apt-get update
sudo apt-get -y install ntp
Configure ntp.conf
sudo service ntp restart
Install puppet

   cd ~ && wget https://apt.puppetlabs.com/puppetlabs-release-pc1-trusty.deb
   sudo dpkg -i puppetlabs-release-pc1-trusty.deb
   sudo apt-get update
   sudo apt-get -y install puppetserver

Configure memory:
sudo vi /etc/default/puppetserver

Start puppetserver
Start Puppet Server Now we're ready to start Puppet Server with this command:
sudo service puppetserver restart
Next, enable Puppet Server so that it starts when your master server boots: sudo /opt/puppetlabs/bin/puppet resource service puppetserver ensure=running enable=true

Install Puppet Agent
Perform these steps on all of your agent servers.
Enable the official Puppet Labs collection repository with these commands: 

   cd ~ && wget https://apt.puppetlabs.com/puppetlabs-release-pc1-trusty.deb
   sudo dpkg -i puppetlabs-release-pc1-trusty.deb

Then install the puppet-agent package: 

   sudo apt-get update
   sudo apt-get install puppet-agent

Now that the Puppet agent is installed, start it with this command:
sudo /opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true

The first time you run the Puppet agent, it generates an SSL certificate and sends a signing request to the Puppet master. After the Puppet master signs the agent's certificate, it will be able to communicate with and control the agent node.

Sign Certificates on Puppet Master
On the Puppet master, run the following command to list all unsigned certificate requests: 

   sudo /opt/puppetlabs/bin/puppet cert list

Sign A Request

To sign a certificate request, use the puppet cert sign command, with the hostname of the certificate you want to sign. For example, to sign host1.nyc3.example.com's certificate, you would use the following command: 

   sudo /opt/puppetlabs/bin/puppet cert sign host1.nyc3.example.com
   or
   sudo /opt/puppetlabs/bin/puppet cert sign --all

View All Signed Requests If you want to view all of the requests, signed and unsigned, run the following command: 

   sudo /opt/puppetlabs/bin/puppet cert list --all

To see a list of facts that are automatically being gathered on your agent node, run the following command: 

   /opt/puppetlabs/bin/facter

Main Manifest File

Puppet uses a domain-specific language to describe system configurations, and these descriptions are saved to files called "manifests", which have a .pp file extension. The default main manifest file is located on your Puppet master server at /etc/puppetlabs/code/environments/production/manifests/site.pp. Let's will create a placeholder file for now: 

   sudo touch /etc/puppetlabs/code/environments/production/manifests/site.pp

Immediate Execution on a Particular Agent Node

It is also possible to initiate the check for a particular agent node manually, by running the following command (on the agent node in question): 

   /opt/puppetlabs/bin/puppet agent --test

Specify a Node

If you want to define a resource for specific nodes, define a node in the manifest.

On the master, edit site.pp: 

   sudo vi /etc/puppetlabs/code/environments/production/manifests/site.pp

Now add the following lines:
site.pp example 

   node 'ns1', 'ns2' {    # applies to ns1 and ns2 nodes
     file {'/tmp/dns':    # resource type file and filename
       ensure => present, # make sure it exists
       mode => '0644',
       content => "Only DNS servers get this file.\n",
     }
   }

   node default {}       # applies to nodes that aren't explicitly defined
Retrieved from "https://wiki.twig.es/index.php?title=Extracts_from_Digitalocean_tutorial&oldid=3268"