|
Puppet - Install
2014/01/26 |
|
Install and setup the Configuration management tool "Puppet".
It's possible to use it on a server with standalone though, but this example setup it with Puppet server and Puppet client environment.
It's necessarry to setup DNS or hosts settings to resolv names or IP address and also NTP settings first.
|
|
| [1] | Install Puppet-master on a Puppet server. |
|
[root@dlp ~]#
[root@dlp ~]# yum -y install http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpm
sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/puppetlabs.repo
[root@dlp ~]#
yum --enablerepo=puppetlabs-products,puppetlabs-deps -y install puppet-server
[root@dlp ~]#
vi /etc/sysconfig/puppetmaster # line 2: uncomment PUPPETMASTER_MANIFEST=/etc/puppet/manifests/site.pp # line 6: uncomment PUPPETMASTER_LOG=syslog # create an empty manifest and start [root@dlp ~]# touch /etc/puppet/manifests/site.pp [root@dlp ~]# /etc/rc.d/init.d/puppetmaster start Starting puppetmaster: [ OK ] [root@dlp ~]# chkconfig puppetmaster on |
| [2] | Install Puppet on a Puppet client. |
|
[root@www ~]#
[root@www ~]# yum -y install http://yum.puppetlabs.com/el/6/products/x86_64/puppetlabs-release-6-7.noarch.rpm
sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/puppetlabs.repo
[root@www ~]#
yum --enablerepo=puppetlabs-products,puppetlabs-deps -y install puppet
[root@www ~]#
vi /etc/sysconfig/puppet # line 2: uncomment and change to Puppet server PUPPET_SERVER= dlp.srv.world
# line 8: uncomment PUPPET_LOG=/var/log/puppet/puppet.log /etc/rc.d/init.d/puppet start Starting puppet agent: [ OK ] [root@www ~]# chkconfig puppet on |
| [3] | Enable certificate from Puppet client on Puppet server. |
|
# confirm certificate [root@dlp ~]# puppet cert list "www.srv.world" (SHA256) xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx # sign [root@dlp ~]# puppet cert sign www.srv.world Notice: Signed certificate request for www.srv.world Notice: Removing file Puppet::SSL::CertificateRequest www.srv.world at '/var/lib/puppet/ssl/ca/requests/www.srv.world.pem' |
| [4] | Make sure Puppet server/client works normally. Puppet clients refer to manifests on Puppet server for every 30 minutes by default, so wait for a moment to make sure or if you'd like to make sure, force reload Puppet client(puppetd). |
|
[root@dlp ~]#
vi /etc/puppet/manifests/site.pp # for example, create a "testgroup" like follows
group { 'testgroup':
ensure => present,
gid => 2000,
}
# reload puppetd if you make sure it [root@www ~]# /etc/rc.d/init.d/puppet reload Restarting puppet agent: [ OK ] # normally created by manifest [root@www ~]# grep testgroup /etc/group testgroup:x:2000: |
| [5] | It's possible to apply manifest in local manually. |
|
[root@dlp ~]# puppet apply /etc/puppet/manifests/site.pp Notice: Compiled catalog for dlp.srv.world in environment production in 0.14 seconds Notice: /Stage[main]/Main/File[/etc/httpd/conf/httpd.conf]/content: content changed ' {md5}27a5c8d9e75351b08b8ca1171e8a0bbd' to '{md5}27e2ef6546dbdda4a2a659d69397d105' Notice: /Stage[main]/Main/Service[httpd]/ensure: ensure changed 'stopped' to 'running' Notice: Finished catalog run in 0.56 seconds |