Puppet Master

I have found two guides but there are many mistakes, I think because the version of puppet and ubuntu used are different
http://www.unixmen.com/install-puppet-master-and-client-in-ubuntu/
https://help.ubuntu.com/12.04/serverguide/puppet.html

I have done everything with ubuntu 12.04 in a virtual environment

Steps to install and configure

Package

In both client and server update the repository to install the last puppet version
both
ubuntu 12.04

wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb
sudo dpkg -i puppetlabs-release-precise.deb

ubuntu 14.04
wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb
sudo dpkg -i puppetlabs-release-trusty.deb

after

sudo apt-get update

in the master install

sudo apt-get install puppetmaster

in the client install

sudo apt-get install puppet

DNS config

Very important to avoid problem configuration add these 2 lines to /etc/hosts on both machines

192.168.58.150 puppetclient.example.com puppetclient
192.168.58.153 puppetmaster.example.com puppetmaster

But is very important that the name of the machine is the same of the host

cat /etc/hostname 
puppetmaster.example.com

or you will receive an error

Errors

if you forget this step and install the puppetmaster you can have this error on the first connection, but there is also the solution in the errors

Error: Could not request certificate: The certificate retrieved from the master does not match the agent's private key.
Certificate fingerprint: A7:90:95:E9:E5:4E:22:99:80:EC:99:6E:E1:C2:2E:2E:10:C2:34:97:6B:88:E2:B0:1F:A7:1A:40:B8:5E:C7:3F
To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.
On the master:
  puppet cert clean ubuntu.localdomain
On the agent:
  rm -f /var/lib/puppet/ssl/certs/ubuntu.localdomain.pem
  puppet agent -t

in the agent (client) I have executed only the rm

Creation of config file

in the master prepare the code

edit the first file

/etc/puppet/manifests/site.pp
class test_class {
        file { '/tmp/testfile':
                ensure => present,
                mode   => 600,
                owner  => root,
                group  => root
        }
}

node puppetclient{
        include test_class
}

Sign of certificate

client

puppet agent --test --server=puppetmaster.example.com --no-daemonize --verbose  --onetime

server, find the request of the client

puppet cert list

sign the request for the client

puppet cert --sign peppelaptop.clavis.local

after the sign the system works correctly

root@puppetclient:~# puppet agent --test --server=puppetmaster.example.com --no-daemonize --verbose  --onetime
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Caching catalog for puppetclientvirtual.example.com
Info: Applying configuration version '1399393437'
Notice: /Stage[main]/Test_class/File[/tmp/testfile]/ensure: created
Notice: Finished catalog run in 0.02 seconds
root@puppetclient:~# cat /tmp/testfile 
root@puppetclient:~# ll /tmp/testfile 
-rw------- 1 root root 0 May  6 09:23 /tmp/testfile

Works with Geppetto and PuppetMaster

I want work from my Eclipse/Geppetto and after update the files in my puppetmaster of test. I used this command from the directory where geppetto works. First I have copied from the puppetmaster:/et/puppet the content and after for update.

rsync -avz . root@puppetmaster:/etc/puppet

it needs of course the authentication by keys.
In the puppet master are changed the owner of files but are not so important because the puppetmaster process runs like puppet users and read the file with the permission of "other" so the user and group are not influence.

Puppet master problems

disk full

If you do a request for a new machine and the disk of puppet master is full create a problem that you need to resolve in this way

master

service puppetmaster stop
rm /var/lib/puppet/ssl/ca/requests/<clientname>.pem
puppet cert clean <clientname>
service puppetmaster start

client

rm -rf /var/lib/puppet/ssl/*
<restart puppet>

Puppet master in debug mode

Run this for debug mode, with CTRL+C interrupt the output and the process , after resolve the problem restart the service normally.

puppet master --no-daemonize --debug

Install a module when you manage the puppetmaster using git

if you can't run directly from your puppetmaster but you need to run from your laptop and after commit with git use this

 puppet module install opentable-rundeck --modulepath=~/git/puppet/modules/

if the command with the —modulepath isn't working

  • ls the directory ~/.puppet/
  • install without —modulepath
  • copy the new directory from ~/.puppet/ to ~/git/puppet/modules/
Salvo diversa indicazione, il contenuto di questa pagina è sotto licenza Creative Commons Attribution-ShareAlike 3.0 License