Installation server and client in Centos 6.7
Puppet server listening on 8140 on the Puppet Master
rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
puppet master service install
yum install puppet-server
command to upgrade Puppet to most newest version
puppet resource package puppet-server ensure=latest
/etc/init.d/puppetmaster restart
On the Master clean the old client certificate:
puppet cert clean <certname>
The server has received the client's CSR which has to be manually signed:
puppet cert sign <certname>
On the Master we can use puppet cert to manage certificates
List the (client) certificates to sign:
puppet cert list
List all certificates: signed (+), revoked (-), to sign ( ):
puppet cert list –all
Sign a client certificate:
puppet cert sign <certname>
Remove a client certificate:
puppet cert clean <certname>
Client stores its certificates and the server's public one in $vardir/ssl** (/var/lib/puppet/ssl on
Puppet OpenSource)
Server stores clients public certificates and in $vardir/ssl/ca (/var/lib/puppet/ssl/ca).
DO NOT remove this directory.
puppet agent install
yum install puppet
upgrade the installed puppet agent
puppet resource package puppet ensure=latest
restart the puppet service
/etc/init.d/puppet restart
puppet agent --test
Run puppet agent in foreground and debug mode:
puppet agent --test –debug
Run a dry-run puppet without making any change to the system:
puppet agent --test –noop
certificate approval (by default 120 seconds) in the first Puppet
puppet agent --test --waitforcert 120
puppet config print all
puppet config print all
puppet config print modulepath
Clean up the client certificate. On the client remove it:
mv /var/lib/puppet/ssl /var/lib/puppet/ssl.old
Puppet some importance path
/var/log/puppet contains logs (but also on normal
syslog files, with facility daemon), both for agents and
master
/var/lib/puppet contains Puppet operational data
(catalog, certs, backup of files…)
/var/lib/puppet/ssl contains SSL certificate
/var/lib/puppet/clientbucket contains backup copies
of the files changed by Puppet
/etc/puppet/manifests/site.pp (On Master) The first
manifest that the master parses when a client connects
in order to produce the configuration to apply to it
(Default on Puppet < 3.6 where are used config-file
environments)
/etc/puppet/environments/production/manifests/site.pp
(On Master) The first manifest that the master parses
when using directory environments (recommended
from Puppet 3.6 and default on Puppt >= 4)
/etc/puppet/modules and
/usr/share/puppet/modules (On Master) The default
directories where modules are searched
/etc/puppet/environments/production/modules (On
Master) An extra place where modules are looked for
when using directory environments
yum -y install mysql-server ruby-mysql
service mysqld start
mysqladmin -u root password 'new-password'
$ mysqladmin -u root -h puppetmaster.localdomain password 'new-password'
$ mysql -u root -p
mysql> \s
--------------
mysql Ver 14.14 Distrib 5.1.69, for redhat-linux-gnu (i386) using readline 5.1
Create the mysql DB and user:
mysql> CREATE DATABASE dashboard CHARACTER SET utf8;
mysql> CREATE USER 'dashboard'@'localhost' IDENTIFIED BY 'my_password';
mysql> GRANT ALL PRIVILEGES ON dashboard.* TO 'dashboard'@'localhost';
sudo vi /etc/my.cnf
[mysqld]
...
# Puppet dashboard - Allowing 32MB allows an occasional 17MB row
# with plenty of spare room
max_allowed_packet = 32M
$ sudo service mysqld restart
Stopping mysqld: [ OK ]
Starting mysqld: [ OK ]
$ mysql -u root -p
...
mysql> show variables like 'max_allowed_packet';
+--------------------+----------+
| Variable_name
| Value
|
+--------------------+----------+
| max_allowed_packet | 33554432 |
+--------------------+----------+
1 row in set (0.00 sec)
2 of 9
Puppet dashboard
yum -y install puppet-dashboard
$ cd /usr/share/puppet-dashboard/config; sudo vi database.yml
production:
database: dashboard
username: dashboard
password: my_password
encoding: utf8
adapter: mysql
Build command
rake RAILS_ENV=production db:migrate
iptables -I INPUT -m state --state NEW -p tcp --dport 3000 -j ACCEPT
cd /usr/share/puppet-dashboard/; sudo -u puppet-dashboard ./script/server -e production
vi /etc/puppet/puppet.conf
puppet agent --verbose –test
https://infinitescalability.wordpress.com/2013/08/25/installingandconfiguring-puppet-dashboard-1-2/
No comments:
Post a Comment